Solved Following instructions to post my FARBAR results here

blakston6286 · 2015/08/12

Here is the first part of the huge new addition file...

Additional scan result of Farbar Recovery Scan Tool (x64) Version:12-08-2015
Ran by DreamChamber (2015-08-12 16:46:36)
Running from C:\Users\DreamChamber\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2619349527-444009395-1191911321-500 - Administrator - Disabled)
DreamChamber (S-1-5-21-2619349527-444009395-1191911321-1000 - Administrator - Enabled) => C:\Users\DreamChamber
Guest (S-1-5-21-2619349527-444009395-1191911321-501 - Limited - Disabled)
IUSER_RETANON (S-1-5-21-2619349527-444009395-1191911321-1003 - Limited - Enabled)
IUSER_RETINA (S-1-5-21-2619349527-444009395-1191911321-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A New Beginning - Final Cut (HKLM-x32\...\Steam App 105000) (Version: - )
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{58597FDC-CDF0-4760-A57C-250DF09F4A21}) (Version: 12.0.2.122 - Adobe Systems, Inc)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version: - Remedy Entertainment)
Alice: Madness Returns (HKLM-x32\...\Steam App 19680) (Version: - Spicy Horse Games)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version: - Frictional Games)
Anachronox (HKLM-x32\...\Steam App 242940) (Version: - )
Anna (HKLM-x32\...\Steam App 217690) (Version: - )
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atlantis - The Lost Tales (HKLM-x32\...\Atlantis - The Lost Tales_is1) (Version: - GOG.com)
ATT-RC Self Support Tool (HKLM\...\ATT-RC) (Version: - )
ATT-RC Self Support Tool (HKLM-x32\...\ATT-RC) (Version: - )
AVG 2013 (Version: 13.0.3408 - AVG Technologies) Hidden
Baldur's Gate: Enhanced Edition (HKLM-x32\...\Steam App 228280) (Version: - Overhaul Games)
Bastion (HKLM-x32\...\Steam App 107100) (Version: - Supergiant Games)
Beneath a Steel Sky (HKLM-x32\...\GOGPACKBENEATH_is1) (Version: 2.0.0.9 - GOG.com)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broken Age (HKLM-x32\...\Steam App 232790) (Version: - Double Fine Productions)
Broken Sword 5 - the Serpent's Curse (HKLM-x32\...\Steam App 262940) (Version: - Revolution Software Ltd)
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version: - Starbreeze Studios AB)
Captain Morgane and the Golden Turtle (HKLM-x32\...\Steam App 264320) (Version: - WizarBox)
Carbonite (HKLM-x32\...\Carbonite Backup) (Version: 5.7.6 build 4832 (May-29-2015) - Carbonite)
Child of Light (HKLM-x32\...\Steam App 256290) (Version: - Ubisoft MontrÃ©al)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Contrast (HKLM-x32\...\Steam App 224460) (Version: - Compulsion Games)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.00 - Creative Technology Limited)
Creative Console Launcher (HKLM-x32\...\Console Launcher) (Version: - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - )
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deponia (HKLM-x32\...\Steam App 214340) (Version: - Daedalic Entertainment)
Dragonsphere (HKLM-x32\...\GOGPACKDRAGONSPHERE_is1) (Version: 2.0.0.14 - GOG.com)
Dream (HKLM-x32\...\Steam App 229580) (Version: - HyperSloth)
DriverUpdate (HKLM-x32\...\{C85A8187-7E95-429D-9C9C-57C10268B3CF}) (Version: 2.2.38275 - SlimWare Utilities, Inc.)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version: - Humble Hearts LLC)
Emerald City Confidential (HKLM-x32\...\Steam App 37260) (Version: - PlayFirst)
EVGA Precision 1.4.0 (HKLM-x32\...\Precision) (Version: - )
Evoland (HKLM-x32\...\Steam App 233470) (Version: - Shiro Games)
Express Zip (HKLM-x32\...\ExpressZip) (Version: - NCH Software)
Fable Anniversary (HKLM-x32\...\Steam App 288470) (Version: - Lionhead Studios)
Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Fable III (x32 Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Fable III (x32 Version: 1.0.0002.131 - Microsoft Game Studios) Hidden
Faery - Legends of Avalon (HKLM-x32\...\Steam App 303790) (Version: - Spiders Studio)
Ghost Master (HKLM-x32\...\Steam App 6200) (Version: - Sick Puppies)
GOG.com Downloader version 3.5.8 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.5.8 - GOG.com)
Golden FTP Server (HKLM-x32\...\Golden FTP Server) (Version: - )
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Half-Life Dedicated Server Update Tool (HKLM-x32\...\Half-Life Dedicated Server Update Tool) (Version: - )
Haunted Memories (HKLM-x32\...\Steam App 241640) (Version: - MadMan Theory Games)
Ipswitch WS_FTP 12 (HKLM-x32\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 12.3 - Ipswitch)
Iron Storm (HKLM-x32\...\Iron Storm_is1) (Version: - GOG.com)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Journey of a Roach (HKLM-x32\...\Steam App 255300) (Version: - Koboldgames)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kairo (HKLM-x32\...\Steam App 233230) (Version: - )
LEGO Lord of the Rings (HKLM-x32\...\Steam App 214510) (Version: - Traveller's Tales)
Leisure Suit Larry in the Land of the Lounge Lizards: Reloaded (HKLM-x32\...\Steam App 231910) (Version: - nFusion Interactive)
Lifeless Planet (HKLM-x32\...\Steam App 261530) (Version: - Stage 2 Studios)
LIMBO (HKLM-x32\...\Steam App 48000) (Version: - )
Lure of the Temptress (HKLM-x32\...\GOGPACKLURE_is1) (Version: 2.0.0.2 - GOG.com)
Machinarium (HKLM-x32\...\Steam App 40700) (Version: - Amanita Design)
magicJack (HKU\S-1-5-21-2619349527-444009395-1191911321-1000\...\magicJack) (Version: 3.1.6970.4873 - magicJack L.P.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Memoria (HKLM-x32\...\Steam App 243200) (Version: - Daedalic Entertainment)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.1 (HKLM\...\{8A837C47-2B21-4FDF-8370-41A1EB6A26E8}) (Version: 1.10.123.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Morrowind (HKLM-x32\...\{C325F588-D6B1-4A7F-B6A2-914C75DDA348}) (Version: - )
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM-x32\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
n52te Editor (HKLM-x32\...\{0AC8162B-5175-41D7-B963-8307A40BD456}) (Version: 5.01 - Razer USA Ltd.)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA MediaShield (HKLM-x32\...\{CC452A50-5C87-4A1F-B295-445C3C69BF7D}) (Version: 11.1.0.43 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Oblivion - Horse Armor Pack (HKLM-x32\...\{3ABEBD00-299D-4DCA-967F-B912163AB5EA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Knights of the Nine (HKLM-x32\...\{14C87AA7-08E6-419F-A165-998EBE5023D7}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Mehrunes Razor (HKLM-x32\...\{EF295F5C-7B57-47AA-8889-6B3E8E214E89}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Orrery (HKLM-x32\...\{EC425CFC-EE78-4A91-AA25-3BFA65B75364}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Spell Tomes (HKLM-x32\...\{16D919E6-F019-4E15-BFBE-4A85EF19DA57}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Thieves Den (HKLM-x32\...\{FFFFFD17-B460-41EB-93F1-C48ABAD63828}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Vile Lair (HKLM-x32\...\{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Wizard's Tower (HKLM-x32\...\{2F2E3D62-8B8C-448F-8900-451325E50948}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outlast (HKLM-x32\...\Steam App 238320) (Version: - Red Barrels)
Post Mortem (HKLM-x32\...\Post Mortem_is1) (Version: - GOG.com)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Quest for Glory Pack (HKLM-x32\...\GOGPACKQUESTFORGLORY_is1) (Version: 2.0.0.32 - GOG.com)
RealDownloader (x32 Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.70 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
REGSERVO (HKLM\...\REGSERVO) (Version: 1.0.9.3 - Tuneup System Software Pvt Ltd.)
Return to Mysterious Island 2 (HKLM-x32\...\Steam App 277270) (Version: - Anuman)
Risen (HKLM-x32\...\Steam App 40300) (Version: - Piranha – Bytes)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
Robin Hood: The Legend of Sherwood (HKLM-x32\...\Robin Hood: The Legend of Sherwood_is1) (Version: - GOG.com)
Sacred 2 Gold (HKLM-x32\...\Steam App 225640) (Version: - Ascaron)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.44 (10/23/2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.58.01(10/20/2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.17 (9/17/2014) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.10 (6/20/2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.05 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.18 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.05.00 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version: - Harebrained Schemes)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Sound Blaster X-Fi (HKLM-x32\...\{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}) (Version: 1.0 - )
SoundFont Bank Manager (HKLM-x32\...\SFBM) (Version: 3.21 - Creative Technology Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Still Life 2 (HKLM-x32\...\Still Life 2_is1) (Version: - GOG.com)
STK02N 2.3 (HKLM-x32\...\{E42E07F5-5A90-4BA9-B55A-79FCF9EAF9B5}) (Version: 2.3 - Syntek)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
TES Construction Set (HKLM-x32\...\{DB3C800B-081B-4146-B4E3-EFB5B77AA913}) (Version: - )
The Book of Unwritten Tales (HKLM-x32\...\Steam App 215160) (Version: - )
The Book of Unwritten Tales: The Critter Chronicles (HKLM-x32\...\Steam App 221830) (Version: - KING Art)
The Cave (HKLM-x32\...\Steam App 221810) (Version: - Double Fine Productions)
The Dark Eye: Chains of Satinav (HKLM-x32\...\Steam App 203830) (Version: - Daedalic Entertainment)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Journey Down: Chapter One (HKLM-x32\...\Steam App 220090) (Version: - )
The Journey Down: Chapter Two (HKLM-x32\...\Steam App 262850) (Version: - SkyGoblin)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.6.0.87 - KMP Media co., Ltd)
The Last Express Gold Edition (HKLM-x32\...\Steam App 252710) (Version: - DotEmu)
The Raven - Legacy of a Master Thief (HKLM-x32\...\Steam App 233370) (Version: - KING Art)
The Room (HKLM-x32\...\Steam App 288160) (Version: - Fireproof Games)
The Talos Principle (HKLM-x32\...\Steam App 257510) (Version: - Croteam)
The Testament of Sherlock Holmes (HKLM-x32\...\Steam App 205650) (Version: - Frogwares)
The Vanishing of Ethan Carter (HKLM-x32\...\Steam App 258520) (Version: - The Astronauts)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
Tinker (HKLM-x32\...\GFWL_{584109EB-4A5E-4467-B3C4-5C1000008300}) (Version: 1.0.0000.131 - Microsoft Corporation)
Tinker (x32 Version: 1.0.0000.131 - Microsoft Corporation) Hidden
Tinker (x32 Version: 1.0.0001.131 - Microsoft Corporation) Hidden
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - )
Treasure Adventure Game (HKLM-x32\...\GOGPACKTREASUREADVENTUREGAME_is1) (Version: 2.0.0.4 - GOG.com)
Tyrian 2000 (HKLM-x32\...\GOGPACKTYRIAN2000_is1) (Version: 2.0.0.11 - GOG.com)
Ultima 4 - Quest of the Avatar (HKLM-x32\...\GOGPACKULTIMA4FREE_is1) (Version: 2.0.0.19 - GOG.com)
Unearthed: Trail of Ibn Battuta - Episode 1 - Gold Edition (HKLM-x32\...\Steam App 263680) (Version: - Semaphore)
Unity Web Player (HKU\S-1-5-21-2619349527-444009395-1191911321-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Warsow (HKLM-x32\...\GOGPACKWARSOW_is1) (Version: 2.1.0.12 - GOG.com)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - NVIDIA (nvlddmkm) Display (10/02/2012 9.18.13.0697) (HKLM\...\F676611C704DA775123AEFA1ACFB365586E0A874) (Version: 10/02/2012 9.18.13.0697 - NVIDIA)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Worlds of Ultima - Martian Dreams (HKLM-x32\...\GOGPACKWORLDSOFULTIMAMARTIAN_is1) (Version: 2.0.0.17 - GOG.com)
Worlds of Ultima - The Savage Empire (HKLM-x32\...\GOGPACKWORLDSOFULTIMASAVAGE_is1) (Version: 2.0.0.26 - GOG.com)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

12-08-2015 14:49:00 Installed AVG 2015
12-08-2015 14:49:54 Installed AVG 2015
12-08-2015 14:55:12 Removed AVG 2015
12-08-2015 15:16:36 Installed AVG 2015
12-08-2015 15:19:44 Installed AVG 2015
12-08-2015 15:23:58 Removed AVG 2015

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 05:34 - 2015-08-06 15:47 - 00450718 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com

There are 1000 more lines.

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F7A06E2-EC81-47DC-A0A9-60C9AB1BA22E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {15AB5337-1A52-4213-BEFE-1484FA42D603} - System32\Tasks\{5ACE07E1-C925-4319-89BC-B50B69CBBB82} => pcalua.exe -a "C:\Users\DreamChamber\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RMRJKHAJ\Bloodmoon_v1.6.1820.exe" -d C:\Users\DreamChamber\Desktop
Task: {160EE151-CD01-417E-B53E-09FF8B72D973} - System32\Tasks\{00C78FBD-2B23-47B4-B138-E858A0B1F3AF} => pcalua.exe -a D:\setup.exe -d D:\
Task: {1D7F9A9E-F57A-42E1-83FE-51310F12E4FA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2F1C57BA-AF04-43F9-AD92-E383DB58195D} - System32\Tasks\Event Viewer Tasks\System_Microsoft-Windows-WLAN-AutoConfig_4001 => delete
Task: {3211AF84-3B8D-44ED-9EEC-7E62300E12FC} - \0 -> No File <==== ATTENTION
Task: {324BA9A9-AE27-49EE-B96D-6FA7D5387D5F} - System32\Tasks\{E76CBE4F-A63D-4AF4-AA40-1AF7BE91075A} => pcalua.exe -a D:\hoae-setup.exe -d D:\
Task: {44588C2B-6CD3-4375-89D0-2E8292701321} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {522889E9-6C6F-4DF6-8304-937362443400} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {5D8ADC28-56BB-4353-A13D-493CED3E5F40} - System32\Tasks\{F935128E-D0CA-4E12-B960-C4DB2B5AEFC0} => pcalua.exe -a D:\Oblivion_v1.1FinalEnglish.exe -d D:\
Task: {76FBADBE-7D6E-483F-BE92-595F5E7D78B1} - System32\Tasks\{161BC034-A2F9-4C45-B98E-A3F9CAA2F5E5} => pcalua.exe -a "C:\Users\DreamChamber\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\76WJL2XW\msicuu2.exe" -d C:\Users\DreamChamber\Desktop
Task: {777133AF-7DE9-4B6F-8D92-9C339A7EE67C} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - DreamChamber => C:\Program Files\Windows Calendar\wincal.exe [2008-01-20] (Microsoft Corporation)
Task: {783787B0-5BA7-450C-9299-B275BFD82ADE} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [1999-12-31] (Microsoft Corporation)
Task: {98B124D3-F221-47AB-A768-231F8F5D5D4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {9B960591-D34D-44F1-B9D0-D522D633E224} - \SparkTrust PC Cleaner Plus Startup -> No File <==== ATTENTION
Task: {BAE552B8-4FA4-45E3-B28C-52A40155CFA3} - System32\Tasks\{C5AEF25B-68A7-472B-9F3D-2E197CD5FD9D} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Motive\InstallHelper.exe" -c /UninstallVendor=ATT-RC /Dir=C:\Program Files (x86)\ATT-RC
Task: {C318B1B8-0C18-4941-81E4-EC50422D2466} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [1999-12-31] (Microsoft Corporation)
Task: {CE52D313-75C6-4EB7-865D-C1E9505B8A76} - \SparkTrust PC Cleaner Plus_sch_AF48A024-36E9-11E5-9D1B-00044B18017B -> No File <==== ATTENTION
Task: {FBDE459B-A905-4C75-98C2-377B050DE693} - System32\Tasks\{5E59136F-58AA-4374-82C2-F3AAEA122179} => pcalua.exe -a "C:\Remote Programs\Chicken Invaders 3\GPlrLanc.exe" -c -LOpCode 2 /RemoveContent cid=742650;name=Chicken Invaders 3;dir=C:\Remote Programs\Chicken Invaders 3\;prvid=143;cmdid=1;prvdir=Default

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-10-22 12:01 - 2013-05-29 05:01 - 00034304 _____ () C:\Windows\System32\ssm4mlm.dll
2014-10-22 12:23 - 2014-04-16 01:22 - 00029184 _____ () C:\Windows\System32\usp01l.dll
2014-10-22 12:23 - 2014-07-24 11:54 - 01194496 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\usp01du.dll
2013-07-24 15:05 - 2010-09-28 15:56 - 06550136 _____ () C:\Program Files\ipswitch\WS_FTP 12\res0409.dll
2009-07-25 10:28 - 2009-07-25 10:28 - 00107520 _____ () C:\Program Files (x86)\Golden FTP Server\gftp.dll
2013-07-18 13:53 - 2013-07-18 13:53 - 00089088 _____ () C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
2014-09-08 14:39 - 2014-09-08 14:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 14:38 - 2014-09-08 14:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-04 15:27 - 2015-07-23 21:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2010-12-01 23:16 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2010-12-01 23:16 - 2009-03-26 14:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2010-05-06 00:51 - 2010-05-06 00:51 - 00002560 _____ () C:\Windows\system32\CTXFIRES.DLL
2014-05-14 09:45 - 2014-05-14 09:45 - 00090624 _____ () C:\Program Files (x86)\PasswordBox\libwebsocketswin32.dll
2013-07-24 15:05 - 2010-09-28 15:53 - 00948496 _____ () C:\Program Files (x86)\Ipswitch\WS_FTP 12\LIBEAY32.dll
2013-07-24 15:05 - 2010-09-28 15:53 - 00153360 _____ () C:\Program Files (x86)\Ipswitch\WS_FTP 12\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\DreamChamber\Documents\Hate Campaign.eml:OECustomProperty

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7867 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2619349527-444009395-1191911321-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DreamChamber\Pictures\IMAG0071.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

blakston6286 · 2015/08/12

Here is the second part of the huge Addition file.../

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WMP-Out-TCP] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-In-UDP] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-TCP-x86] => (Allow) C:\Program Files (x86)\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP-x86] => (Allow) C:\Program Files (x86)\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-In-UDP-x86] => (Allow) C:\Program Files (x86)\Windows Media Player\wmplayer.exe
FirewallRules: [{6C805D06-7BF1-4ED1-99E8-A5BDFDFA58FD}] => (Allow) C:\Program Files (x86)\Windows Media Player\wmplayer.exe
FirewallRules: [{6C7E0B85-326E-4E9D-9AFD-FB6F0890BE5D}] => (Allow) C:\Program Files (x86)\Windows Media Player\wmplayer.exe
FirewallRules: [{710102DD-B5B2-47A1-8384-0E193E95DF96}] => (Allow) C:\Program Files (x86)\Windows Media Player\wmplayer.exe
FirewallRules: [{43A51583-A549-4A22-BBAC-6DED583794E4}] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [{7815BD68-CCE1-48ED-97B2-18A07C36DE42}] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [{32252F8D-3EE3-4267-AD3B-DE9FA4544FD1}] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [{E723C4A0-BD99-424F-A768-5806EAFBA9B0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E6490522-1649-4ACD-92C0-A4B2604B2A8E}] => (Allow) LPort=2869
FirewallRules: [{31EC4C25-53A7-48DC-9ECD-3FC3EFD4D487}] => (Allow) LPort=1900
FirewallRules: [{E8D00341-6A0F-471F-A40A-AA0E1589DB5B}] => (Allow) LPort=80
FirewallRules: [{84A9F3EE-E34A-4D55-B87D-985A67FB7723}] => (Allow) LPort=80
FirewallRules: [{9D1BD6B0-D44B-447E-AA71-956BB918EF2E}] => (Allow) LPort=80
FirewallRules: [{63A7AECF-4779-40F2-93B7-A56D986EEABB}] => (Allow) C:\Program Files (x86)\Microsoft Corporation\Tinker\Tinker.exe
FirewallRules: [{87C4E1FC-8967-49A2-8C46-4AB83BC21369}] => (Allow) C:\Program Files (x86)\Microsoft Corporation\Tinker\Tinker.exe
FirewallRules: [{C0772168-061F-4485-8EAB-33C69C083774}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6F1123A1-826E-4DBC-9A03-4835F01C4F19}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E3F87C7F-9FA6-4453-9AD5-E3595197BC99}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia Trailer\smp.exe
FirewallRules: [{55DC6C7C-C78A-4B96-995D-F92C027918C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia Trailer\smp.exe
FirewallRules: [{94C217C2-A05C-4D12-8EE5-8B20DEBF9B86}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Book of Unwritten Tales\bout.exe
FirewallRules: [{0A0CE445-36A3-4984-81D9-CBA35003110F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Book of Unwritten Tales\bout.exe
FirewallRules: [{E5957A48-D37A-4E39-87F6-AA644F419E3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{26343B81-FF6A-4659-BE2C-490A5CC0CB8C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{53AC81F1-FCF9-4625-A66E-805795B22593}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{529BF7F5-1FD0-43B6-A31D-3FFE9B2CA480}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{0E3C33AA-BCEC-4069-95B8-72D58D1E7549}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Journey Down\JourneyDown1.exe
FirewallRules: [{6EFB4A9E-7762-4689-BAA0-C1120E9A8128}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Journey Down\JourneyDown1.exe
FirewallRules: [{501D0C58-FCF7-4B9F-90A6-1854A1033381}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Emerald City Confidential\ECC.exe
FirewallRules: [{5EDC79F2-B6C7-4F58-9D35-A10E0AF5F1F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Emerald City Confidential\ECC.exe
FirewallRules: [{9F33D380-D856-4000-9A6F-B1C2423F07E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machinarium\machinarium.exe
FirewallRules: [{BF741BD0-7B61-43BD-8F68-5A4B9C2F77A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machinarium\machinarium.exe
FirewallRules: [{B7BD8765-E900-41F8-870E-64E1237C1172}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{C54B45AA-05FB-4B1D-B42E-78AF4D9D091D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{3F618135-CDAE-4943-99B0-7268634188D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{61708097-A6F2-4F74-91E2-B767B98F344F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{4EF1BC08-498C-44E1-94D9-6B2B0A0B6B4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Testament of Sherlock Holmes\game.exe
FirewallRules: [{4E82234C-9FFB-4795-9F07-17B149FEC563}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Testament of Sherlock Holmes\game.exe
FirewallRules: [{72268711-3952-4225-AB69-D63C119237E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{FECEFE16-F16A-4628-AB65-FBFC6D3E8DEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [TCP Query User{4D29FCA0-6E90-450A-BD6A-50DA132DF794}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{FFF3132E-95F7-45B6-BCE7-7C77AB8A5242}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{7F4363DD-7A7B-46E3-AE0B-2C8E3D146DCE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LEGO Lord of the Rings\LEGOLOTR.exe
FirewallRules: [{11D76BEE-EEEC-4656-B556-9993753ED0BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LEGO Lord of the Rings\LEGOLOTR.exe
FirewallRules: [{34EDEDD7-E071-4309-ACB2-0A956324CFF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{86CE3F67-29A0-4D22-91C4-83CB5865C86A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{E750D382-65EC-4411-B7AB-A0470CD5E727}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Evoland\Evoland.exe
FirewallRules: [{E75158E2-6FBA-49AC-A1F6-3CA4AB8CDF9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Evoland\Evoland.exe
FirewallRules: [{E67492A8-341A-49CB-B9BB-996E2CE68B22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{F28FCB23-F024-4554-A718-86B0BD7EB900}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{0A3DB786-3004-4DC3-BD69-B968907906F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheDarkEye Cos\satinav.exe
FirewallRules: [{4DFC538A-3100-4FE8-828B-0260DFB2BC52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheDarkEye Cos\satinav.exe
FirewallRules: [{0829A590-BF71-4B32-8D8B-6701E3C4150C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheDarkEye Cos\VisionaireConfigurationTool.exe
FirewallRules: [{A15B7EC2-AE31-4549-B51D-026B2874C839}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheDarkEye Cos\VisionaireConfigurationTool.exe
FirewallRules: [{7C35CAED-9D36-46C5-92DB-1DB0EF6E4EA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{8FEFA663-0629-4CCD-880B-DEA42D67A398}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{16B070E2-F933-40D8-A783-F7E105233CB5}] => (Allow) C:\Users\DreamChamber\AppData\Roaming\mjusbsp\magicJack.exe
FirewallRules: [{4D1E24D5-DCDF-4B46-AEA2-138F9568F467}] => (Allow) C:\Users\DreamChamber\AppData\Roaming\mjusbsp\magicJack.exe
FirewallRules: [{8762880A-E21E-4700-A9AB-A2EB4C072ADF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ghost Master\ghost.exe
FirewallRules: [{83D6AC2B-38C8-4DC0-8F33-A14EBC7B6A01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ghost Master\ghost.exe
FirewallRules: [{9646B5F2-A59E-4CE9-9822-47E16ADC63FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{E04CB441-8F15-4395-B073-7B351FBC615D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{975AA82C-2B4A-4CFE-9217-7A0CF13DC67C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Testament of Sherlock Holmes\game.exe
FirewallRules: [{F4A60AF2-AC22-47FF-A7C7-BB4A2988DD54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Testament of Sherlock Holmes\game.exe
FirewallRules: [{A155D0FA-94EB-4BCD-843D-EDA566B3EB03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anna\Anna.exe
FirewallRules: [{59F33DAB-2DE0-4E7C-9EC0-B28640D26F24}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anna\Anna.exe
FirewallRules: [TCP Query User{9C0C97B2-0B2F-46B9-97A8-A192AC8933A0}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{2D4478E8-3EE7-443F-8385-77969431C1F6}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [TCP Query User{E1160F59-8071-465E-A357-9F61C75C5D15}C:\program files (x86)\golden ftp server\gftp.exe] => (Block) C:\program files (x86)\golden ftp server\gftp.exe
FirewallRules: [UDP Query User{855E5751-5965-40EA-A9B4-D04A2D070FF4}C:\program files (x86)\golden ftp server\gftp.exe] => (Block) C:\program files (x86)\golden ftp server\gftp.exe
FirewallRules: [TCP Query User{C12FEE73-B7F2-45C5-8840-65832A8FE63C}C:\program files (x86)\golden ftp server\gftp.exe] => (Allow) C:\program files (x86)\golden ftp server\gftp.exe
FirewallRules: [UDP Query User{9C657844-CFE8-4779-8B34-3F2115655AB1}C:\program files (x86)\golden ftp server\gftp.exe] => (Allow) C:\program files (x86)\golden ftp server\gftp.exe
FirewallRules: [{A2B89529-019B-4EA4-BCE9-20B1AA5981C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{104042D1-5718-4EFB-8150-5849971642DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{6139F550-4F0B-4D79-9989-591709AA9B6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anna\Anna.exe
FirewallRules: [{B545B9FF-CC11-4DBF-95B8-DD931C2562DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anna\Anna.exe
FirewallRules: [{3D8B5FD6-8053-40A3-8D95-53EE9A5B2CBD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{D8955A97-84F6-4B78-94E6-6AAD4FF9A889}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{4D7016D8-3351-42A9-817B-B6D3F5391516}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Memoria\memoria.exe
FirewallRules: [{A318002C-41FF-4F67-8113-EFA457280C97}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Memoria\memoria.exe
FirewallRules: [{C6E65CC0-B40E-4E31-BB45-B3486C6D282F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Memoria\VisionaireConfigurationTool.exe
FirewallRules: [{EC7706CE-35C0-45F1-9D14-6C83CEBAE0F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Memoria\VisionaireConfigurationTool.exe
FirewallRules: [{8E3BB1E1-3899-4D33-B53A-0E233AA4E7FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{7A7934A6-0B9B-4D1E-8FB7-224B680BF608}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{B6FB4C1B-9FEE-445B-9635-12E90572FFA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\A New Beginning\anb.exe
FirewallRules: [{B536EC33-1D0E-422F-B915-1286AD89C56B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\A New Beginning\anb.exe
FirewallRules: [{AFAB982B-6E59-4CC4-8E69-94FA88B55018}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\A New Beginning\VisionaireConfigurationTool.exe
FirewallRules: [{AF78A47A-BE3D-4BCB-93D2-1140AA0EC337}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\A New Beginning\VisionaireConfigurationTool.exe
FirewallRules: [{E9E2FDFD-5A29-4FC5-861F-0C46C75CFB1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HauntedMemories\hm.exe
FirewallRules: [{087FA986-46F4-42C5-955D-C281C73FE514}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HauntedMemories\hm.exe
FirewallRules: [{886D0B37-1A89-4373-A36E-366FDB86CDC9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A0385A17-9F83-4C03-A30C-CCCB20E587B4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D93B12E4-E341-4EBA-83C2-619A638B027D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{D25E3459-3132-4C74-B6D4-431140EAFE98}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{FBDB0759-BD40-4AD1-BEEE-76B04A999A8D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Leisure Suit Larry in the Land of the Lounge Lizards Reloaded\LarryReloaded.exe
FirewallRules: [{DBB12787-01A3-4BBE-A2E3-69D774A412B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Leisure Suit Larry in the Land of the Lounge Lizards Reloaded\LarryReloaded.exe
FirewallRules: [{E342A094-31FE-4F36-8B1A-5DC33AEC43E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kairo\Kairo.exe
FirewallRules: [{64934275-AFA1-4BE7-BC58-D83504A758A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kairo\Kairo.exe
FirewallRules: [{C3C1A0B8-B841-442E-B006-531CEE670CB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kairo\Kairo.exe
FirewallRules: [{982376E6-DAFB-403B-AC68-E62EF27C0885}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kairo\Kairo.exe
FirewallRules: [{D221E20C-5BBF-4E60-931D-C816780B1CFA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{06E1979B-8D09-4B57-B38A-444FAA6C91D7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6757E637-8DE6-4B4E-BC4F-88B2DFCB89DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Return To Mysterious Island 2\RTMI2.exe
FirewallRules: [{272E76F6-07D1-430F-B74A-F1F2638AA7BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Return To Mysterious Island 2\RTMI2.exe
FirewallRules: [{188ABF2A-A850-4C74-ADC7-71EC65687AF2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Age\BrokenAge.exe
FirewallRules: [{F6FDABE2-5758-486D-B513-D9CFB0A84D48}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Age\BrokenAge.exe
FirewallRules: [{89F9C6ED-FD2F-4F4B-AF43-0C8185C527F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{28F87B43-10CB-4D70-8133-E8172D2FEB00}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{05A942DF-5BEF-49AB-AEB5-90251AB2956D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Child of Light\ChildofLight.exe
FirewallRules: [{441400B2-9F65-413A-89FF-63BA0770311B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Child of Light\ChildofLight.exe
FirewallRules: [{E3A7E869-AB5F-4C09-BD29-8E41004A51D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Child of Light\ChildofLight.exe
FirewallRules: [{AD5471C9-7E48-4987-9713-50C194FFD79E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Child of Light\ChildofLight.exe
FirewallRules: [{47EBE63E-BF14-4BFF-A8E8-E48B3FB811D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{E9D4DC42-A075-428F-B9DF-03B5D595B57E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{EBCE6BA0-336B-48D5-AAD2-01D0E5A2D245}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lifeless Planet\LifelessPlanet.exe
FirewallRules: [{1F881849-C0AE-45E0-9EB1-F0C705F1B182}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lifeless Planet\LifelessPlanet.exe
FirewallRules: [{930C63F3-1D9A-43E5-8D9C-8D189F592F56}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Faery - Legends of Avalon\FaerySteam.exe
FirewallRules: [{6DAC62DB-360E-4BCE-AB11-469652575779}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Faery - Legends of Avalon\FaerySteam.exe
FirewallRules: [{5B3FADE6-39C7-4DA4-9AF9-B4617270198B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CaptainMorgane\CaptainMorgane.exe
FirewallRules: [{B118B1DE-37BD-431F-A1A7-2858017BE61C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CaptainMorgane\CaptainMorgane.exe
FirewallRules: [{FFC330E3-700A-4516-A32F-68499836179F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Journey of a Roach\JoaR.exe
FirewallRules: [{DD0F4CAC-2D07-4DE3-B445-230C71C95DA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Journey of a Roach\JoaR.exe
FirewallRules: [{CAF32BCC-99A4-4715-B43F-06AABC9B45D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Journey of a Roach\JoaR_config.exe
FirewallRules: [{6222AB04-0882-48FF-865F-470B29673021}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Journey of a Roach\JoaR_config.exe
FirewallRules: [{859A9BE6-5C98-471A-B7CE-DCBE46B2E2EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{75FBD50E-3B7D-4E47-9262-F2843B13B787}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [TCP Query User{8ED55DB9-6C93-416B-84AF-3C9FAF2F01BF}C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [UDP Query User{552C1AEA-2242-4E3C-A073-3AF5DB6CFAC8}C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [{60E4950B-1DD8-4BFA-BF7A-E3C5097BB8A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risen\bin\Risen.exe
FirewallRules: [{A551178D-27BF-4C17-8FE0-297B168CBDFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risen\bin\Risen.exe
FirewallRules: [{8B0A0B0E-91A7-4709-9C2B-81DD15E79B21}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LastExpress\TheLastExpressSteam.exe
FirewallRules: [{6667778F-B083-4D24-BBEE-DA63619A4FF2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LastExpress\TheLastExpressSteam.exe
FirewallRules: [{7AFF8D4C-20A5-4BAE-BEF3-58C2D25C6524}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\UnearthedEpisode1\Unearthed-Episode1.exe
FirewallRules: [{A786CEC3-9A3D-482A-B0A4-FB82F04FC618}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\UnearthedEpisode1\Unearthed-Episode1.exe
FirewallRules: [{6D2AC9E1-85B6-48B9-BE46-C94B1F672C43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheRoom\TheRoom.exe
FirewallRules: [{A1442EB3-501C-43E2-AA3C-A1BBD2A9E5DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheRoom\TheRoom.exe
FirewallRules: [{70B7BA2D-08E3-47DA-8616-5A31E4BDD1E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{445B1BDE-3752-4F32-8198-65724A140122}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{890C595C-A9AD-4963-9482-96AFD117A36D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A6C4087C-4D8C-4845-9D73-2DBB721DA950}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{691AC28F-7D68-4B50-A303-AEFFE90BD0BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia\Deponia.exe
FirewallRules: [{56B43602-4602-4435-87FB-21A1A17EB257}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia\Deponia.exe
FirewallRules: [{4CA07892-E6AA-4786-967F-A223227B7FDF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{CB161629-3252-420C-9E0D-08B01FE5E001}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{C57A5A44-BA89-4DF2-A220-1F37443C1E82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risen 2\system\Risen2.exe
FirewallRules: [{DA939A19-A558-43A3-807E-6235DE311C13}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risen 2\system\Risen2.exe
FirewallRules: [{698D3538-683C-4B60-AB59-F9DD2FC5204E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Journey Down Chapter Two\JourneyDown2.exe
FirewallRules: [{4D582771-C07C-4FAC-9643-03D98FC8BEAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Journey Down Chapter Two\JourneyDown2.exe
FirewallRules: [{16AE40C5-FC00-4B06-AE81-80D3FBD7F361}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{88A3CDC1-7835-4A18-B8B3-26A962D2ED09}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{B67FE4CA-25D2-44C1-A173-CC68DD893EDE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{27632974-B315-4AD9-8EFD-FC91A99543A2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{E6FF4733-A080-4348-8109-48FF4FAFAD2F}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{4BE44172-CCE1-4670-B217-9FBDDAD3C7FB}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{0E4E3CA5-F359-487B-914F-5CACC8B93EB1}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [{C21886FB-D31B-40AD-8E53-9E4BE8A526D2}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{97062D20-CAFF-4FBB-A4BF-723FF3490486}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{BC78D06E-04DC-4E92-B1CC-D7F9285923E2}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [{E06147D2-BF13-4219-A547-013D2AEF0346}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [TCP Query User{677D14F1-1014-456A-9558-B9AF15642143}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe
FirewallRules: [UDP Query User{65EE236F-0041-4CA6-A031-7525D7657EC6}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe
FirewallRules: [{0FDA2C04-DE4E-4513-8A51-260F241D770E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{6EBF2892-3CD6-4124-BBF6-2F5FC87F055E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{0C661DEF-ED1F-4AEC-A238-D45BECD48760}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{9E071ABB-58E6-4E02-955D-19065D339E09}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{4E806844-B872-4366-84B1-26DABE087E4C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{96EA26E2-543E-487C-A32B-1BBF18313EA3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{260F6F92-63DF-4D44-BC63-98982BBFE98B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{21604EF8-72DA-4416-975B-5B1D0FE94ABA}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{F37178CD-F3D1-4D21-92F5-339695CB8ED3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{1E5921EA-AA57-4B4F-BB06-9C82B814CAAA}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{EAB81D90-6120-4728-AB10-60B0F55E3D37}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{28790628-496B-4654-A8D4-768CC533F467}] => (Allow) C:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [{A7F7767E-0004-479B-AA32-C192DBED92B8}] => (Allow) C:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [{3C445696-82B6-475C-BB25-7017D485202B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Critter Chronicles\CritterChronicles.exe
FirewallRules: [{F9FAED49-C904-4CF0-9C79-14BFDB10E641}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Critter Chronicles\CritterChronicles.exe
FirewallRules: [{02B122B9-8F0F-4C6C-8C70-A97C307D4A2E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F74858E0-A0BF-402B-A4BC-32FC0765A6AE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{039F2748-AD5A-4F90-BEA2-50668B0FD119}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anachronox\anox.exe
FirewallRules: [{7B7A764F-85F1-436A-9D6D-2235C7C38469}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anachronox\anox.exe
FirewallRules: [{CD44F53C-519A-4C5F-BCE6-5875489379EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Vanishing of Ethan Carter\Binaries\Launcher.exe
FirewallRules: [{D9D1BD49-B037-482B-98BC-54EEDB7376F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Vanishing of Ethan Carter\Binaries\Launcher.exe
FirewallRules: [{999D753C-FE01-42D3-ACFF-08E9DF06918C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCave\Cave.exe
FirewallRules: [{7917CE1A-B6E9-4A87-8AD8-C8B37B110AFB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCave\Cave.exe
FirewallRules: [{A0DD83BF-4EC7-4C92-B3A1-9A89BAB5CF72}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bastion\Bastion.exe
FirewallRules: [{D594218A-FC4F-4B44-BFDF-140D5B1536D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bastion\Bastion.exe
FirewallRules: [{F862957A-B458-4219-97B4-385AE20A8E44}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{793220AC-51DF-439D-AFC3-E2DB1A34540F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{EDDA5A84-92AF-4DCE-A4CB-41A80A2FC69A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{A73575E3-32E6-48A8-A198-C93761E8199E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{D46305AE-91CC-40A6-B377-FF574DD28B99}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dream\_Rift\Binaries\Win32\DreamRift.exe
FirewallRules: [{49F36C5D-4961-4BB8-B4CE-F4C5A4DDE91A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dream\_Rift\Binaries\Win32\DreamRift.exe
FirewallRules: [{3DA751A3-AD21-4A7D-AD65-F091BC3D2FE9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6D155C01-F698-4F3D-BA92-854B42BE029B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0C74EDDD-4A71-41EF-A8FF-C61245FE0CDF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E7164EC4-2DA7-4EB4-B544-A714A50C2BD3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FC808EDB-18FC-4AE8-AA36-C306E9184C1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Contrast\Binaries\Win32\ContrastGame.exe
FirewallRules: [{B8D3F327-7637-42C9-A72E-0CA3C51BE695}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Contrast\Binaries\Win32\ContrastGame.exe
FirewallRules: [{2FBC66AC-663C-4CE0-9635-E252E68EEFCC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe
FirewallRules: [{26CE163E-464C-40F1-B8E5-007367A59526}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe
FirewallRules: [{ABF4589F-0D1E-4CD3-8EB4-FE666C490ABD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Sword 5\BS5.exe
FirewallRules: [{318A27DA-10BF-4E67-A3BB-635DE28EDC6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Sword 5\BS5.exe
FirewallRules: [{99A1D6B7-0534-4134-AD3A-D90785D88480}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{63BCA985-8DCE-45BF-9670-3A493498BACB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{EFE3A83F-1F4B-4A33-8014-F217A5BC486E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{B6368057-9622-49A0-A9F8-ADDC426E6BC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{FC800AB4-6593-419A-87E5-A2950D9954CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{D77EA657-0D6D-4B22-B5E8-921BE172287F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{25A03098-847F-45F4-8F61-B4E707984A61}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dream\Binaries\Win32\Dream.exe
FirewallRules: [{730A6A27-B356-43A8-8630-5C640B6E2271}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dream\Binaries\Win32\Dream.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\GOG.com\Iron Storm\IronStorm.exe] => Enabled:Iron Storm
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\GOG.com\Iron Storm\IronStorm_DS.exe] => Enabled:Iron Storm DS

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/12/2015 04:43:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2015 04:43:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0 "1 ".
Dependent Assembly rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/12/2015 04:43:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0 "1 ".
Dependent Assembly rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/12/2015 03:21:42 PM) (Source: MsiInstaller) (EventID: 11311) (User: DreamChamber-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\MFAData\pack\basea.cab. Verify that the file exists and that you can access it.

Error: (08/12/2015 03:19:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2015 03:19:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0 "1 ".
Dependent Assembly rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/12/2015 03:19:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0 "1 ".
Dependent Assembly rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/12/2015 02:53:00 PM) (Source: MsiInstaller) (EventID: 10005) (User: DreamChamber-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27028. CA_Error27028: WriteCfgValue(0xE001003E): Writing config value failed

Error: (08/12/2015 02:52:47 PM) (Source: MsiInstaller) (EventID: 11311) (User: DreamChamber-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\MFAData\pack\GUIa.cab. Verify that the file exists and that you can access it.

Error: (08/12/2015 02:51:56 PM) (Source: MsiInstaller) (EventID: 11311) (User: DreamChamber-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\MFAData\pack\basea.cab. Verify that the file exists and that you can access it.

System errors:
=============
Error: (08/12/2015 04:43:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Beep
Lbd
SBRE

Error: (08/12/2015 04:43:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: DgiVecp%%2

Error: (08/12/2015 04:42:02 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (08/12/2015 03:19:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Beep
Lbd
SBRE

Error: (08/12/2015 03:19:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: DgiVecp%%2

Error: (08/12/2015 02:52:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: AVG AVI Loader Driver%%3758161981

Error: (08/12/2015 09:04:06 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: PEVSystemStart

Error: (08/12/2015 09:00:26 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: PEVSystemStart

Error: (08/12/2015 08:39:07 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Beep
Lbd
SBRE

Error: (08/12/2015 08:39:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: DgiVecp%%2

Microsoft Office:
=========================
Error: (08/12/2015 04:43:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2015 04:43:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0 "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe

Error: (08/12/2015 04:43:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0 "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe

Error: (08/12/2015 03:21:42 PM) (Source: MsiInstaller) (EventID: 11311) (User: DreamChamber-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\MFAData\pack\basea.cab. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)

Error: (08/12/2015 03:19:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2015 03:19:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0 "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe

Error: (08/12/2015 03:19:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0 "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe

Error: (08/12/2015 02:53:00 PM) (Source: MsiInstaller) (EventID: 10005) (User: DreamChamber-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27028. CA_Error27028: WriteCfgValue(0xE001003E): Writing config value failed(NULL)(NULL)(NULL)(NULL)

Error: (08/12/2015 02:52:47 PM) (Source: MsiInstaller) (EventID: 11311) (User: DreamChamber-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\MFAData\pack\GUIa.cab. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)

Error: (08/12/2015 02:51:56 PM) (Source: MsiInstaller) (EventID: 11311) (User: DreamChamber-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\MFAData\pack\basea.cab. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)

CodeIntegrity:
===================================
Date: 2015-08-12 16:46:28.794
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-12 16:46:28.606
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-12 16:46:28.419
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-12 16:46:28.216
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-12 16:46:27.764
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-12 16:46:27.577
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-12 16:46:27.374
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-12 16:46:27.156
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-12 16:46:00.074
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-12 16:45:59.887
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz
Percentage of memory in use: 40%
Total physical RAM: 4093.64 MB
Available physical RAM: 2434.02 MB
Total Virtual: 8362.51 MB
Available Virtual: 6653.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:35.95 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Fable III) (CDROM) (Total:7.56 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 481862CC)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of log ============================

blakston6286 · 2015/08/12

Do you need the Shortcut file?

blakston6286 · 2015/08/12

Disregard this post... I kept getting a time out and wait 30 seconds message.....

broni · 2015/08/12

I'm really sorry about your wasted 40 bucks. Truly.

As for your AVG installation issue try offline installation package : http://free.avg.com/ww-en/free-antivirus-download

Let me know if it worked and we'll go from there.

blakston6286 · 2015/08/15

I went to the link you provided and I still get install error...
I am going to try and open the saved install log so yuou can see what is happening and maybe tell me what is going on that I seem to be not doing correctly..
Well I tried to open the log file and got confused by the results so I am copy and pasting the actual file in this post. I hope you will be able to open it and make sense of all the different categories.
OK tried to copy and paste the file. It won't let me.
I did save it to my desktop but everytime I try to copy and paste it won't let me...Kinda ******* here...All I get when I try to run the program is install error. destination can't be found.

broni · 2015/08/15

OK, let's forget AVG. I think we're wasting time here.
Run AVG Remover to make sure there are no leftovers: http://www.avg.com/us-en/utilities

Install ONE of these:

- Avast! free antivirus: http://www.avast.com/eng/download-avast-home.html

- free Microsoft Security Essentials: http://windows.microsoft.com/en-GB/windows/products/security-essentials
Note for Windows 8 users: Microsoft Security Essentials comes preinstalled and renamed as Windows Defender.
You can keep it or you have to disable it before installing another AV program. How to...

- free Comodo Antivirus: http://www.comodo.com/home/internet-security/antivirus.php

When done...

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

Double-click to run it. When the tool opens click Yes to disclaimer.

Make sure you checkmark Addition.txt box.

Press Scan button.

Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

blakston6286 · 2015/08/17

OK I did the AVG Remover and installed AVAST...My next post will be the Farbar results you requested.

blakston6286 · 2015/08/17

Here is the first part of the huge file for FRST...

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
Ran by DreamChamber (administrator) on DREAMCHAMBER-PC (17-08-2015 16:33:35)
Running from C:\Users\DreamChamber\Desktop
Loaded Profiles: DreamChamber (Available Profiles: DreamChamber)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(KMiNT21 Software) C:\Program Files (x86)\Golden FTP Server\GFTP.exe
(Syntek Ltd.) C:\Windows\STK02N\STK02NM.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Razer USA Ltd.) C:\Program Files (x86)\n52te\n52teHid.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Ipswitch) C:\Program Files (x86)\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [855608 2007-09-26] (Microsoft Corporation)
HKLM\...\Run: [NVRaidService] => C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe [291944 2010-04-09] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-23] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 1999-12-31] (Realtek Semiconductor)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 1999-12-31] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 1999-12-31] (Microsoft Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [Jomantha] => C:\Program Files (x86)\n52te\n52teHid.exe [159744 2008-06-13] (Razer USA Ltd.)
HKLM-x32\...\Run: [CTxfiHlp] => C:\Windows\SysWOW64\CTXFIHLP.EXE [25600 2010-05-06] (Creative Technology Ltd)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1065680 2015-05-29] (Carbonite, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-17] (AVAST Software)
HKU\S-1-5-21-2619349527-444009395-1191911321-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-2619349527-444009395-1191911321-1000\...\Run: [cdloader] => C:\Users\DreamChamber\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2013-05-06] (magicJack L.P.)
HKU\S-1-5-21-2619349527-444009395-1191911321-1000\...\Run: [GoldenFTPserver] => C:\Program Files (x86)\Golden FTP Server\GFTP.exe [1710592 2012-06-05] (KMiNT21 Software)
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-05-29] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-05-29] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-05-29] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-17] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-05-29] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-05-29] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-05-29] (Carbonite, Inc.)
BootExecute:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2619349527-444009395-1191911321-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2619349527-444009395-1191911321-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2619349527-444009395-1191911321-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-17] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-04-16] (RealDownloader)
BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll [2015-05-04] (PasswordBox, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-02] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-17] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-02] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2619349527-444009395-1191911321-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{283EFCBD-9A8F-4AAC-B999-7F2525913441}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5ADBCBA9-F140-41A8-9DDA-7670F01ADF35}: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\DreamChamber\AppData\Roaming\Mozilla\Firefox\Profiles\h6c98cvc.default
FF DefaultSearchEngine.US: Google
FF Homepage: https://www.malwarebytes.org/restorebrowser//
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2013-07-18] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2013-07-18] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-04-16] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-09] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2619349527-444009395-1191911321-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\DreamChamber\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-12-02]
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-07-18]
FF HKLM-x32\...\Firefox\Extensions: [firefox@passwordbox.com] - C:\Program Files (x86)\PasswordBox\Firefox
FF Extension: PasswordBox - C:\Program Files (x86)\PasswordBox\Firefox [2013-11-21]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-17]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-17]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-17] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-17] (Avast Software)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-07-04] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-07-04] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-23] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2010-05-24] (Alcatel-Lucent) [File not signed]
R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-05-24] (Alcatel-Lucent) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-23] (NVIDIA Corporation)
R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
S3 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [427008 2010-04-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64712 2015-08-17] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-17] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-17] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [210936 2015-08-17] (AVAST Software)
R3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65224 2015-08-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-17] (AVAST Software)
S1 Beep; no ImagePath
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-03-03] (GFI Software)
S3 JmtFltr; C:\Windows\System32\drivers\JmtFltr.sys [46464 2007-09-29] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-17] (AVAST Software)
S3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [243712 2012-08-29] (Realtek Semiconductor Corp.) [File not signed]
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [788696 1999-12-31] (Realsil Semiconductor Corporation)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [377560 1999-12-31] (Realsil Semiconductor Corporation)
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2011-03-14] (support.com, Inc)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-01-10] (Anchorfree Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-17] (Avast Software)
R3 vhidmini; C:\Windows\System32\DRIVERS\vhidmini.sys [13952 2007-09-29] (Windows (R) Codename Longhorn DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CT20XUT.DLL; system32\CT20XUT.DLL [X]
S3 CTEXFIFX.DLL; system32\CTEXFIFX.DLL [X]
S3 CTHWIUT.DLL; system32\CTHWIUT.DLL [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RET55a64; \??\C:\Program Files (x86)\BeyondTrust\Retina 5\Scanner\RET55a64.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-17 16:33 - 2015-08-17 16:33 - 00021065 _____ C:\Users\DreamChamber\Desktop\FRST.txt
2015-08-17 16:25 - 2015-08-17 16:28 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-08-17 16:25 - 2015-08-17 16:28 - 00000000 ____D C:\Windows\system32\vbox
2015-08-17 16:24 - 2015-08-17 16:24 - 00000000 ____D C:\Users\DreamChamber\AppData\Roaming\AVAST Software
2015-08-17 16:23 - 2015-08-17 16:23 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-08-17 16:23 - 2015-08-17 16:23 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-17 16:23 - 2015-08-17 16:23 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-17 16:23 - 2015-08-17 16:23 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-17 16:23 - 2015-08-17 16:23 - 00210936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2015-08-17 16:23 - 2015-08-17 16:23 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-17 16:23 - 2015-08-17 16:23 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2015-08-17 16:23 - 2015-08-17 16:23 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-17 16:23 - 2015-08-17 16:23 - 00064712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2015-08-17 16:23 - 2015-08-17 16:23 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-17 16:23 - 2015-08-17 16:23 - 00003838 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-17 16:23 - 2015-08-17 16:23 - 00001785 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-08-17 16:23 - 2015-08-17 16:22 - 01048856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1439853808348
2015-08-17 16:23 - 2015-08-17 16:22 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-08-17 16:22 - 2015-08-17 16:22 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-17 16:21 - 2015-08-17 16:21 - 00000000 ____D C:\Program Files\AVAST Software
2015-08-17 16:19 - 2015-08-17 16:19 - 05685584 _____ (AVAST Software) C:\Users\DreamChamber\Desktop\avast_free_antivirus_setup_online.exe
2015-08-17 16:13 - 2015-08-17 16:15 - 00455736 _____ C:\Users\DreamChamber\Desktop\avgremover.log
2015-08-17 16:13 - 2015-08-17 16:13 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\DreamChamber\Desktop\avg_remover_stf_x64_2015_5501.exe
2015-08-12 16:14 - 2015-08-12 16:14 - 195404960 _____ (Microsoft Corporation) C:\Users\DreamChamber\Desktop\msert.exe
2015-08-12 09:07 - 2015-08-12 09:07 - 00020881 _____ C:\ComboFix.txt
2015-08-12 08:28 - 2015-08-12 08:28 - 11972672 _____ (OPSWAT, Inc.) C:\Users\DreamChamber\Desktop\AppRemover.exe
2015-08-12 07:46 - 2015-08-12 09:07 - 00000000 ____D C:\Qoobox
2015-08-12 07:46 - 2015-08-12 09:05 - 00000000 ____D C:\Windows\erdnt
2015-08-12 07:46 - 2011-06-25 23:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-12 07:46 - 2010-11-07 10:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-12 07:46 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-12 07:46 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-12 07:46 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-12 07:46 - 2000-08-30 17:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-12 07:46 - 2000-08-30 17:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-12 07:46 - 2000-08-30 17:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-12 07:45 - 2015-08-12 07:45 - 05634368 ____R (Swearware) C:\Users\DreamChamber\Desktop\ComboFix.exe
2015-08-09 12:54 - 2015-08-17 16:33 - 02173440 _____ (Farbar) C:\Users\DreamChamber\Desktop\FRST64.exe
2015-08-09 12:54 - 2015-08-17 16:33 - 00000000 ____D C:\FRST
2015-08-09 11:58 - 2015-08-17 16:03 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-09 11:58 - 2015-08-09 11:58 - 00003906 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-09 11:57 - 2015-08-17 16:15 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-09 11:57 - 2015-08-09 11:57 - 00931408 _____ (Google Inc.) C:\Users\DreamChamber\Desktop\GoogleEarthProSetup.exe
2015-08-09 11:57 - 2015-08-09 11:57 - 00003654 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-06 15:47 - 2015-08-06 15:47 - 00450718 ____R C:\Windows\system32\Drivers\etc\hosts.20150806-154725.backup
2015-08-06 15:47 - 2015-07-30 12:09 - 00000768 _____ C:\Windows\system32\Drivers\etc\hosts.20150806-154708.backup
2015-08-06 15:19 - 2015-08-06 15:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-03 22:47 - 2015-07-22 21:06 - 42730128 _____ C:\Windows\system32\nvcompiler.dll
2015-08-03 22:47 - 2015-07-22 21:06 - 30487880 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-08-03 22:47 - 2015-07-22 21:06 - 22950544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-08-03 22:47 - 2015-07-22 21:06 - 17615408 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-08-03 22:47 - 2015-07-22 21:06 - 16151688 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-08-03 22:47 - 2015-07-22 21:06 - 15129192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-08-03 22:47 - 2015-07-22 21:06 - 14503880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-08-03 22:47 - 2015-07-22 21:06 - 13268712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-08-03 22:47 - 2015-07-22 21:06 - 11836680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-08-03 22:47 - 2015-07-22 21:06 - 11055248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-08-03 22:47 - 2015-07-22 21:06 - 02933576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-08-03 22:47 - 2015-07-22 21:06 - 02600592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-08-03 22:47 - 2015-07-22 21:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll
2015-08-03 22:47 - 2015-07-22 21:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll
2015-08-03 22:47 - 2015-07-22 21:06 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-08-03 22:47 - 2015-07-22 21:06 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-08-03 22:46 - 2015-07-22 21:06 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-08-03 22:46 - 2015-07-22 21:06 - 03407144 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-08-03 22:46 - 2015-07-22 21:06 - 03008880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-08-01 01:53 - 2015-08-01 01:53 - 00000296 _____ C:\Windows\system32\spsys.log
2015-07-30 17:33 - 2015-07-30 17:33 - 00000000 _____ C:\Users\Public\Desktop\Carbonite Setup.log
2015-07-30 17:32 - 2015-07-30 17:32 - 00001967 _____ C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
2015-07-30 11:51 - 2015-08-10 17:24 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-07-30 11:40 - 2015-07-30 11:40 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-30 11:17 - 2015-07-30 12:20 - 00000000 ____D C:\Users\DreamChamber\Desktop\Malware Cleaners
2015-07-30 11:12 - 2015-08-10 19:00 - 00000000 ____D C:\AdwCleaner
2015-07-30 11:07 - 2015-08-10 18:50 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-30 11:07 - 2015-07-30 11:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-30 11:07 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-30 11:07 - 2015-06-18 08:41 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-30 11:07 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-27 12:39 - 2015-07-14 09:02 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-27 12:39 - 2015-07-14 08:45 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-27 12:39 - 2015-07-14 07:34 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-27 12:39 - 2015-07-14 07:23 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-27 12:38 - 2015-06-27 09:03 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-27 12:38 - 2015-06-27 09:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-27 12:38 - 2015-06-27 09:02 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-27 12:38 - 2015-06-27 09:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-27 12:38 - 2015-06-27 09:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-07-27 12:38 - 2015-06-27 08:40 - 01304576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-27 12:38 - 2015-06-27 08:40 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-27 12:38 - 2015-06-27 08:40 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-27 12:38 - 2015-06-27 08:39 - 01065472 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-07-27 12:38 - 2015-06-27 07:30 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-27 12:38 - 2015-06-27 07:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-27 12:38 - 2015-06-12 06:13 - 00516544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-27 12:38 - 2015-01-08 17:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-27 12:36 - 2015-07-03 09:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-27 12:36 - 2015-07-03 08:41 - 01916416 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-27 12:36 - 2015-06-24 20:09 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-27 12:35 - 2015-05-31 01:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-27 12:35 - 2015-05-31 00:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-27 12:34 - 2015-06-17 09:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-27 12:34 - 2015-06-17 09:23 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-27 12:34 - 2015-06-17 08:18 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-27 12:34 - 2015-06-17 08:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-27 12:34 - 2015-06-12 09:03 - 00304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-27 12:34 - 2015-06-12 08:46 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-27 12:24 - 2015-06-16 18:52 - 02343936 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-27 12:24 - 2015-06-16 18:50 - 10936320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-27 12:24 - 2015-06-16 18:50 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-27 12:24 - 2015-06-16 18:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-27 12:24 - 2015-06-16 18:47 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-27 12:24 - 2015-06-16 18:46 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-27 12:24 - 2015-06-16 18:46 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-27 12:24 - 2015-06-16 18:46 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-27 12:24 - 2015-06-16 18:46 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-27 12:24 - 2015-06-16 18:46 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-27 12:24 - 2015-06-16 18:46 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-27 12:24 - 2015-06-16 18:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-07-27 12:24 - 2015-06-16 18:46 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-27 12:24 - 2015-06-16 18:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-27 12:24 - 2015-06-16 18:45 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-27 12:24 - 2015-06-16 18:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-27 12:24 - 2015-06-16 18:45 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-27 12:24 - 2015-06-16 18:45 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-07-27 12:24 - 2015-06-16 18:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-07-27 12:24 - 2015-06-16 18:14 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-27 12:24 - 2015-06-16 18:10 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-27 12:24 - 2015-06-16 18:09 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-27 12:24 - 2015-06-16 18:09 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-27 12:24 - 2015-06-16 18:09 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-27 12:24 - 2015-06-16 18:09 - 00421888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-27 12:24 - 2015-06-16 18:08 - 00718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-27 12:24 - 2015-06-16 18:08 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-27 12:24 - 2015-06-16 18:08 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-27 12:24 - 2015-06-16 18:08 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-07-27 12:24 - 2015-06-16 18:08 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-27 12:24 - 2015-06-16 18:08 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-27 12:24 - 2015-06-16 18:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-27 12:24 - 2015-06-16 18:08 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-27 12:24 - 2015-06-16 18:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-27 12:24 - 2015-06-16 18:08 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-07-27 12:24 - 2015-06-16 18:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-07-27 12:23 - 2015-07-02 23:18 - 17887744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-27 12:23 - 2015-07-02 23:01 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-27 12:23 - 2015-07-02 22:31 - 12386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-27 12:23 - 2015-07-02 22:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-27 12:23 - 2015-06-16 18:45 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-07-27 12:23 - 2015-06-16 18:12 - 09750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-27 12:23 - 2015-06-16 18:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-27 12:23 - 2015-06-16 18:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-07-22 16:02 - 2015-07-22 16:03 - 61982592 _____ (Enigma Software Group USA, LLC.) C:\Users\DreamChamber\Downloads\SpyHunter-Installer(2).exe
2015-07-21 23:45 - 2015-07-21 23:45 - 00000000 ____D C:\Users\DreamChamber\AppData\Local\CEF
2015-07-19 17:39 - 2015-07-19 17:39 - 00000000 _____ C:\autoexec.bat
2015-07-19 17:36 - 2015-07-19 17:36 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\DreamChamber\Downloads\SpyHunter-Installer.exe
2015-07-19 17:35 - 2015-07-19 17:35 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\DreamChamber\Downloads\SpyHunter-Installer(1).exe
2015-07-19 17:18 - 2015-07-27 13:16 - 00021687 _____ C:\Windows\iis7.log
2015-07-19 17:17 - 2015-07-19 17:17 - 00000000 ____D C:\inetpub
2015-07-19 15:24 - 2015-07-19 15:24 - 00000453 _____ C:\Users\DreamChamber\AppData\Local\LMIR0002.tmp.bat
2015-07-19 15:24 - 2015-07-19 15:24 - 00000378 _____ C:\Users\DreamChamber\AppData\Local\LMIR0002.tmp_r.bat
2015-07-19 15:00 - 2015-07-19 15:20 - 00000000 ____D C:\Users\DreamChamber\AppData\Roaming\TeamViewer

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will b

blakston6286 · 2015/08/17

Here is the rest of the FRST file..

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-17 16:27 - 2012-08-19 00:06 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-17 16:26 - 2011-04-05 19:26 - 00003742 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7F8DF2E1-8A53-420C-A65D-ADD16D73CDDC}
2015-08-17 16:18 - 2008-01-20 18:53 - 01290774 _____ C:\Windows\WindowsUpdate.log
2015-08-17 16:15 - 2010-12-02 20:43 - 00000000 ____D C:\Program Files (x86)\AVG
2015-08-17 16:15 - 2006-11-02 08:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-17 16:15 - 2006-11-02 08:22 - 00004112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-17 16:15 - 2006-11-02 08:22 - 00004112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-17 16:14 - 2015-03-19 13:52 - 00077354 _____ C:\Windows\PFRO.log
2015-08-17 16:13 - 2006-11-02 08:42 - 00032648 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-15 19:15 - 2012-04-08 15:06 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-15 11:44 - 2015-06-16 11:18 - 00000000 ____D C:\Users\DreamChamber\Desktop\GAMES
2015-08-15 11:42 - 2012-12-31 23:29 - 00000000 ____D C:\Users\DreamChamber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-15 11:23 - 2014-10-28 11:29 - 00000099 _____ C:\Users\Public\LMDebug.log
2015-08-12 15:37 - 2013-09-15 08:50 - 00000000 ___RD C:\Users\DreamChamber\Desktop\SOFTWARE FOR CLEANING COMPUTER
2015-08-12 09:04 - 2006-11-02 05:34 - 00000215 _____ C:\Windows\system.ini
2015-08-12 08:48 - 2014-09-30 19:51 - 00001212 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-08-12 08:44 - 2010-12-02 13:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2015-08-12 07:15 - 2012-04-08 15:06 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 07:15 - 2012-04-08 15:06 - 00003682 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 07:15 - 2011-05-18 13:57 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-09 11:58 - 2010-12-17 19:07 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-09 11:34 - 2013-07-30 13:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-03 22:51 - 2010-12-01 21:20 - 00000000 ____D C:\Users\DreamChamber
2015-07-27 13:37 - 2010-12-01 23:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-27 13:22 - 2006-11-02 05:46 - 00800432 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-27 13:16 - 2006-11-02 08:21 - 00265032 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-27 13:12 - 2006-11-02 06:34 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2015-07-27 13:12 - 2006-11-02 06:34 - 00000000 ____D C:\Windows\system32\inetsrv
2015-07-27 12:33 - 2013-08-09 05:01 - 00000000 ____D C:\Windows\system32\MRT
2015-07-27 11:52 - 2013-05-04 19:29 - 00001584 _____ C:\Users\DreamChamber\Documents\TombRaider.log
2015-07-22 21:06 - 2015-06-27 10:38 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-07-22 21:06 - 2014-12-23 18:33 - 15892200 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-22 21:06 - 2014-11-07 12:47 - 12876336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-07-22 18:31 - 2012-01-04 12:46 - 06873744 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-07-22 18:31 - 2012-01-04 12:46 - 03493008 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-07-22 18:31 - 2012-01-04 12:46 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-07-22 18:31 - 2012-01-04 12:46 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-07-22 18:31 - 2012-01-04 12:46 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-07-22 18:31 - 2008-12-25 09:08 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-07-20 13:16 - 2006-11-02 06:33 - 00000000 ____D C:\Windows\rescache
2015-07-20 07:16 - 2014-05-26 18:08 - 05121613 _____ C:\Windows\system32\nvcoproc.bin
2015-07-19 16:09 - 2013-09-13 13:12 - 00000000 ____D C:\Users\DreamChamber\AppData\Local\LogMeIn Rescue Applet
2015-07-19 16:09 - 2010-12-17 19:07 - 00000000 ____D C:\Program Files\Google
2015-07-19 15:36 - 2015-05-30 19:13 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-19 15:33 - 2010-12-17 19:07 - 00000000 ____D C:\Users\DreamChamber\AppData\Local\Google

==================== Files in the root of some directories =======

2010-12-08 22:43 - 2010-04-02 20:53 - 2145345536 _____ () C:\Program Files\bigfile.000
2010-12-08 22:46 - 2010-04-02 21:00 - 2146330624 _____ () C:\Program Files\bigfile.002
2010-12-08 22:47 - 2010-04-02 21:01 - 857427968 _____ () C:\Program Files\bigfile.003
2010-12-08 22:48 - 2010-04-02 21:01 - 0356104 _____ () C:\Program Files\binkw32.dll
2010-12-08 22:48 - 2010-04-02 21:01 - 0330504 _____ (Firelight Technologies) C:\Program Files\fmodex.dll
2010-12-08 22:48 - 2010-04-02 21:01 - 0561736 _____ () C:\Program Files\LÃ©eme.rtf
2010-12-08 22:48 - 2010-04-02 21:01 - 0544376 _____ () C:\Program Files\readme.rtf
2010-12-08 22:48 - 2010-04-02 21:03 - 0000831 _____ () C:\Program Files\tru.lnk
2010-12-08 22:48 - 2010-04-02 21:03 - 0000618 _____ () C:\Program Files\tru.mcl
2010-12-08 22:48 - 2010-04-02 21:02 - 0129707 _____ () C:\Program Files\TruMCE.png
2010-12-08 22:48 - 2010-04-02 21:01 - 0337160 _____ (Eidos Inc.) C:\Program Files\uninst.exe
2013-09-14 12:22 - 2014-06-02 13:36 - 0003744 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2003-05-28 18:10 - 2003-05-28 18:10 - 0656107 _____ () C:\Program Files (x86)\msxml4.cab
2003-04-21 22:49 - 2003-04-21 22:49 - 0669184 _____ () C:\Program Files (x86)\msxml4sxs32.msm
2003-04-21 22:49 - 2003-04-21 22:49 - 0679424 _____ () C:\Program Files (x86)\msxml4sys32.msm
2015-07-30 11:05 - 2015-07-30 11:46 - 0000115 _____ () C:\Users\DreamChamber\AppData\Roaming\LogFile.txt
2012-03-17 07:43 - 2012-03-17 07:43 - 0026311 _____ () C:\Users\DreamChamber\AppData\Roaming\UserTile.png
2014-02-28 20:03 - 2014-07-19 14:05 - 0000161 _____ () C:\Users\DreamChamber\AppData\Roaming\WB.CFG
2012-03-31 08:50 - 2012-07-10 22:12 - 0000680 _____ () C:\Users\DreamChamber\AppData\Local\d3d9caps.dat
2010-12-01 21:20 - 2013-04-17 12:08 - 0001460 _____ () C:\Users\DreamChamber\AppData\Local\d3d9caps64.dat
2012-06-11 17:52 - 2015-06-07 11:16 - 0044032 _____ () C:\Users\DreamChamber\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-19 01:06 - 2015-04-16 12:20 - 0744082 _____ () C:\Users\DreamChamber\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
2012-08-19 01:06 - 2012-08-19 01:06 - 0000002 _____ () C:\Users\DreamChamber\AppData\Local\dd_dotnetfx35error.txt
2012-08-19 01:06 - 2015-04-16 12:21 - 0749340 _____ () C:\Users\DreamChamber\AppData\Local\dd_dotnetfx35install.txt
2013-08-31 00:08 - 2013-08-31 00:09 - 2973106 _____ () C:\Users\DreamChamber\AppData\Local\dd_NET_Framework35_x64_MSI391E.txt
2012-08-19 01:07 - 2012-08-19 01:08 - 2468120 _____ () C:\Users\DreamChamber\AppData\Local\dd_NET_Framework35_x64_MSI5664.txt
2014-03-22 13:08 - 2014-03-22 13:08 - 0375516 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI02E6.txt
2012-12-18 00:00 - 2012-12-18 00:00 - 0365736 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI10DC.txt
2012-10-15 22:35 - 2012-10-15 22:35 - 0363378 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI157D.txt
2013-03-16 09:31 - 2013-03-16 09:31 - 0372370 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI21D5.txt
2013-07-17 12:14 - 2013-07-17 12:14 - 0372704 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI2896.txt
2011-08-06 15:08 - 2011-08-06 15:08 - 0424688 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI2D11.txt
2014-03-27 22:27 - 2014-03-27 22:27 - 0373736 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI351D.txt
2013-08-31 00:07 - 2013-08-31 00:07 - 0386884 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI3850.txt
2013-08-31 00:07 - 2013-08-31 00:07 - 0376780 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI385D.txt
2013-07-16 11:30 - 2013-07-16 11:30 - 0372704 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI391F.txt
2014-08-02 16:39 - 2014-08-02 16:39 - 0373428 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI3C32.txt
2014-01-29 02:38 - 2014-01-29 02:38 - 0373106 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI419F.txt
2014-12-20 23:57 - 2014-12-20 23:57 - 0366102 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI45D7.txt
2013-07-24 15:05 - 2013-07-24 15:05 - 0439678 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI4E1E.txt
2013-07-24 15:05 - 2013-07-24 15:05 - 0422738 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI4E86.txt
2014-09-02 17:33 - 2014-09-02 17:34 - 0364672 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI5BFA.txt
2012-10-26 19:28 - 2012-10-26 19:28 - 0363484 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI61D4.txt
2013-08-12 13:56 - 2013-08-12 13:56 - 0385682 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI6678.txt
2013-01-27 23:06 - 2013-01-27 23:06 - 0367664 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI6AAD.txt
2014-02-24 15:18 - 2014-02-24 15:18 - 0370704 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI773F.txt
2013-04-03 17:07 - 2013-04-03 17:07 - 0370774 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistMSI7CBD.txt
2014-03-22 13:08 - 2014-03-22 13:08 - 0011250 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI02E6.txt
2012-12-18 00:00 - 2012-12-18 00:00 - 0011394 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI10DC.txt
2012-10-15 22:35 - 2012-10-15 22:35 - 0011378 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI157D.txt
2013-03-16 09:31 - 2013-03-16 09:31 - 0011250 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI21D5.txt
2013-07-17 12:14 - 2013-07-17 12:14 - 0011250 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI2896.txt
2011-08-06 15:08 - 2011-08-06 15:08 - 0011674 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI2D11.txt
2014-03-27 22:27 - 2014-03-27 22:27 - 0012598 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI351D.txt
2013-08-31 00:07 - 2013-08-31 00:07 - 0011434 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI3850.txt
2013-08-31 00:07 - 2013-08-31 00:07 - 0011466 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI385D.txt
2013-07-16 11:30 - 2013-07-16 11:30 - 0011250 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI391F.txt
2014-08-02 16:39 - 2014-08-02 16:39 - 0011154 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI3C32.txt
2014-01-29 02:38 - 2014-01-29 02:42 - 0013188 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI419F.txt
2014-12-20 23:57 - 2014-12-20 23:57 - 0011466 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI45D7.txt
2013-07-24 15:05 - 2013-07-24 15:05 - 0011488 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI4E1E.txt
2013-07-24 15:05 - 2013-07-24 15:05 - 0011424 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI4E86.txt
2014-09-02 17:33 - 2014-09-02 17:34 - 0011402 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI5BFA.txt
2012-10-26 19:28 - 2012-10-26 19:28 - 0011370 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI61D4.txt
2013-08-12 13:56 - 2013-08-12 13:56 - 0011370 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI6678.txt
2013-01-27 23:06 - 2013-01-27 23:06 - 0011154 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI6AAD.txt
2014-02-24 15:18 - 2014-02-24 15:19 - 0012814 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI773F.txt
2013-04-03 17:07 - 2013-04-03 17:07 - 0011170 _____ () C:\Users\DreamChamber\AppData\Local\dd_vcredistUI7CBD.txt
2015-07-19 15:24 - 2015-07-19 15:24 - 0000453 _____ () C:\Users\DreamChamber\AppData\Local\LMIR0002.tmp.bat
2015-07-19 15:24 - 2015-07-19 15:24 - 0000378 _____ () C:\Users\DreamChamber\AppData\Local\LMIR0002.tmp_r.bat
2012-08-19 01:06 - 2015-04-16 12:21 - 0007638 _____ () C:\Users\DreamChamber\AppData\Local\uxeventlog.txt
2014-07-04 13:05 - 2014-07-04 13:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-08-17 16:21

==================== End of log ============================

blakston6286 · 2015/08/17

Here is the first part of the Addition File

Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-08-2015
Ran by DreamChamber (2015-08-17 16:35:54)
Running from C:\Users\DreamChamber\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2619349527-444009395-1191911321-500 - Administrator - Disabled)
DreamChamber (S-1-5-21-2619349527-444009395-1191911321-1000 - Administrator - Enabled) => C:\Users\DreamChamber
Guest (S-1-5-21-2619349527-444009395-1191911321-501 - Limited - Disabled)
IUSER_RETANON (S-1-5-21-2619349527-444009395-1191911321-1003 - Limited - Enabled)
IUSER_RETINA (S-1-5-21-2619349527-444009395-1191911321-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A New Beginning - Final Cut (HKLM-x32\...\Steam App 105000) (Version: - )
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{58597FDC-CDF0-4760-A57C-250DF09F4A21}) (Version: 12.0.2.122 - Adobe Systems, Inc)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version: - Remedy Entertainment)
Alice: Madness Returns (HKLM-x32\...\Steam App 19680) (Version: - Spicy Horse Games)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version: - Frictional Games)
Anachronox (HKLM-x32\...\Steam App 242940) (Version: - )
Anna (HKLM-x32\...\Steam App 217690) (Version: - )
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atlantis - The Lost Tales (HKLM-x32\...\Atlantis - The Lost Tales_is1) (Version: - GOG.com)
ATT-RC Self Support Tool (HKLM\...\ATT-RC) (Version: - )
ATT-RC Self Support Tool (HKLM-x32\...\ATT-RC) (Version: - )
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Baldur's Gate: Enhanced Edition (HKLM-x32\...\Steam App 228280) (Version: - Overhaul Games)
Bastion (HKLM-x32\...\Steam App 107100) (Version: - Supergiant Games)
Beneath a Steel Sky (HKLM-x32\...\GOGPACKBENEATH_is1) (Version: 2.0.0.9 - GOG.com)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broken Age (HKLM-x32\...\Steam App 232790) (Version: - Double Fine Productions)
Broken Sword 5 - the Serpent's Curse (HKLM-x32\...\Steam App 262940) (Version: - Revolution Software Ltd)
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version: - Starbreeze Studios AB)
Captain Morgane and the Golden Turtle (HKLM-x32\...\Steam App 264320) (Version: - WizarBox)
Carbonite (HKLM-x32\...\Carbonite Backup) (Version: 5.7.6 build 4832 (May-29-2015) - Carbonite)
Child of Light (HKLM-x32\...\Steam App 256290) (Version: - Ubisoft MontrÃ©al)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Contrast (HKLM-x32\...\Steam App 224460) (Version: - Compulsion Games)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.00 - Creative Technology Limited)
Creative Console Launcher (HKLM-x32\...\Console Launcher) (Version: - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - )
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deponia (HKLM-x32\...\Steam App 214340) (Version: - Daedalic Entertainment)
Dragonsphere (HKLM-x32\...\GOGPACKDRAGONSPHERE_is1) (Version: 2.0.0.14 - GOG.com)
Dream (HKLM-x32\...\Steam App 229580) (Version: - HyperSloth)
DriverUpdate (HKLM-x32\...\{C85A8187-7E95-429D-9C9C-57C10268B3CF}) (Version: 2.2.38275 - SlimWare Utilities, Inc.)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version: - Humble Hearts LLC)
Emerald City Confidential (HKLM-x32\...\Steam App 37260) (Version: - PlayFirst)
EVGA Precision 1.4.0 (HKLM-x32\...\Precision) (Version: - )
Evoland (HKLM-x32\...\Steam App 233470) (Version: - Shiro Games)
Express Zip (HKLM-x32\...\ExpressZip) (Version: - NCH Software)
Fable Anniversary (HKLM-x32\...\Steam App 288470) (Version: - Lionhead Studios)
Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Fable III (x32 Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Fable III (x32 Version: 1.0.0002.131 - Microsoft Game Studios) Hidden
Faery - Legends of Avalon (HKLM-x32\...\Steam App 303790) (Version: - Spiders Studio)
Fester Mudd: Curse of the Gold - Episode 1 (HKLM-x32\...\Steam App 253310) (Version: - )
Ghost Master (HKLM-x32\...\Steam App 6200) (Version: - Sick Puppies)
GOG.com Downloader version 3.5.8 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.5.8 - GOG.com)
Golden FTP Server (HKLM-x32\...\Golden FTP Server) (Version: - )
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Half-Life Dedicated Server Update Tool (HKLM-x32\...\Half-Life Dedicated Server Update Tool) (Version: - )
Haunted Memories (HKLM-x32\...\Steam App 241640) (Version: - MadMan Theory Games)
Ipswitch WS_FTP 12 (HKLM-x32\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 12.3 - Ipswitch)
Iron Storm (HKLM-x32\...\Iron Storm_is1) (Version: - GOG.com)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Journey of a Roach (HKLM-x32\...\Steam App 255300) (Version: - Koboldgames)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kairo (HKLM-x32\...\Steam App 233230) (Version: - )
Labyronia RPG (HKLM-x32\...\Steam App 391260) (Version: - Labyrinthine)
LEGO Lord of the Rings (HKLM-x32\...\Steam App 214510) (Version: - Traveller's Tales)
Leisure Suit Larry in the Land of the Lounge Lizards: Reloaded (HKLM-x32\...\Steam App 231910) (Version: - nFusion Interactive)
Lifeless Planet (HKLM-x32\...\Steam App 261530) (Version: - Stage 2 Studios)
LIMBO (HKLM-x32\...\Steam App 48000) (Version: - )
Lure of the Temptress (HKLM-x32\...\GOGPACKLURE_is1) (Version: 2.0.0.2 - GOG.com)
Machinarium (HKLM-x32\...\Steam App 40700) (Version: - Amanita Design)
magicJack (HKU\S-1-5-21-2619349527-444009395-1191911321-1000\...\magicJack) (Version: 3.1.6970.4873 - magicJack L.P.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Memoria (HKLM-x32\...\Steam App 243200) (Version: - Daedalic Entertainment)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.1 (HKLM\...\{8A837C47-2B21-4FDF-8370-41A1EB6A26E8}) (Version: 1.10.123.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Morrowind (HKLM-x32\...\{C325F588-D6B1-4A7F-B6A2-914C75DDA348}) (Version: - )
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM-x32\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
n52te Editor (HKLM-x32\...\{0AC8162B-5175-41D7-B963-8307A40BD456}) (Version: 5.01 - Razer USA Ltd.)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA MediaShield (HKLM-x32\...\{CC452A50-5C87-4A1F-B295-445C3C69BF7D}) (Version: 11.1.0.43 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Oblivion - Horse Armor Pack (HKLM-x32\...\{3ABEBD00-299D-4DCA-967F-B912163AB5EA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Knights of the Nine (HKLM-x32\...\{14C87AA7-08E6-419F-A165-998EBE5023D7}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Mehrunes Razor (HKLM-x32\...\{EF295F5C-7B57-47AA-8889-6B3E8E214E89}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Orrery (HKLM-x32\...\{EC425CFC-EE78-4A91-AA25-3BFA65B75364}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Spell Tomes (HKLM-x32\...\{16D919E6-F019-4E15-BFBE-4A85EF19DA57}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Thieves Den (HKLM-x32\...\{FFFFFD17-B460-41EB-93F1-C48ABAD63828}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Vile Lair (HKLM-x32\...\{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Wizard's Tower (HKLM-x32\...\{2F2E3D62-8B8C-448F-8900-451325E50948}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outlast (HKLM-x32\...\Steam App 238320) (Version: - Red Barrels)
Post Mortem (HKLM-x32\...\Post Mortem_is1) (Version: - GOG.com)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Quest for Glory Pack (HKLM-x32\...\GOGPACKQUESTFORGLORY_is1) (Version: 2.0.0.32 - GOG.com)
RealDownloader (x32 Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.70 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
REGSERVO (HKLM\...\REGSERVO) (Version: 1.0.9.3 - Tuneup System Software Pvt Ltd.)
Return to Mysterious Island 2 (HKLM-x32\...\Steam App 277270) (Version: - Anuman)
Risen (HKLM-x32\...\Steam App 40300) (Version: - Piranha – Bytes)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
Robin Hood: The Legend of Sherwood (HKLM-x32\...\Robin Hood: The Legend of Sherwood_is1) (Version: - GOG.com)
Sacred 2 Gold (HKLM-x32\...\Steam App 225640) (Version: - Ascaron)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.44 (10/23/2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.58.01(10/20/2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.17 (9/17/2014) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.10 (6/20/2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.05 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.18 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.05.00 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version: - Harebrained Schemes)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Sound Blaster X-Fi (HKLM-x32\...\{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}) (Version: 1.0 - )
SoundFont Bank Manager (HKLM-x32\...\SFBM) (Version: 3.21 - Creative Technology Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Still Life 2 (HKLM-x32\...\Still Life 2_is1) (Version: - GOG.com)
STK02N 2.3 (HKLM-x32\...\{E42E07F5-5A90-4BA9-B55A-79FCF9EAF9B5}) (Version: 2.3 - Syntek)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
TES Construction Set (HKLM-x32\...\{DB3C800B-081B-4146-B4E3-EFB5B77AA913}) (Version: - )
The Book of Unwritten Tales (HKLM-x32\...\Steam App 215160) (Version: - )
The Book of Unwritten Tales: The Critter Chronicles (HKLM-x32\...\Steam App 221830) (Version: - KING Art)
The Cave (HKLM-x32\...\Steam App 221810) (Version: - Double Fine Productions)
The Dark Eye: Chains of Satinav (HKLM-x32\...\Steam App 203830) (Version: - Daedalic Entertainment)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Journey Down: Chapter One (HKLM-x32\...\Steam App 220090) (Version: - )
The Journey Down: Chapter Two (HKLM-x32\...\Steam App 262850) (Version: - SkyGoblin)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.6.0.87 - KMP Media co., Ltd)
The Last Express Gold Edition (HKLM-x32\...\Steam App 252710) (Version: - DotEmu)
The Raven - Legacy of a Master Thief (HKLM-x32\...\Steam App 233370) (Version: - KING Art)
The Room (HKLM-x32\...\Steam App 288160) (Version: - Fireproof Games)
The Talos Principle (HKLM-x32\...\Steam App 257510) (Version: - Croteam)
The Testament of Sherlock Holmes (HKLM-x32\...\Steam App 205650) (Version: - Frogwares)
The Vanishing of Ethan Carter (HKLM-x32\...\Steam App 258520) (Version: - The Astronauts)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
Tinker (HKLM-x32\...\GFWL_{584109EB-4A5E-4467-B3C4-5C1000008300}) (Version: 1.0.0000.131 - Microsoft Corporation)
Tinker (x32 Version: 1.0.0000.131 - Microsoft Corporation) Hidden
Tinker (x32 Version: 1.0.0001.131 - Microsoft Corporation) Hidden
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - )
Treasure Adventure Game (HKLM-x32\...\GOGPACKTREASUREADVENTUREGAME_is1) (Version: 2.0.0.4 - GOG.com)
Tyrian 2000 (HKLM-x32\...\GOGPACKTYRIAN2000_is1) (Version: 2.0.0.11 - GOG.com)
Ultima 4 - Quest of the Avatar (HKLM-x32\...\GOGPACKULTIMA4FREE_is1) (Version: 2.0.0.19 - GOG.com)
Unearthed: Trail of Ibn Battuta - Episode 1 - Gold Edition (HKLM-x32\...\Steam App 263680) (Version: - Semaphore)
Unity Web Player (HKU\S-1-5-21-2619349527-444009395-1191911321-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Warsow (HKLM-x32\...\GOGPACKWARSOW_is1) (Version: 2.1.0.12 - GOG.com)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - NVIDIA (nvlddmkm) Display (10/02/2012 9.18.13.0697) (HKLM\...\F676611C704DA775123AEFA1ACFB365586E0A874) (Version: 10/02/2012 9.18.13.0697 - NVIDIA)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Worlds of Ultima - Martian Dreams (HKLM-x32\...\GOGPACKWORLDSOFULTIMAMARTIAN_is1) (Version: 2.0.0.17 - GOG.com)
Worlds of Ultima - The Savage Empire (HKLM-x32\...\GOGPACKWORLDSOFULTIMASAVAGE_is1) (Version: 2.0.0.26 - GOG.com)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

12-08-2015 14:49:00 Installed AVG 2015
12-08-2015 14:49:54 Installed AVG 2015
12-08-2015 14:55:12 Removed AVG 2015
12-08-2015 15:16:36 Installed AVG 2015
12-08-2015 15:19:44 Installed AVG 2015
12-08-2015 15:23:58 Removed AVG 2015
15-08-2015 19:29:28 Installed AVG 2015
15-08-2015 19:30:13 Installed AVG 2015
15-08-2015 19:34:09 Removed AVG 2015
17-08-2015 16:20:55 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 05:34 - 2015-08-06 15:47 - 00450718 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com

There are 1000 more lines.

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F7A06E2-EC81-47DC-A0A9-60C9AB1BA22E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {15AB5337-1A52-4213-BEFE-1484FA42D603} - System32\Tasks\{5ACE07E1-C925-4319-89BC-B50B69CBBB82} => pcalua.exe -a "C:\Users\DreamChamber\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RMRJKHAJ\Bloodmoon_v1.6.1820.exe" -d C:\Users\DreamChamber\Desktop
Task: {160EE151-CD01-417E-B53E-09FF8B72D973} - System32\Tasks\{00C78FBD-2B23-47B4-B138-E858A0B1F3AF} => pcalua.exe -a D:\setup.exe -d D:\
Task: {1D7F9A9E-F57A-42E1-83FE-51310F12E4FA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2F1C57BA-AF04-43F9-AD92-E383DB58195D} - System32\Tasks\Event Viewer Tasks\System_Microsoft-Windows-WLAN-AutoConfig_4001 => delete
Task: {3211AF84-3B8D-44ED-9EEC-7E62300E12FC} - \0 -> No File <==== ATTENTION
Task: {324BA9A9-AE27-49EE-B96D-6FA7D5387D5F} - System32\Tasks\{E76CBE4F-A63D-4AF4-AA40-1AF7BE91075A} => pcalua.exe -a D:\hoae-setup.exe -d D:\
Task: {44588C2B-6CD3-4375-89D0-2E8292701321} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {522889E9-6C6F-4DF6-8304-937362443400} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {5D8ADC28-56BB-4353-A13D-493CED3E5F40} - System32\Tasks\{F935128E-D0CA-4E12-B960-C4DB2B5AEFC0} => pcalua.exe -a D:\Oblivion_v1.1FinalEnglish.exe -d D:\
Task: {76FBADBE-7D6E-483F-BE92-595F5E7D78B1} - System32\Tasks\{161BC034-A2F9-4C45-B98E-A3F9CAA2F5E5} => pcalua.exe -a "C:\Users\DreamChamber\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\76WJL2XW\msicuu2.exe" -d C:\Users\DreamChamber\Desktop
Task: {783787B0-5BA7-450C-9299-B275BFD82ADE} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [1999-12-31] (Microsoft Corporation)
Task: {7C03B374-64F9-4E94-BA84-ADCCF51571EE} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - DreamChamber => C:\Program Files\Windows Calendar\wincal.exe [2008-01-20] (Microsoft Corporation)
Task: {98B124D3-F221-47AB-A768-231F8F5D5D4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {9B960591-D34D-44F1-B9D0-D522D633E224} - \SparkTrust PC Cleaner Plus Startup -> No File <==== ATTENTION
Task: {A6A553E7-B9B8-4927-83A6-62642039EECB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-17] (AVAST Software)
Task: {BAE552B8-4FA4-45E3-B28C-52A40155CFA3} - System32\Tasks\{C5AEF25B-68A7-472B-9F3D-2E197CD5FD9D} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Motive\InstallHelper.exe" -c /UninstallVendor=ATT-RC /Dir=C:\Program Files (x86)\ATT-RC
Task: {C318B1B8-0C18-4941-81E4-EC50422D2466} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [1999-12-31] (Microsoft Corporation)
Task: {CE52D313-75C6-4EB7-865D-C1E9505B8A76} - \SparkTrust PC Cleaner Plus_sch_AF48A024-36E9-11E5-9D1B-00044B18017B -> No File <==== ATTENTION
Task: {FBDE459B-A905-4C75-98C2-377B050DE693} - System32\Tasks\{5E59136F-58AA-4374-82C2-F3AAEA122179} => pcalua.exe -a "C:\Remote Programs\Chicken Invaders 3\GPlrLanc.exe" -c -LOpCode 2 /RemoveContent cid=742650;name=Chicken Invaders 3;dir=C:\Remote Programs\Chicken Invaders 3\;prvid=143;cmdid=1;prvdir=Default

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-10-22 12:01 - 2013-05-29 05:01 - 00034304 _____ () C:\Windows\System32\ssm4mlm.dll
2014-10-22 12:23 - 2014-04-16 01:22 - 00029184 _____ () C:\Windows\System32\usp01l.dll
2014-10-22 12:23 - 2014-07-24 11:54 - 01194496 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\usp01du.dll
2013-07-24 15:05 - 2010-09-28 15:56 - 06550136 _____ () C:\Program Files\ipswitch\WS_FTP 12\res0409.dll
2009-07-25 10:28 - 2009-07-25 10:28 - 00107520 _____ () C:\Program Files (x86)\Golden FTP Server\gftp.dll
2013-07-18 13:53 - 2013-07-18 13:53 - 00089088 _____ () C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
2014-09-08 14:39 - 2014-09-08 14:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 14:38 - 2014-09-08 14:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-22 12:24 - 2013-10-03 21:53 - 00734720 _____ () C:\Windows\system32\SnMinDrv.dll
2014-10-22 12:00 - 2014-08-18 17:08 - 00087552 ____N () C:\Windows\system32\SSDEVM64.DLL
2014-10-22 12:01 - 2013-02-22 13:29 - 00365568 _____ () C:\Windows\system32\SaMinDrv.dll
2015-04-04 15:27 - 2015-07-23 21:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2010-12-01 23:16 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2010-12-01 23:16 - 2009-03-26 14:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2010-05-06 00:51 - 2010-05-06 00:51 - 00002560 _____ () C:\Windows\system32\CTXFIRES.DLL
2014-05-14 09:45 - 2014-05-14 09:45 - 00090624 _____ () C:\Program Files (x86)\PasswordBox\libwebsocketswin32.dll
2013-07-24 15:05 - 2010-09-28 15:53 - 00948496 _____ () C:\Program Files (x86)\Ipswitch\WS_FTP 12\LIBEAY32.dll
2013-07-24 15:05 - 2010-09-28 15:53 - 00153360 _____ () C:\Program Files (x86)\Ipswitch\WS_FTP 12\SSLEAY32.dll
2015-08-12 07:15 - 2015-08-12 07:15 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
2015-08-17 16:22 - 2015-08-17 16:22 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-17 16:22 - 2015-08-17 16:22 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-17 16:23 - 2015-08-17 16:23 - 02961920 _____ () C:\Program Files\AVAST Software\Avast\defs\15081702\algo.dll
2015-08-17 16:22 - 2015-08-17 16:22 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-03-12 17:10 - 2015-07-03 09:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 20:33 - 2015-07-03 09:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-19 20:33 - 2015-07-03 09:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 20:33 - 2015-07-03 09:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-23 15:11 - 2015-08-12 11:26 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 11:58 - 2014-12-01 14:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 11:58 - 2014-12-01 14:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 11:58 - 2014-12-01 14:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 11:58 - 2014-12-01 14:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 11:58 - 2014-12-01 14:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-08-19 00:26 - 2015-08-12 11:26 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.dll
2015-07-21 23:45 - 2015-07-26 18:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2012-08-19 00:26 - 2015-07-03 09:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\DreamChamber\Documents\Hate Campaign.eml:OECustomProperty

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7867 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2619349527-444009395-1191911321-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DreamChamber\Pictures\IMAG0071.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

blakston6286 · 2015/08/17

Here is the first part of the Addition File

Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-08-2015
Ran by DreamChamber (2015-08-17 16:35:54)
Running from C:\Users\DreamChamber\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2619349527-444009395-1191911321-500 - Administrator - Disabled)
DreamChamber (S-1-5-21-2619349527-444009395-1191911321-1000 - Administrator - Enabled) => C:\Users\DreamChamber
Guest (S-1-5-21-2619349527-444009395-1191911321-501 - Limited - Disabled)
IUSER_RETANON (S-1-5-21-2619349527-444009395-1191911321-1003 - Limited - Enabled)
IUSER_RETINA (S-1-5-21-2619349527-444009395-1191911321-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A New Beginning - Final Cut (HKLM-x32\...\Steam App 105000) (Version: - )
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{58597FDC-CDF0-4760-A57C-250DF09F4A21}) (Version: 12.0.2.122 - Adobe Systems, Inc)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version: - Remedy Entertainment)
Alice: Madness Returns (HKLM-x32\...\Steam App 19680) (Version: - Spicy Horse Games)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version: - Frictional Games)
Anachronox (HKLM-x32\...\Steam App 242940) (Version: - )
Anna (HKLM-x32\...\Steam App 217690) (Version: - )
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atlantis - The Lost Tales (HKLM-x32\...\Atlantis - The Lost Tales_is1) (Version: - GOG.com)
ATT-RC Self Support Tool (HKLM\...\ATT-RC) (Version: - )
ATT-RC Self Support Tool (HKLM-x32\...\ATT-RC) (Version: - )
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Baldur's Gate: Enhanced Edition (HKLM-x32\...\Steam App 228280) (Version: - Overhaul Games)
Bastion (HKLM-x32\...\Steam App 107100) (Version: - Supergiant Games)
Beneath a Steel Sky (HKLM-x32\...\GOGPACKBENEATH_is1) (Version: 2.0.0.9 - GOG.com)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broken Age (HKLM-x32\...\Steam App 232790) (Version: - Double Fine Productions)
Broken Sword 5 - the Serpent's Curse (HKLM-x32\...\Steam App 262940) (Version: - Revolution Software Ltd)
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version: - Starbreeze Studios AB)
Captain Morgane and the Golden Turtle (HKLM-x32\...\Steam App 264320) (Version: - WizarBox)
Carbonite (HKLM-x32\...\Carbonite Backup) (Version: 5.7.6 build 4832 (May-29-2015) - Carbonite)
Child of Light (HKLM-x32\...\Steam App 256290) (Version: - Ubisoft MontrÃ©al)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Contrast (HKLM-x32\...\Steam App 224460) (Version: - Compulsion Games)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.00 - Creative Technology Limited)
Creative Console Launcher (HKLM-x32\...\Console Launcher) (Version: - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - )
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deponia (HKLM-x32\...\Steam App 214340) (Version: - Daedalic Entertainment)
Dragonsphere (HKLM-x32\...\GOGPACKDRAGONSPHERE_is1) (Version: 2.0.0.14 - GOG.com)
Dream (HKLM-x32\...\Steam App 229580) (Version: - HyperSloth)
DriverUpdate (HKLM-x32\...\{C85A8187-7E95-429D-9C9C-57C10268B3CF}) (Version: 2.2.38275 - SlimWare Utilities, Inc.)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version: - Humble Hearts LLC)
Emerald City Confidential (HKLM-x32\...\Steam App 37260) (Version: - PlayFirst)
EVGA Precision 1.4.0 (HKLM-x32\...\Precision) (Version: - )
Evoland (HKLM-x32\...\Steam App 233470) (Version: - Shiro Games)
Express Zip (HKLM-x32\...\ExpressZip) (Version: - NCH Software)
Fable Anniversary (HKLM-x32\...\Steam App 288470) (Version: - Lionhead Studios)
Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Fable III (x32 Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Fable III (x32 Version: 1.0.0002.131 - Microsoft Game Studios) Hidden
Faery - Legends of Avalon (HKLM-x32\...\Steam App 303790) (Version: - Spiders Studio)
Fester Mudd: Curse of the Gold - Episode 1 (HKLM-x32\...\Steam App 253310) (Version: - )
Ghost Master (HKLM-x32\...\Steam App 6200) (Version: - Sick Puppies)
GOG.com Downloader version 3.5.8 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.5.8 - GOG.com)
Golden FTP Server (HKLM-x32\...\Golden FTP Server) (Version: - )
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Half-Life Dedicated Server Update Tool (HKLM-x32\...\Half-Life Dedicated Server Update Tool) (Version: - )
Haunted Memories (HKLM-x32\...\Steam App 241640) (Version: - MadMan Theory Games)
Ipswitch WS_FTP 12 (HKLM-x32\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 12.3 - Ipswitch)
Iron Storm (HKLM-x32\...\Iron Storm_is1) (Version: - GOG.com)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Journey of a Roach (HKLM-x32\...\Steam App 255300) (Version: - Koboldgames)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kairo (HKLM-x32\...\Steam App 233230) (Version: - )
Labyronia RPG (HKLM-x32\...\Steam App 391260) (Version: - Labyrinthine)
LEGO Lord of the Rings (HKLM-x32\...\Steam App 214510) (Version: - Traveller's Tales)
Leisure Suit Larry in the Land of the Lounge Lizards: Reloaded (HKLM-x32\...\Steam App 231910) (Version: - nFusion Interactive)
Lifeless Planet (HKLM-x32\...\Steam App 261530) (Version: - Stage 2 Studios)
LIMBO (HKLM-x32\...\Steam App 48000) (Version: - )
Lure of the Temptress (HKLM-x32\...\GOGPACKLURE_is1) (Version: 2.0.0.2 - GOG.com)
Machinarium (HKLM-x32\...\Steam App 40700) (Version: - Amanita Design)
magicJack (HKU\S-1-5-21-2619349527-444009395-1191911321-1000\...\magicJack) (Version: 3.1.6970.4873 - magicJack L.P.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Memoria (HKLM-x32\...\Steam App 243200) (Version: - Daedalic Entertainment)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.1 (HKLM\...\{8A837C47-2B21-4FDF-8370-41A1EB6A26E8}) (Version: 1.10.123.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Morrowind (HKLM-x32\...\{C325F588-D6B1-4A7F-B6A2-914C75DDA348}) (Version: - )
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM-x32\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
n52te Editor (HKLM-x32\...\{0AC8162B-5175-41D7-B963-8307A40BD456}) (Version: 5.01 - Razer USA Ltd.)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA MediaShield (HKLM-x32\...\{CC452A50-5C87-4A1F-B295-445C3C69BF7D}) (Version: 11.1.0.43 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Oblivion - Horse Armor Pack (HKLM-x32\...\{3ABEBD00-299D-4DCA-967F-B912163AB5EA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Knights of the Nine (HKLM-x32\...\{14C87AA7-08E6-419F-A165-998EBE5023D7}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Mehrunes Razor (HKLM-x32\...\{EF295F5C-7B57-47AA-8889-6B3E8E214E89}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Orrery (HKLM-x32\...\{EC425CFC-EE78-4A91-AA25-3BFA65B75364}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Spell Tomes (HKLM-x32\...\{16D919E6-F019-4E15-BFBE-4A85EF19DA57}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Thieves Den (HKLM-x32\...\{FFFFFD17-B460-41EB-93F1-C48ABAD63828}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Vile Lair (HKLM-x32\...\{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Wizard's Tower (HKLM-x32\...\{2F2E3D62-8B8C-448F-8900-451325E50948}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outlast (HKLM-x32\...\Steam App 238320) (Version: - Red Barrels)
Post Mortem (HKLM-x32\...\Post Mortem_is1) (Version: - GOG.com)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Quest for Glory Pack (HKLM-x32\...\GOGPACKQUESTFORGLORY_is1) (Version: 2.0.0.32 - GOG.com)
RealDownloader (x32 Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.70 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
REGSERVO (HKLM\...\REGSERVO) (Version: 1.0.9.3 - Tuneup System Software Pvt Ltd.)
Return to Mysterious Island 2 (HKLM-x32\...\Steam App 277270) (Version: - Anuman)
Risen (HKLM-x32\...\Steam App 40300) (Version: - Piranha "“ Bytes)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
Robin Hood: The Legend of Sherwood (HKLM-x32\...\Robin Hood: The Legend of Sherwood_is1) (Version: - GOG.com)
Sacred 2 Gold (HKLM-x32\...\Steam App 225640) (Version: - Ascaron)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.44 (10/23/2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.58.01(10/20/2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.17 (9/17/2014) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.10 (6/20/2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.05 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.18 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.05.00 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version: - Harebrained Schemes)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Sound Blaster X-Fi (HKLM-x32\...\{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}) (Version: 1.0 - )
SoundFont Bank Manager (HKLM-x32\...\SFBM) (Version: 3.21 - Creative Technology Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Still Life 2 (HKLM-x32\...\Still Life 2_is1) (Version: - GOG.com)
STK02N 2.3 (HKLM-x32\...\{E42E07F5-5A90-4BA9-B55A-79FCF9EAF9B5}) (Version: 2.3 - Syntek)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
TES Construction Set (HKLM-x32\...\{DB3C800B-081B-4146-B4E3-EFB5B77AA913}) (Version: - )
The Book of Unwritten Tales (HKLM-x32\...\Steam App 215160) (Version: - )
The Book of Unwritten Tales: The Critter Chronicles (HKLM-x32\...\Steam App 221830) (Version: - KING Art)
The Cave (HKLM-x32\...\Steam App 221810) (Version: - Double Fine Productions)
The Dark Eye: Chains of Satinav (HKLM-x32\...\Steam App 203830) (Version: - Daedalic Entertainment)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Journey Down: Chapter One (HKLM-x32\...\Steam App 220090) (Version: - )
The Journey Down: Chapter Two (HKLM-x32\...\Steam App 262850) (Version: - SkyGoblin)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.6.0.87 - KMP Media co., Ltd)
The Last Express Gold Edition (HKLM-x32\...\Steam App 252710) (Version: - DotEmu)
The Raven - Legacy of a Master Thief (HKLM-x32\...\Steam App 233370) (Version: - KING Art)
The Room (HKLM-x32\...\Steam App 288160) (Version: - Fireproof Games)
The Talos Principle (HKLM-x32\...\Steam App 257510) (Version: - Croteam)
The Testament of Sherlock Holmes (HKLM-x32\...\Steam App 205650) (Version: - Frogwares)
The Vanishing of Ethan Carter (HKLM-x32\...\Steam App 258520) (Version: - The Astronauts)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
Tinker (HKLM-x32\...\GFWL_{584109EB-4A5E-4467-B3C4-5C1000008300}) (Version: 1.0.0000.131 - Microsoft Corporation)
Tinker (x32 Version: 1.0.0000.131 - Microsoft Corporation) Hidden
Tinker (x32 Version: 1.0.0001.131 - Microsoft Corporation) Hidden
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - )
Treasure Adventure Game (HKLM-x32\...\GOGPACKTREASUREADVENTUREGAME_is1) (Version: 2.0.0.4 - GOG.com)
Tyrian 2000 (HKLM-x32\...\GOGPACKTYRIAN2000_is1) (Version: 2.0.0.11 - GOG.com)
Ultima 4 - Quest of the Avatar (HKLM-x32\...\GOGPACKULTIMA4FREE_is1) (Version: 2.0.0.19 - GOG.com)
Unearthed: Trail of Ibn Battuta - Episode 1 - Gold Edition (HKLM-x32\...\Steam App 263680) (Version: - Semaphore)
Unity Web Player (HKU\S-1-5-21-2619349527-444009395-1191911321-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Warsow (HKLM-x32\...\GOGPACKWARSOW_is1) (Version: 2.1.0.12 - GOG.com)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - NVIDIA (nvlddmkm) Display (10/02/2012 9.18.13.0697) (HKLM\...\F676611C704DA775123AEFA1ACFB365586E0A874) (Version: 10/02/2012 9.18.13.0697 - NVIDIA)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Worlds of Ultima - Martian Dreams (HKLM-x32\...\GOGPACKWORLDSOFULTIMAMARTIAN_is1) (Version: 2.0.0.17 - GOG.com)
Worlds of Ultima - The Savage Empire (HKLM-x32\...\GOGPACKWORLDSOFULTIMASAVAGE_is1) (Version: 2.0.0.26 - GOG.com)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

12-08-2015 14:49:00 Installed AVG 2015
12-08-2015 14:49:54 Installed AVG 2015
12-08-2015 14:55:12 Removed AVG 2015
12-08-2015 15:16:36 Installed AVG 2015
12-08-2015 15:19:44 Installed AVG 2015
12-08-2015 15:23:58 Removed AVG 2015
15-08-2015 19:29:28 Installed AVG 2015
15-08-2015 19:30:13 Installed AVG 2015
15-08-2015 19:34:09 Removed AVG 2015
17-08-2015 16:20:55 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 05:34 - 2015-08-06 15:47 - 00450718 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com

There are 1000 more lines.

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F7A06E2-EC81-47DC-A0A9-60C9AB1BA22E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {15AB5337-1A52-4213-BEFE-1484FA42D603} - System32\Tasks\{5ACE07E1-C925-4319-89BC-B50B69CBBB82} => pcalua.exe -a "C:\Users\DreamChamber\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RMRJKHAJ\Bloodmoon_v1.6.1820.exe" -d C:\Users\DreamChamber\Desktop
Task: {160EE151-CD01-417E-B53E-09FF8B72D973} - System32\Tasks\{00C78FBD-2B23-47B4-B138-E858A0B1F3AF} => pcalua.exe -a D:\setup.exe -d D:\
Task: {1D7F9A9E-F57A-42E1-83FE-51310F12E4FA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2F1C57BA-AF04-43F9-AD92-E383DB58195D} - System32\Tasks\Event Viewer Tasks\System_Microsoft-Windows-WLAN-AutoConfig_4001 => delete
Task: {3211AF84-3B8D-44ED-9EEC-7E62300E12FC} - \0 -> No File <==== ATTENTION
Task: {324BA9A9-AE27-49EE-B96D-6FA7D5387D5F} - System32\Tasks\{E76CBE4F-A63D-4AF4-AA40-1AF7BE91075A} => pcalua.exe -a D:\hoae-setup.exe -d D:\
Task: {44588C2B-6CD3-4375-89D0-2E8292701321} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {522889E9-6C6F-4DF6-8304-937362443400} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {5D8ADC28-56BB-4353-A13D-493CED3E5F40} - System32\Tasks\{F935128E-D0CA-4E12-B960-C4DB2B5AEFC0} => pcalua.exe -a D:\Oblivion_v1.1FinalEnglish.exe -d D:\
Task: {76FBADBE-7D6E-483F-BE92-595F5E7D78B1} - System32\Tasks\{161BC034-A2F9-4C45-B98E-A3F9CAA2F5E5} => pcalua.exe -a "C:\Users\DreamChamber\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\76WJL2XW\msicuu2.exe" -d C:\Users\DreamChamber\Desktop
Task: {783787B0-5BA7-450C-9299-B275BFD82ADE} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [1999-12-31] (Microsoft Corporation)
Task: {7C03B374-64F9-4E94-BA84-ADCCF51571EE} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - DreamChamber => C:\Program Files\Windows Calendar\wincal.exe [2008-01-20] (Microsoft Corporation)
Task: {98B124D3-F221-47AB-A768-231F8F5D5D4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {9B960591-D34D-44F1-B9D0-D522D633E224} - \SparkTrust PC Cleaner Plus Startup -> No File <==== ATTENTION
Task: {A6A553E7-B9B8-4927-83A6-62642039EECB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-17] (AVAST Software)
Task: {BAE552B8-4FA4-45E3-B28C-52A40155CFA3} - System32\Tasks\{C5AEF25B-68A7-472B-9F3D-2E197CD5FD9D} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Motive\InstallHelper.exe" -c /UninstallVendor=ATT-RC /Dir=C:\Program Files (x86)\ATT-RC
Task: {C318B1B8-0C18-4941-81E4-EC50422D2466} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [1999-12-31] (Microsoft Corporation)
Task: {CE52D313-75C6-4EB7-865D-C1E9505B8A76} - \SparkTrust PC Cleaner Plus_sch_AF48A024-36E9-11E5-9D1B-00044B18017B -> No File <==== ATTENTION
Task: {FBDE459B-A905-4C75-98C2-377B050DE693} - System32\Tasks\{5E59136F-58AA-4374-82C2-F3AAEA122179} => pcalua.exe -a "C:\Remote Programs\Chicken Invaders 3\GPlrLanc.exe" -c -LOpCode 2 /RemoveContent cid=742650;name=Chicken Invaders 3;dir=C:\Remote Programs\Chicken Invaders 3\;prvid=143;cmdid=1;prvdir=Default

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-10-22 12:01 - 2013-05-29 05:01 - 00034304 _____ () C:\Windows\System32\ssm4mlm.dll
2014-10-22 12:23 - 2014-04-16 01:22 - 00029184 _____ () C:\Windows\System32\usp01l.dll
2014-10-22 12:23 - 2014-07-24 11:54 - 01194496 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\usp01du.dll
2013-07-24 15:05 - 2010-09-28 15:56 - 06550136 _____ () C:\Program Files\ipswitch\WS_FTP 12\res0409.dll
2009-07-25 10:28 - 2009-07-25 10:28 - 00107520 _____ () C:\Program Files (x86)\Golden FTP Server\gftp.dll
2013-07-18 13:53 - 2013-07-18 13:53 - 00089088 _____ () C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
2014-09-08 14:39 - 2014-09-08 14:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 14:38 - 2014-09-08 14:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-22 12:24 - 2013-10-03 21:53 - 00734720 _____ () C:\Windows\system32\SnMinDrv.dll
2014-10-22 12:00 - 2014-08-18 17:08 - 00087552 ____N () C:\Windows\system32\SSDEVM64.DLL
2014-10-22 12:01 - 2013-02-22 13:29 - 00365568 _____ () C:\Windows\system32\SaMinDrv.dll
2015-04-04 15:27 - 2015-07-23 21:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2010-12-01 23:16 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2010-12-01 23:16 - 2009-03-26 14:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2010-05-06 00:51 - 2010-05-06 00:51 - 00002560 _____ () C:\Windows\system32\CTXFIRES.DLL
2014-05-14 09:45 - 2014-05-14 09:45 - 00090624 _____ () C:\Program Files (x86)\PasswordBox\libwebsocketswin32.dll
2013-07-24 15:05 - 2010-09-28 15:53 - 00948496 _____ () C:\Program Files (x86)\Ipswitch\WS_FTP 12\LIBEAY32.dll
2013-07-24 15:05 - 2010-09-28 15:53 - 00153360 _____ () C:\Program Files (x86)\Ipswitch\WS_FTP 12\SSLEAY32.dll
2015-08-12 07:15 - 2015-08-12 07:15 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
2015-08-17 16:22 - 2015-08-17 16:22 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-17 16:22 - 2015-08-17 16:22 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-17 16:23 - 2015-08-17 16:23 - 02961920 _____ () C:\Program Files\AVAST Software\Avast\defs\15081702\algo.dll
2015-08-17 16:22 - 2015-08-17 16:22 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-03-12 17:10 - 2015-07-03 09:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 20:33 - 2015-07-03 09:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-19 20:33 - 2015-07-03 09:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 20:33 - 2015-07-03 09:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-23 15:11 - 2015-08-12 11:26 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 11:58 - 2014-12-01 14:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 11:58 - 2014-12-01 14:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 11:58 - 2014-12-01 14:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 11:58 - 2014-12-01 14:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 11:58 - 2014-12-01 14:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-08-19 00:26 - 2015-08-12 11:26 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.dll
2015-07-21 23:45 - 2015-07-26 18:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2012-08-19 00:26 - 2015-07-03 09:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\DreamChamber\Documents\Hate Campaign.eml:OECustomProperty

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7867 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2619349527-444009395-1191911321-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DreamChamber\Pictures\IMAG0071.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

blakston6286 · 2015/08/17

Here is the rest of the Addition file

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WMP-Out-TCP] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-In-UDP] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-TCP-x86] => (Allow) C:\Program Files (x86)\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP-x86] => (Allow) C:\Program Files (x86)\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-In-UDP-x86] => (Allow) C:\Program Files (x86)\Windows Media Player\wmplayer.exe
FirewallRules: [{6C805D06-7BF1-4ED1-99E8-A5BDFDFA58FD}] => (Allow) C:\Program Files (x86)\Windows Media Player\wmplayer.exe
FirewallRules: [{6C7E0B85-326E-4E9D-9AFD-FB6F0890BE5D}] => (Allow) C:\Program Files (x86)\Windows Media Player\wmplayer.exe
FirewallRules: [{710102DD-B5B2-47A1-8384-0E193E95DF96}] => (Allow) C:\Program Files (x86)\Windows Media Player\wmplayer.exe
FirewallRules: [{43A51583-A549-4A22-BBAC-6DED583794E4}] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [{7815BD68-CCE1-48ED-97B2-18A07C36DE42}] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [{32252F8D-3EE3-4267-AD3B-DE9FA4544FD1}] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [{E723C4A0-BD99-424F-A768-5806EAFBA9B0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E6490522-1649-4ACD-92C0-A4B2604B2A8E}] => (Allow) LPort=2869
FirewallRules: [{31EC4C25-53A7-48DC-9ECD-3FC3EFD4D487}] => (Allow) LPort=1900
FirewallRules: [{E8D00341-6A0F-471F-A40A-AA0E1589DB5B}] => (Allow) LPort=80
FirewallRules: [{84A9F3EE-E34A-4D55-B87D-985A67FB7723}] => (Allow) LPort=80
FirewallRules: [{9D1BD6B0-D44B-447E-AA71-956BB918EF2E}] => (Allow) LPort=80
FirewallRules: [{63A7AECF-4779-40F2-93B7-A56D986EEABB}] => (Allow) C:\Program Files (x86)\Microsoft Corporation\Tinker\Tinker.exe
FirewallRules: [{87C4E1FC-8967-49A2-8C46-4AB83BC21369}] => (Allow) C:\Program Files (x86)\Microsoft Corporation\Tinker\Tinker.exe
FirewallRules: [{C0772168-061F-4485-8EAB-33C69C083774}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6F1123A1-826E-4DBC-9A03-4835F01C4F19}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E3F87C7F-9FA6-4453-9AD5-E3595197BC99}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia Trailer\smp.exe
FirewallRules: [{55DC6C7C-C78A-4B96-995D-F92C027918C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia Trailer\smp.exe
FirewallRules: [{94C217C2-A05C-4D12-8EE5-8B20DEBF9B86}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Book of Unwritten Tales\bout.exe
FirewallRules: [{0A0CE445-36A3-4984-81D9-CBA35003110F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Book of Unwritten Tales\bout.exe
FirewallRules: [{E5957A48-D37A-4E39-87F6-AA644F419E3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{26343B81-FF6A-4659-BE2C-490A5CC0CB8C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{53AC81F1-FCF9-4625-A66E-805795B22593}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{529BF7F5-1FD0-43B6-A31D-3FFE9B2CA480}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{0E3C33AA-BCEC-4069-95B8-72D58D1E7549}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Journey Down\JourneyDown1.exe
FirewallRules: [{6EFB4A9E-7762-4689-BAA0-C1120E9A8128}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Journey Down\JourneyDown1.exe
FirewallRules: [{501D0C58-FCF7-4B9F-90A6-1854A1033381}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Emerald City Confidential\ECC.exe
FirewallRules: [{5EDC79F2-B6C7-4F58-9D35-A10E0AF5F1F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Emerald City Confidential\ECC.exe
FirewallRules: [{9F33D380-D856-4000-9A6F-B1C2423F07E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machinarium\machinarium.exe
FirewallRules: [{BF741BD0-7B61-43BD-8F68-5A4B9C2F77A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Machinarium\machinarium.exe
FirewallRules: [{B7BD8765-E900-41F8-870E-64E1237C1172}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{C54B45AA-05FB-4B1D-B42E-78AF4D9D091D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{3F618135-CDAE-4943-99B0-7268634188D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{61708097-A6F2-4F74-91E2-B767B98F344F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{4EF1BC08-498C-44E1-94D9-6B2B0A0B6B4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Testament of Sherlock Holmes\game.exe
FirewallRules: [{4E82234C-9FFB-4795-9F07-17B149FEC563}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Testament of Sherlock Holmes\game.exe
FirewallRules: [{72268711-3952-4225-AB69-D63C119237E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{FECEFE16-F16A-4628-AB65-FBFC6D3E8DEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [TCP Query User{4D29FCA0-6E90-450A-BD6A-50DA132DF794}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{FFF3132E-95F7-45B6-BCE7-7C77AB8A5242}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{7F4363DD-7A7B-46E3-AE0B-2C8E3D146DCE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LEGO Lord of the Rings\LEGOLOTR.exe
FirewallRules: [{11D76BEE-EEEC-4656-B556-9993753ED0BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LEGO Lord of the Rings\LEGOLOTR.exe
FirewallRules: [{34EDEDD7-E071-4309-ACB2-0A956324CFF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{86CE3F67-29A0-4D22-91C4-83CB5865C86A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{E750D382-65EC-4411-B7AB-A0470CD5E727}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Evoland\Evoland.exe
FirewallRules: [{E75158E2-6FBA-49AC-A1F6-3CA4AB8CDF9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Evoland\Evoland.exe
FirewallRules: [{E67492A8-341A-49CB-B9BB-996E2CE68B22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{F28FCB23-F024-4554-A718-86B0BD7EB900}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{0A3DB786-3004-4DC3-BD69-B968907906F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheDarkEye Cos\satinav.exe
FirewallRules: [{4DFC538A-3100-4FE8-828B-0260DFB2BC52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheDarkEye Cos\satinav.exe
FirewallRules: [{0829A590-BF71-4B32-8D8B-6701E3C4150C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheDarkEye Cos\VisionaireConfigurationTool.exe
FirewallRules: [{A15B7EC2-AE31-4549-B51D-026B2874C839}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheDarkEye Cos\VisionaireConfigurationTool.exe
FirewallRules: [{7C35CAED-9D36-46C5-92DB-1DB0EF6E4EA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{8FEFA663-0629-4CCD-880B-DEA42D67A398}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{16B070E2-F933-40D8-A783-F7E105233CB5}] => (Allow) C:\Users\DreamChamber\AppData\Roaming\mjusbsp\magicJack.exe
FirewallRules: [{4D1E24D5-DCDF-4B46-AEA2-138F9568F467}] => (Allow) C:\Users\DreamChamber\AppData\Roaming\mjusbsp\magicJack.exe
FirewallRules: [{8762880A-E21E-4700-A9AB-A2EB4C072ADF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ghost Master\ghost.exe
FirewallRules: [{83D6AC2B-38C8-4DC0-8F33-A14EBC7B6A01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ghost Master\ghost.exe
FirewallRules: [{9646B5F2-A59E-4CE9-9822-47E16ADC63FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{E04CB441-8F15-4395-B073-7B351FBC615D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{975AA82C-2B4A-4CFE-9217-7A0CF13DC67C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Testament of Sherlock Holmes\game.exe
FirewallRules: [{F4A60AF2-AC22-47FF-A7C7-BB4A2988DD54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Testament of Sherlock Holmes\game.exe
FirewallRules: [{A155D0FA-94EB-4BCD-843D-EDA566B3EB03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anna\Anna.exe
FirewallRules: [{59F33DAB-2DE0-4E7C-9EC0-B28640D26F24}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anna\Anna.exe
FirewallRules: [TCP Query User{9C0C97B2-0B2F-46B9-97A8-A192AC8933A0}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{2D4478E8-3EE7-443F-8385-77969431C1F6}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [TCP Query User{E1160F59-8071-465E-A357-9F61C75C5D15}C:\program files (x86)\golden ftp server\gftp.exe] => (Block) C:\program files (x86)\golden ftp server\gftp.exe
FirewallRules: [UDP Query User{855E5751-5965-40EA-A9B4-D04A2D070FF4}C:\program files (x86)\golden ftp server\gftp.exe] => (Block) C:\program files (x86)\golden ftp server\gftp.exe
FirewallRules: [TCP Query User{C12FEE73-B7F2-45C5-8840-65832A8FE63C}C:\program files (x86)\golden ftp server\gftp.exe] => (Allow) C:\program files (x86)\golden ftp server\gftp.exe
FirewallRules: [UDP Query User{9C657844-CFE8-4779-8B34-3F2115655AB1}C:\program files (x86)\golden ftp server\gftp.exe] => (Allow) C:\program files (x86)\golden ftp server\gftp.exe
FirewallRules: [{A2B89529-019B-4EA4-BCE9-20B1AA5981C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{104042D1-5718-4EFB-8150-5849971642DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{6139F550-4F0B-4D79-9989-591709AA9B6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anna\Anna.exe
FirewallRules: [{B545B9FF-CC11-4DBF-95B8-DD931C2562DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anna\Anna.exe
FirewallRules: [{3D8B5FD6-8053-40A3-8D95-53EE9A5B2CBD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{D8955A97-84F6-4B78-94E6-6AAD4FF9A889}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{4D7016D8-3351-42A9-817B-B6D3F5391516}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Memoria\memoria.exe
FirewallRules: [{A318002C-41FF-4F67-8113-EFA457280C97}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Memoria\memoria.exe
FirewallRules: [{C6E65CC0-B40E-4E31-BB45-B3486C6D282F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Memoria\VisionaireConfigurationTool.exe
FirewallRules: [{EC7706CE-35C0-45F1-9D14-6C83CEBAE0F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Memoria\VisionaireConfigurationTool.exe
FirewallRules: [{8E3BB1E1-3899-4D33-B53A-0E233AA4E7FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{7A7934A6-0B9B-4D1E-8FB7-224B680BF608}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{B6FB4C1B-9FEE-445B-9635-12E90572FFA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\A New Beginning\anb.exe
FirewallRules: [{B536EC33-1D0E-422F-B915-1286AD89C56B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\A New Beginning\anb.exe
FirewallRules: [{AFAB982B-6E59-4CC4-8E69-94FA88B55018}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\A New Beginning\VisionaireConfigurationTool.exe
FirewallRules: [{AF78A47A-BE3D-4BCB-93D2-1140AA0EC337}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\A New Beginning\VisionaireConfigurationTool.exe
FirewallRules: [{E9E2FDFD-5A29-4FC5-861F-0C46C75CFB1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HauntedMemories\hm.exe
FirewallRules: [{087FA986-46F4-42C5-955D-C281C73FE514}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HauntedMemories\hm.exe
FirewallRules: [{886D0B37-1A89-4373-A36E-366FDB86CDC9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A0385A17-9F83-4C03-A30C-CCCB20E587B4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D93B12E4-E341-4EBA-83C2-619A638B027D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{D25E3459-3132-4C74-B6D4-431140EAFE98}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{FBDB0759-BD40-4AD1-BEEE-76B04A999A8D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Leisure Suit Larry in the Land of the Lounge Lizards Reloaded\LarryReloaded.exe
FirewallRules: [{DBB12787-01A3-4BBE-A2E3-69D774A412B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Leisure Suit Larry in the Land of the Lounge Lizards Reloaded\LarryReloaded.exe
FirewallRules: [{E342A094-31FE-4F36-8B1A-5DC33AEC43E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kairo\Kairo.exe
FirewallRules: [{64934275-AFA1-4BE7-BC58-D83504A758A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kairo\Kairo.exe
FirewallRules: [{C3C1A0B8-B841-442E-B006-531CEE670CB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kairo\Kairo.exe
FirewallRules: [{982376E6-DAFB-403B-AC68-E62EF27C0885}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kairo\Kairo.exe
FirewallRules: [{D221E20C-5BBF-4E60-931D-C816780B1CFA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{06E1979B-8D09-4B57-B38A-444FAA6C91D7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6757E637-8DE6-4B4E-BC4F-88B2DFCB89DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Return To Mysterious Island 2\RTMI2.exe
FirewallRules: [{272E76F6-07D1-430F-B74A-F1F2638AA7BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Return To Mysterious Island 2\RTMI2.exe
FirewallRules: [{188ABF2A-A850-4C74-ADC7-71EC65687AF2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Age\BrokenAge.exe
FirewallRules: [{F6FDABE2-5758-486D-B513-D9CFB0A84D48}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Age\BrokenAge.exe
FirewallRules: [{89F9C6ED-FD2F-4F4B-AF43-0C8185C527F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{28F87B43-10CB-4D70-8133-E8172D2FEB00}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{05A942DF-5BEF-49AB-AEB5-90251AB2956D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Child of Light\ChildofLight.exe
FirewallRules: [{441400B2-9F65-413A-89FF-63BA0770311B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Child of Light\ChildofLight.exe
FirewallRules: [{E3A7E869-AB5F-4C09-BD29-8E41004A51D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Child of Light\ChildofLight.exe
FirewallRules: [{AD5471C9-7E48-4987-9713-50C194FFD79E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Child of Light\ChildofLight.exe
FirewallRules: [{47EBE63E-BF14-4BFF-A8E8-E48B3FB811D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{E9D4DC42-A075-428F-B9DF-03B5D595B57E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{EBCE6BA0-336B-48D5-AAD2-01D0E5A2D245}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lifeless Planet\LifelessPlanet.exe
FirewallRules: [{1F881849-C0AE-45E0-9EB1-F0C705F1B182}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lifeless Planet\LifelessPlanet.exe
FirewallRules: [{930C63F3-1D9A-43E5-8D9C-8D189F592F56}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Faery - Legends of Avalon\FaerySteam.exe
FirewallRules: [{6DAC62DB-360E-4BCE-AB11-469652575779}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Faery - Legends of Avalon\FaerySteam.exe
FirewallRules: [{5B3FADE6-39C7-4DA4-9AF9-B4617270198B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CaptainMorgane\CaptainMorgane.exe
FirewallRules: [{B118B1DE-37BD-431F-A1A7-2858017BE61C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CaptainMorgane\CaptainMorgane.exe
FirewallRules: [{FFC330E3-700A-4516-A32F-68499836179F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Journey of a Roach\JoaR.exe
FirewallRules: [{DD0F4CAC-2D07-4DE3-B445-230C71C95DA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Journey of a Roach\JoaR.exe
FirewallRules: [{CAF32BCC-99A4-4715-B43F-06AABC9B45D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Journey of a Roach\JoaR_config.exe
FirewallRules: [{6222AB04-0882-48FF-865F-470B29673021}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Journey of a Roach\JoaR_config.exe
FirewallRules: [{859A9BE6-5C98-471A-B7CE-DCBE46B2E2EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{75FBD50E-3B7D-4E47-9262-F2843B13B787}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [TCP Query User{8ED55DB9-6C93-416B-84AF-3C9FAF2F01BF}C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [UDP Query User{552C1AEA-2242-4E3C-A073-3AF5DB6CFAC8}C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [{60E4950B-1DD8-4BFA-BF7A-E3C5097BB8A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risen\bin\Risen.exe
FirewallRules: [{A551178D-27BF-4C17-8FE0-297B168CBDFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risen\bin\Risen.exe
FirewallRules: [{8B0A0B0E-91A7-4709-9C2B-81DD15E79B21}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LastExpress\TheLastExpressSteam.exe
FirewallRules: [{6667778F-B083-4D24-BBEE-DA63619A4FF2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LastExpress\TheLastExpressSteam.exe
FirewallRules: [{7AFF8D4C-20A5-4BAE-BEF3-58C2D25C6524}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\UnearthedEpisode1\Unearthed-Episode1.exe
FirewallRules: [{A786CEC3-9A3D-482A-B0A4-FB82F04FC618}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\UnearthedEpisode1\Unearthed-Episode1.exe
FirewallRules: [{6D2AC9E1-85B6-48B9-BE46-C94B1F672C43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheRoom\TheRoom.exe
FirewallRules: [{A1442EB3-501C-43E2-AA3C-A1BBD2A9E5DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheRoom\TheRoom.exe
FirewallRules: [{70B7BA2D-08E3-47DA-8616-5A31E4BDD1E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{445B1BDE-3752-4F32-8198-65724A140122}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{890C595C-A9AD-4963-9482-96AFD117A36D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A6C4087C-4D8C-4845-9D73-2DBB721DA950}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{691AC28F-7D68-4B50-A303-AEFFE90BD0BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia\Deponia.exe
FirewallRules: [{56B43602-4602-4435-87FB-21A1A17EB257}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia\Deponia.exe
FirewallRules: [{4CA07892-E6AA-4786-967F-A223227B7FDF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{CB161629-3252-420C-9E0D-08B01FE5E001}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{C57A5A44-BA89-4DF2-A220-1F37443C1E82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risen 2\system\Risen2.exe
FirewallRules: [{DA939A19-A558-43A3-807E-6235DE311C13}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risen 2\system\Risen2.exe
FirewallRules: [{698D3538-683C-4B60-AB59-F9DD2FC5204E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Journey Down Chapter Two\JourneyDown2.exe
FirewallRules: [{4D582771-C07C-4FAC-9643-03D98FC8BEAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Journey Down Chapter Two\JourneyDown2.exe
FirewallRules: [{16AE40C5-FC00-4B06-AE81-80D3FBD7F361}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{88A3CDC1-7835-4A18-B8B3-26A962D2ED09}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{B67FE4CA-25D2-44C1-A173-CC68DD893EDE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{27632974-B315-4AD9-8EFD-FC91A99543A2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{E6FF4733-A080-4348-8109-48FF4FAFAD2F}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{4BE44172-CCE1-4670-B217-9FBDDAD3C7FB}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{0E4E3CA5-F359-487B-914F-5CACC8B93EB1}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [{C21886FB-D31B-40AD-8E53-9E4BE8A526D2}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{97062D20-CAFF-4FBB-A4BF-723FF3490486}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{BC78D06E-04DC-4E92-B1CC-D7F9285923E2}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [{E06147D2-BF13-4219-A547-013D2AEF0346}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [TCP Query User{677D14F1-1014-456A-9558-B9AF15642143}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe
FirewallRules: [UDP Query User{65EE236F-0041-4CA6-A031-7525D7657EC6}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe
FirewallRules: [{0FDA2C04-DE4E-4513-8A51-260F241D770E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{6EBF2892-3CD6-4124-BBF6-2F5FC87F055E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{0C661DEF-ED1F-4AEC-A238-D45BECD48760}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{9E071ABB-58E6-4E02-955D-19065D339E09}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{4E806844-B872-4366-84B1-26DABE087E4C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{96EA26E2-543E-487C-A32B-1BBF18313EA3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{260F6F92-63DF-4D44-BC63-98982BBFE98B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{21604EF8-72DA-4416-975B-5B1D0FE94ABA}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{F37178CD-F3D1-4D21-92F5-339695CB8ED3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{1E5921EA-AA57-4B4F-BB06-9C82B814CAAA}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{EAB81D90-6120-4728-AB10-60B0F55E3D37}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{28790628-496B-4654-A8D4-768CC533F467}] => (Allow) C:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [{A7F7767E-0004-479B-AA32-C192DBED92B8}] => (Allow) C:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [{3C445696-82B6-475C-BB25-7017D485202B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Critter Chronicles\CritterChronicles.exe
FirewallRules: [{F9FAED49-C904-4CF0-9C79-14BFDB10E641}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Critter Chronicles\CritterChronicles.exe
FirewallRules: [{02B122B9-8F0F-4C6C-8C70-A97C307D4A2E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F74858E0-A0BF-402B-A4BC-32FC0765A6AE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{039F2748-AD5A-4F90-BEA2-50668B0FD119}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anachronox\anox.exe
FirewallRules: [{7B7A764F-85F1-436A-9D6D-2235C7C38469}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anachronox\anox.exe
FirewallRules: [{CD44F53C-519A-4C5F-BCE6-5875489379EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Vanishing of Ethan Carter\Binaries\Launcher.exe
FirewallRules: [{D9D1BD49-B037-482B-98BC-54EEDB7376F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Vanishing of Ethan Carter\Binaries\Launcher.exe
FirewallRules: [{999D753C-FE01-42D3-ACFF-08E9DF06918C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCave\Cave.exe
FirewallRules: [{7917CE1A-B6E9-4A87-8AD8-C8B37B110AFB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCave\Cave.exe
FirewallRules: [{A0DD83BF-4EC7-4C92-B3A1-9A89BAB5CF72}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bastion\Bastion.exe
FirewallRules: [{D594218A-FC4F-4B44-BFDF-140D5B1536D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bastion\Bastion.exe
FirewallRules: [{F862957A-B458-4219-97B4-385AE20A8E44}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{793220AC-51DF-439D-AFC3-E2DB1A34540F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{EDDA5A84-92AF-4DCE-A4CB-41A80A2FC69A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{A73575E3-32E6-48A8-A198-C93761E8199E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{D46305AE-91CC-40A6-B377-FF574DD28B99}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dream\_Rift\Binaries\Win32\DreamRift.exe
FirewallRules: [{49F36C5D-4961-4BB8-B4CE-F4C5A4DDE91A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dream\_Rift\Binaries\Win32\DreamRift.exe
FirewallRules: [{3DA751A3-AD21-4A7D-AD65-F091BC3D2FE9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6D155C01-F698-4F3D-BA92-854B42BE029B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0C74EDDD-4A71-41EF-A8FF-C61245FE0CDF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E7164EC4-2DA7-4EB4-B544-A714A50C2BD3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FC808EDB-18FC-4AE8-AA36-C306E9184C1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Contrast\Binaries\Win32\ContrastGame.exe
FirewallRules: [{B8D3F327-7637-42C9-A72E-0CA3C51BE695}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Contrast\Binaries\Win32\ContrastGame.exe
FirewallRules: [{2FBC66AC-663C-4CE0-9635-E252E68EEFCC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe
FirewallRules: [{26CE163E-464C-40F1-B8E5-007367A59526}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe
FirewallRules: [{ABF4589F-0D1E-4CD3-8EB4-FE666C490ABD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Sword 5\BS5.exe
FirewallRules: [{318A27DA-10BF-4E67-A3BB-635DE28EDC6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Sword 5\BS5.exe
FirewallRules: [{EFE3A83F-1F4B-4A33-8014-F217A5BC486E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{B6368057-9622-49A0-A9F8-ADDC426E6BC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{FC800AB4-6593-419A-87E5-A2950D9954CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{D77EA657-0D6D-4B22-B5E8-921BE172287F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{25A03098-847F-45F4-8F61-B4E707984A61}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dream\Binaries\Win32\Dream.exe
FirewallRules: [{730A6A27-B356-43A8-8630-5C640B6E2271}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dream\Binaries\Win32\Dream.exe
FirewallRules: [{00FECE0C-BD43-4395-A65A-379AB12F1FD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Labyronia\Game.exe
FirewallRules: [{6D4BE474-6642-4333-A0C7-9D80045F13EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Labyronia\Game.exe
FirewallRules: [{27F71AAB-8FFB-4B93-B24D-1704352ED68F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fester Mudd - Episode 1\fester_mudd_win.exe
FirewallRules: [{E5F2232B-013D-4026-8879-9382C262B0B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fester Mudd - Episode 1\fester_mudd_win.exe
FirewallRules: [{7756C590-2530-4EAE-934F-7FFBBBCB9E38}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{09963CAD-A02A-4505-9ABF-F7E9A315C80A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\GOG.com\Iron Storm\IronStorm.exe] => Enabled:Iron Storm
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\GOG.com\Iron Storm\IronStorm_DS.exe] => Enabled:Iron Storm DS

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/17/2015 04:15:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2015 04:15:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0 "1 ".
Dependent Assembly rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/17/2015 04:01:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2015 04:00:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0 "1 ".
Dependent Assembly rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/15/2015 07:32:04 PM) (Source: MsiInstaller) (EventID: 10005) (User: DreamChamber-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27028. CA_Error27028: WriteCfgValue(0xE001003E): Writing config value failed

Error: (08/15/2015 07:31:53 PM) (Source: MsiInstaller) (EventID: 11311) (User: DreamChamber-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\MFAData\pack\GUIa.cab. Verify that the file exists and that you can access it.

Error: (08/15/2015 07:31:45 PM) (Source: MsiInstaller) (EventID: 11311) (User: DreamChamber-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\MFAData\pack\basea.cab. Verify that the file exists and that you can access it.

Error: (08/15/2015 06:28:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2015 06:27:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0 "1 ".
Dependent Assembly rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/15/2015 10:44:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (08/17/2015 04:15:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Beep
Lbd
SBRE

Error: (08/17/2015 04:15:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: DgiVecp%%2

Error: (08/17/2015 04:01:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Beep
Lbd
SBRE

Error: (08/17/2015 04:01:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: DgiVecp%%2

Error: (08/15/2015 07:32:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: AVG AVI Loader Driver%%3758161981

Error: (08/15/2015 06:28:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Beep
Lbd
SBRE

Error: (08/15/2015 06:28:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: DgiVecp%%2

Error: (08/15/2015 10:44:15 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Beep
Lbd
SBRE

Error: (08/15/2015 10:44:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: DgiVecp%%2

Error: (08/12/2015 04:43:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Beep
Lbd
SBRE

Microsoft Office:
=========================
Error: (08/17/2015 04:15:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2015 04:15:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0 "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe

Error: (08/17/2015 04:01:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2015 04:00:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0 "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe

Error: (08/15/2015 07:32:04 PM) (Source: MsiInstaller) (EventID: 10005) (User: DreamChamber-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27028. CA_Error27028: WriteCfgValue(0xE001003E): Writing config value failed(NULL)(NULL)(NULL)(NULL)

Error: (08/15/2015 07:31:53 PM) (Source: MsiInstaller) (EventID: 11311) (User: DreamChamber-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\MFAData\pack\GUIa.cab. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)

Error: (08/15/2015 07:31:45 PM) (Source: MsiInstaller) (EventID: 11311) (User: DreamChamber-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\MFAData\pack\basea.cab. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)

Error: (08/15/2015 06:28:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2015 06:27:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language= "* ",type= "win32 ",version= "1.0.0.0 "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe

Error: (08/15/2015 10:44:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity:
===================================
Date: 2015-08-17 16:35:44.080
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-17 16:35:43.848
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-17 16:35:43.567
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-17 16:35:43.317
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-17 16:35:42.943
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-17 16:35:42.693
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-17 16:35:42.444
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-17 16:35:42.194
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-17 16:34:17.881
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-08-17 16:34:17.631
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz
Percentage of memory in use: 60%
Total physical RAM: 4093.64 MB
Available physical RAM: 1633.97 MB
Total Virtual: 8362.51 MB
Available Virtual: 5848.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:31.88 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Fable III) (CDROM) (Total:7.56 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 481862CC)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of log ============================

broni · 2015/08/17

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

blakston6286 · 2015/08/18

I downloaded the fixlist.txt file and then it started running immediately and it blue screened my computer with messages that it was doing something like a Crash Dump something or other. I panicked and rebooted my computer before it got too far. If something like that was supposed to happen please give me some kind of informative warning because it simply did not feel like a good thing was happening.

blakston6286 · 2015/08/18

OK I downloaded it once more and clicked on save to desktop.

The FIXLIST.txt file is sitting on my desktop as I speak.

I am confused as to whether or not I run another FRST test and then click on the FIX button when it is finished or??????

broni · 2015/08/18

Yes, re-run FRST and click "Fix" button.

blakston6286 · 2015/08/19

OK Here is the FIX file.
I noticed something weird..... there is an entry that says C:\Users\DreamChamber\Documents\Hate Campaign.eml => ":OECustomProperty" ADS removed successfully.
, which was successfully removed...that is disturbing. What kind of attachment or file was that???

Fix result of Farbar Recovery Scan Tool (x64) Version:17-08-2015
Ran by DreamChamber (2015-08-18 23:00:44) Run:1
Running from C:\Users\DreamChamber\Desktop
Loaded Profiles: DreamChamber (Available Profiles: DreamChamber)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2619349527-444009395-1191911321-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2619349527-444009395-1191911321-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
Toolbar: HKU\S-1-5-21-2619349527-444009395-1191911321-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx <not found>
S1 Beep; no ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CT20XUT.DLL; system32\CT20XUT.DLL [X]
S3 CTEXFIFX.DLL; system32\CTEXFIFX.DLL [X]
S3 CTHWIUT.DLL; system32\CTHWIUT.DLL [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RET55a64; \??\C:\Program Files (x86)\BeyondTrust\Retina 5\Scanner\RET55a64.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
Task: {3211AF84-3B8D-44ED-9EEC-7E62300E12FC} - \0 -> No File <==== ATTENTION
Task: {9B960591-D34D-44F1-B9D0-D522D633E224} - \SparkTrust PC Cleaner Plus Startup -> No File <==== ATTENTION
Task: {CE52D313-75C6-4EB7-865D-C1E9505B8A76} - \SparkTrust PC Cleaner Plus_sch_AF48A024-36E9-11E5-9D1B-00044B18017B -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\DreamChamber\Documents\Hate Campaign.eml:OECustomProperty

*****************

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-2619349527-444009395-1191911321-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-2619349527-444009395-1191911321-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKU\S-1-5-21-2619349527-444009395-1191911321-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole" => key removed successfully
Beep => service removed successfully
catchme => service removed successfully
CT20XUT.DLL => service removed successfully
CTEXFIFX.DLL => service removed successfully
CTHWIUT.DLL => service removed successfully
DgiVecp => service removed successfully
IpInIp => service removed successfully
Lbd => service removed successfully
NwlnkFlt => service removed successfully
NwlnkFwd => service removed successfully
RET55a64 => service removed successfully
SBRE => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3211AF84-3B8D-44ED-9EEC-7E62300E12FC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3211AF84-3B8D-44ED-9EEC-7E62300E12FC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9B960591-D34D-44F1-B9D0-D522D633E224}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B960591-D34D-44F1-B9D0-D522D633E224}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SparkTrust PC Cleaner Plus Startup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE52D313-75C6-4EB7-865D-C1E9505B8A76}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE52D313-75C6-4EB7-865D-C1E9505B8A76}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SparkTrust PC Cleaner Plus_sch_AF48A024-36E9-11E5-9D1B-00044B18017B" => key removed successfully
C:\Users\DreamChamber\Documents\Hate Campaign.eml => ":OECustomProperty" ADS removed successfully.

==== End of Fixlog 23:00:44 ====

blakston6286 · 2015/08/19

I won't run anything else till I here from you.
Lots of strange entries in this log...

broni · 2015/08/19

What kind of attachment or file was that???
Click to expand...

There is no way for me to tell.

Last scans...

Download Security Check from here or here and save it to your Desktop.

Double-click SecurityCheck.exe

Follow the onscreen instructions inside of the black box.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:

Internet Services

Windows Firewall

System Restore

Security Center

Windows Update

Windows Defender

Other Services

Press "Scan ".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

Double click on TFC.exe to run the program.

Click on Start button to begin cleaning process.

TFC will close all running programs, and it may ask you to restart computer.

Download Sophos Free Virus Removal Tool and save it to your desktop.

Double click the icon and select Run

Click Next

Select I accept the terms in this license agreement, then click Next twice

Click Install

Click Finish to launch the program

Once the virus database has been updated click Start Scanning

If any threats are found click Details, then View log file... (bottom left hand corner)

Copy and paste the results in your reply

Close the Notepad document, close the Threat Details screen, then click Start cleanup

Click Exit to close the program

Log in or Sign up

Solved Following instructions to post my FARBAR results here

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

broni Moderator Malware Analyst

blakston6286 Well-Known Member Thread Starter

broni Moderator Malware Analyst

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

broni Moderator Malware Analyst

Attached Files:

fixlist.txt

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

broni Moderator Malware Analyst

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Solved Following instructions to post my FARBAR results here

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

broni Moderator Malware Analyst

blakston6286 Well-Known Member Thread Starter

broni Moderator Malware Analyst

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

broni Moderator Malware Analyst

Attached Files:

fixlist.txt

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

broni Moderator Malware Analyst

blakston6286 Well-Known Member Thread Starter

blakston6286 Well-Known Member Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches