Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to start any antivirus software, cannot browse any websites


  • This topic is locked This topic is locked
9 replies to this topic

#1 seeker103

seeker103

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:53 AM

Posted 24 August 2015 - 09:43 AM

Hi,
 
My computer has been acting strange starting from the last weekend, I need some help to get it fixed. I started to notice something was going on when I turned on the computer and found out that I cannot load any websites even though it's connected to the Internet. I know for sure that it wasn't connectivity issue because the other PCs on the same network works fine. I tried rebooting, few times after it seemed to have worked, but then it happened again on the next day. The connection problem goes away in safe mode. That's when I tried to do a virus scan with Avast and Malwarebytes Anti-malware, only to find that they can only be started in the safe mode. It would prompt "permission denied" when I tried to kill the Avast process.
 
Another thing I've noticed was that the package sent and received shown in the Internet connection status remains very active even though I wasn't trying to browse anything on the Internet.
 
Right now I am on safe mode and have ran FRST and Malwarebytes. Malwarebytes result shows clean. Below is the FRST log.
 
Thanks in advance,
Dean
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-08-2015
Ran by Dean (administrator) on DEAN-PC (24-08-2015 22:08:53)
Running from C:\Users\Dean\Downloads
Loaded Profiles: Dean (Available Profiles: Dean)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: 中文 (繁體,香港特別行政區)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [Rapoo 8300] => C:\Program Files (x86)\Rapoo\8300\8300_Mouse.exe [2571776 2010-12-14] ()
HKLM-x32\...\Run: [Rapoo LedStatus] => C:\Program Files (x86)\Rapoo\8300\LedStatus\LedStatus.exe [1701888 2010-10-14] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Run: [Nexus] => [X]
HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Run: [Nexus-Ultimate] => C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe [18509952 2014-07-08] (Winstep Software Technologies)
HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Run: [Google Update] => C:\Users\Dean\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.)
HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Run: [Switcher] => C:\Program Files (x86)\Switcher\Switcher.exe [425984 2007-10-28] (Bao_Nguyen)
HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Run: [HP Deskjet 3070 B611 series (NET)] => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [4527424 2011-08-17] (DT Soft Ltd)
HKU\S-1-5-18\...\RunOnce: [AOD] => C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune
Startup: C:\Users\Dean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoHotkey.lnk [2013-07-03]
ShortcutTarget: AutoHotkey.lnk -> C:\Program Files\AutoHotkey\AutoHotkey.exe ()
Startup: C:\Users\Dean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2013-06-24]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-29] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dean\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dean\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dean\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dean\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [AAADesktopTips] -> {4562B511-62E9-4533-B7B2-56A8BB10B482} => C:\Users\Public\Thunder Network\KanKan\reghelper\xappex.1.1.1.70.(457).dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dean\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dean\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dean\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dean\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2371761838-3269241468-585396966-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-2371761838-3269241468-585396966-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/zh-hk/?ocid=iehp
SearchScopes: HKU\S-1-5-21-2371761838-3269241468-585396966-1000 -> DefaultScope {1FF7973D-AB0A-496d-82C1-4EADBBA11E7B} URL = hxxp://www.soso.com/q?sc=web&cid=th.ub&w={searchTerms}&cin=m6dFVYawklRe1Vk10DKFxg0000c60g00&lr=&ie={inputEncoding}&unc=y400372_95
SearchScopes: HKU\S-1-5-21-2371761838-3269241468-585396966-1000 -> {1FF7973D-AB0A-496d-82C1-4EADBBA11E7B} URL = hxxp://www.soso.com/q?sc=web&cid=th.ub&w={searchTerms}&cin=m6dFVYawklRe1Vk10DKFxg0000c60g00&lr=&ie={inputEncoding}&unc=y400372_95
BHO: No Name -> {004B0726-A010-4ABF-8556-FCDB7F1FCA1E} ->  No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-09-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-29] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-09-16] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-09-25] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-14] (Oracle Corporation)
BHO-x32: No Name -> {889D2FEB-5411-4565-8998-1DD2C5261283} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-29] (Avast Software s.r.o.)
BHO-x32: Microsoft 帳戶登入協助程式 -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-09-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-14] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 9.0 Helper -> {E31CE47F-C268-41ba-897B-B415E613947D} -> E:\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO90.dll No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{1DD68048-DCEF-4BEB-8E10-B30147D3F4EE}: [DhcpNameServer] 192.168.8.1

FireFox:
========
FF ProfilePath: C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default
FF Homepage: hk.yahoo.com
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-19] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @qvod.com/QvodShare -> C:\Program Files (x86)\QvodPlayer\npShareModule_x64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-19] ()
FF Plugin-x32: @alipay.com/npaliedit -> C:\Windows\system32\aliedit\3.6.0.0\npaliedit.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @baidu.com/npxbdyy -> C:\Program Files (x86)\Baidu\BaiduPlayer\1.19.0.137\npxbdyy.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @funshion.com/npFunshion -> C:\Users\Dean\funshion\funshiontools\npFunshion.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @pptv.com/plugin -> C:\Program Files (x86)\Internet Explorer\PPLite\plugin\1.0.1.3471\npplugin2.dll [2013-02-22] (PPLive Corporation)
FF Plugin-x32: @raidcall.com/RCplugin -> C:\Users\Dean\AppData\LocalLow\RCTW\plugins\webplugin_tw.dll [2012-04-06] (Raidcall)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Dean\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2012-07-09] (Raidcall)
FF Plugin-x32: @raidcall.tw/RCplugin -> C:\Users\Dean\AppData\Roaming\RCTW\plugins\nprcplugin.dll [No File]
FF Plugin-x32: @soupingguo.com/npSpg -> C:\Program Files (x86)\搜蘋果\Addin\npSpg.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.0-pre3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-08-29] (VideoLAN)
FF Plugin-x32: @xunlei.com/npxluser -> C:\Program Files (x86)\Common Files\Thunder Network\UserAgent\npxluser2.0.2.2.dll [2013-06-08] (Thunder Networking Technologies,LTD)
FF Plugin-x32: @xunlei.com/npxunlei;version=1.0.0.2 -> C:\Program Files (x86)\Thunder Network\Thunder\Data\npxunlei1.0.0.2.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2013-03-11] ()
FF Plugin HKU\S-1-5-21-2371761838-3269241468-585396966-1000: @qvod.com/QvodInsert -> C:\Program Files (x86)\QvodPlayer\npQvodInsert.dll No File
FF Plugin HKU\S-1-5-21-2371761838-3269241468-585396966-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2371761838-3269241468-585396966-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2371761838-3269241468-585396966-1000: @xunlei.com/npxluser -> C:\Program Files (x86)\Common Files\Thunder Network\UserAgent\npxluser2.0.2.2.dll [2013-06-08] (Thunder Networking Technologies,LTD)
FF Plugin HKU\S-1-5-21-2371761838-3269241468-585396966-1000: @xunlei.com/npxunlei;version=1.0.0.2 -> C:\Program Files (x86)\Thunder Network\Thunder\Data\npxunlei1.0.0.2.dll No File
FF Plugin HKU\S-1-5-21-2371761838-3269241468-585396966-1000: facebook.com/fbDesktopPlugin -> C:\Users\Dean\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [2013-03-07] (Facebook, Inc.)
FF Plugin HKU\S-1-5-21-2371761838-3269241468-585396966-1000: gf2.gameflier.com/WebLauncher -> C:\Program Files (x86)\GF2_WebLaunch\npWebLauncher.dll No File
FF Plugin HKU\S-1-5-21-2371761838-3269241468-585396966-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\searchplugins\katcr.xml [2015-05-03]
FF SearchPlugin: C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\searchplugins\youtube-.xml [2015-07-16]
FF Extension: BYTubeD - Bulk YouTube video Downloader - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\bytubed@cs213.cse.iitk.ac.in [2014-12-21]
FF Extension: NetVideoHunter - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\netvideohunter@netvideohunter.com [2015-06-01]
FF Extension: Tab Groups Helper - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\tabgroupshelper@kevinallasso.org [2015-06-06]
FF Extension: YouTube Unblocker - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\youtubeunblocker@unblocker.yt [2015-08-05]
FF Extension: WOT - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-09]
FF Extension: Firebug - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\firebug@software.joehewitt.com.xpi [2015-01-02]
FF Extension: Focus Regainer - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\focus@regainer.wproxym.xpi [2014-12-21]
FF Extension: MZ8 - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\someone@somewhere.xpi [2014-12-21]
FF Extension: Super Drag - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\superdrag@enjoyfreeware.org.xpi [2015-01-03]
FF Extension: All-in-One Sidebar - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2014-12-21]
FF Extension: FlashGot - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-12-21]
FF Extension: {631108f7-4600-49e1-8378-288cba1ecdd2} - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\{631108f7-4600-49e1-8378-288cba1ecdd2}.xpi [2014-12-21]
FF Extension: NoScript - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-01-22]
FF Extension: TabRenamizer - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\{792BDDFE-2E7C-42ed-B18D-18154D2761BD}.xpi [2015-07-01]
FF Extension: YouTube High Definition - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-12-21]
FF Extension: View Cookies - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\{8F6A6FD9-0619-459f-B9D0-81DE065D4E21}.xpi [2015-01-26]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-12-21]
FF Extension: Fasterfox - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2014-12-21]
FF Extension: Adblock Plus - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-21]
FF Extension: YouTube Flash Video Player - C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2015-05-02]
FF HKLM-x32\...\Firefox\Extensions: [{1B33E42F-EF14-4cd3-B6DC-174571C4349C}] - C:\Program Files (x86)\Thunder Network\Thunder\BHO\FireFox
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-01]

Chrome:
=======
CHR Profile: C:\Users\Dean\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (MEGA) - C:\Users\Dean\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2014-11-12]
CHR Extension: (Avast Online Security) - C:\Users\Dean\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-02]
CHR Extension: (crxMouse Chrome Gestures) - C:\Users\Dean\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2014-04-26]
CHR Extension: (Star Se7en) - C:\Users\Dean\AppData\Local\Google\Chrome\User Data\Default\Extensions\kembffdaaophkgdjpheebhhlaihpagjp [2014-04-27]
CHR Extension: (Chromium Wheel Smooth Scroller) - C:\Users\Dean\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb [2014-04-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (TabCloud) - C:\Users\Dean\AppData\Local\Google\Chrome\User Data\Default\Extensions\npecfdijgoblfcgagoijgmgejmcpnhof [2014-04-25]
CHR HKLM-x32\...\Chrome\Extension: [aaaaoggiphohkihibdkcnhnokmkfmhnj] - C:\Users\Dean\AppData\Local\APN\GoogleCRXs\aaaaoggiphohkihibdkcnhnokmkfmhnj_7.14.1.0.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-07]
CHR HKLM-x32\...\Chrome\Extension: [hmbifdmobcbjlhplmlnbjbofnnoolink] - C:\Program Files (x86)\Thunder Network\Thunder\BHO\xl_plugin_chrome.crx <not found>
StartMenuInternet: Google Chrome - C:\Users\Dean\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-29] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-29] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-25] ()
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-03-03] (Microsoft Corporation) [File not signed]
S2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 MlCyMonSvc; C:\Windows\SysWOW64\MlCyMonSvc.exe [85504 2013-11-29] () [File not signed]
S4 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29178224 2007-02-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S4 MySQL56; C:\ProgramData\MySQL\MySQL Server 5.6\my.ini [14242 2013-11-30] () [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3357336 2014-11-12] (INCA Internet Co., Ltd.)
S3 Origin Client Service; E:\Games @ E\Origin\OriginClientService.exe [2007048 2015-08-18] (Electronic Arts)
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-05-24] (Microsoft Corporation) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-05-15] ()
S2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
S2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)
S2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-05-04] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation) [File not signed]
S4 PPTVService; C:\Windows\SysWOW64\PPTVSvc.dll [X]
S2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-29] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-29] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-29] (Avast Software s.r.o.)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-29] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-29] (Avast Software s.r.o.)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-29] (Avast Software s.r.o.)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-29] ()
S3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] (Microsoft Corporation) [File not signed]
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [271424 2012-06-20] (DT Soft Ltd)
R3 IPvE; C:\Windows\System32\DRIVERS\IPvEx64.sys [32240 2011-04-18] (IPVE)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MlCyMon; C:\Windows\System32\Drivers\MlCyMon.sys [422656 2013-12-04] (MUSILAND®)
R3 MlCyMonBus; C:\Windows\System32\Drivers\MlCyMonBus.sys [33376 2013-12-04] (MUSILAND®)
S3 MlCyMonFW; C:\Windows\System32\Drivers\MlCyMonFW.sys [59096 2013-12-04] (MUSILAND®)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [115272 2012-03-25] (MotioninJoy) [File not signed]
S3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-27] (Microsoft Corporation) [File not signed]
S3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-09] (Microsoft Corporation) [File not signed]
S3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-27] (Microsoft Corporation) [File not signed]
R3 rp24msdrv; C:\Windows\System32\drivers\rp24msdrv.sys [28416 2010-12-01] ()
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-13] (Realtek Semiconductor Corporation                           )
S2 SADP_NPF; C:\Windows\SysWOW64\drivers\sadp_npf64.sys [35344 2013-07-29] (CACE Technologies, Inc.)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-11] () [File not signed]
S3 SndTAudio; C:\Windows\System32\drivers\SndTAudio.sys [33336 2010-04-28] (Windows ® Codename Longhorn DDK provider)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2012-06-23] (Duplex Secure Ltd.)
S3 SRS_AE_Service; C:\Windows\System32\drivers\SRS_AE_amd64.sys [513824 2011-08-01] ()
S3 SRS_SSCFilter; C:\Windows\System32\drivers\srs_sscfilter_amd64.sys [346992 2009-12-15] ()
S3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-29] (Microsoft Corporation) [File not signed]
S3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-29] (Microsoft Corporation) [File not signed]
S3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-29] (Microsoft Corporation) [File not signed]
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-11-03] ()
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2010-01-21] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27648 2010-01-21] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33280 2010-01-21] (LG Electronics Inc.)
S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-29] (Avast Software)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 VSPerfDrv90; E:\Microsoft Visual Studio 9.0\Team Tools\Performance Tools\x64\VSPerfDrv90.sys [71024 2007-09-05] (Microsoft Corporation)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-24 22:08 - 2015-08-24 22:09 - 00029285 _____ C:\Users\Dean\Downloads\FRST.txt
2015-08-24 22:08 - 2015-08-24 22:08 - 00000000 ____D C:\FRST
2015-08-24 22:07 - 2015-08-24 22:08 - 02173952 _____ (Farbar) C:\Users\Dean\Downloads\FRST64.exe
2015-08-21 20:47 - 2015-08-21 20:47 - 00058877 _____ C:\Windows\SysWOW64\CCCInstall_201508212047106593.log
2015-08-21 20:47 - 2015-08-21 20:47 - 00000000 ____D C:\Users\Dean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-21 20:47 - 2015-08-21 20:47 - 00000000 ____D C:\ProgramData\ATI
2015-08-21 20:46 - 2015-08-21 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-20 21:55 - 2015-08-20 21:55 - 00000000 ____D C:\FS2Log
2015-08-11 22:23 - 2015-08-24 00:42 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2015-08-10 00:13 - 2015-08-10 00:13 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-08-04 14:28 - 2015-08-04 14:28 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-08-04 14:28 - 2015-08-04 14:28 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-08-04 14:28 - 2015-08-04 14:28 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-08-04 14:28 - 2015-08-04 14:28 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-08-04 14:28 - 2015-08-04 14:28 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-08-04 14:27 - 2015-08-04 14:27 - 08893160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-08-04 14:27 - 2015-08-04 14:27 - 08779872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-08-04 14:25 - 2015-08-04 14:25 - 00297672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-08-04 14:23 - 2015-08-04 14:23 - 21622784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-08-04 14:19 - 2015-08-04 14:19 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-08-04 14:18 - 2015-08-04 14:18 - 47785472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-08-04 14:14 - 2015-08-04 14:14 - 39714304 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-08-04 14:09 - 2015-08-04 14:09 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-04 14:09 - 2015-08-04 14:09 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-08-04 13:58 - 2015-08-04 13:58 - 27535872 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-08-04 13:57 - 2015-08-04 13:57 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-08-04 12:12 - 2015-08-04 12:12 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-08-04 12:12 - 2015-08-04 12:12 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-08-04 12:11 - 2015-08-04 12:11 - 06477312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-08-04 11:43 - 2015-08-04 11:43 - 05068288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-08-04 11:21 - 2015-08-04 11:21 - 00093696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-08-04 11:21 - 2015-08-04 11:21 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-08-04 10:55 - 2015-08-04 10:55 - 30752256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-08-04 10:25 - 2015-08-04 10:25 - 00660928 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-08-04 10:25 - 2015-08-04 10:25 - 00660928 _____ C:\Windows\system32\atiapfxx.blb
2015-08-04 10:25 - 2015-08-04 10:25 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-08-04 10:25 - 2015-08-04 10:25 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-08-04 10:25 - 2015-08-04 10:25 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-08-04 10:24 - 2015-08-04 10:24 - 15716864 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-08-04 10:24 - 2015-08-04 10:24 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-08-04 10:24 - 2015-08-04 10:24 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-08-04 10:21 - 2015-08-04 10:21 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-08-04 10:21 - 2015-08-04 10:21 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-08-04 10:21 - 2015-08-04 10:21 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-08-04 10:16 - 2015-08-04 10:16 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-08-04 10:07 - 2015-08-04 10:07 - 00672768 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-08-04 10:07 - 2015-08-04 10:07 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-08-04 10:07 - 2015-08-04 10:07 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-08-04 10:07 - 2015-08-04 10:07 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-08-04 10:07 - 2015-08-04 10:07 - 00160256 _____ C:\Windows\system32\atieah64.exe
2015-08-04 10:07 - 2015-08-04 10:07 - 00143872 _____ C:\Windows\SysWOW64\atieah32.exe
2015-08-04 10:07 - 2015-08-04 10:07 - 00029696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-08-04 10:06 - 2015-08-04 10:06 - 00246784 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-08-04 10:05 - 2015-08-04 10:05 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-08-04 10:00 - 2015-08-04 10:00 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-08-04 09:48 - 2015-08-04 09:48 - 00865792 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2015-08-04 09:43 - 2015-08-04 09:43 - 01247744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-08-04 09:43 - 2015-08-04 09:43 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-08-04 09:43 - 2015-08-04 09:43 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-08-04 09:43 - 2015-08-04 09:43 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-08-04 09:42 - 2015-08-04 09:42 - 00665088 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-08-04 09:42 - 2015-08-04 09:42 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-08-04 09:37 - 2015-08-04 09:37 - 00102912 _____ C:\Windows\system32\hsa-thunk64.dll
2015-08-04 09:37 - 2015-08-04 09:37 - 00102400 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-08-04 09:35 - 2015-08-04 09:35 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-07-31 23:58 - 2015-08-24 20:35 - 00005513 _____ C:\Windows\setupact.log
2015-07-31 23:58 - 2015-07-31 23:58 - 00000000 _____ C:\Windows\setuperr.log
2015-07-31 23:31 - 2015-08-24 20:39 - 00004708 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Dean-PC-Dean Dean-PC
2015-07-26 21:59 - 2015-07-26 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-07-26 20:27 - 2015-07-26 20:29 - 02620264 _____ C:\Users\Dean\Downloads\3DMGAME-Fallout.GOG.Classic.ISO-RAiN.rar.part

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-24 21:16 - 2014-11-01 20:08 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-24 21:05 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-24 21:01 - 2012-06-09 15:12 - 00000254 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2015-08-24 21:00 - 2011-11-16 17:51 - 00007647 _____ C:\Users\Dean\AppData\Local\resmon.resmoncfg
2015-08-24 20:43 - 2015-07-21 21:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-24 20:42 - 2009-07-14 12:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-24 20:42 - 2009-07-14 12:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-24 20:38 - 2011-11-17 01:09 - 00000548 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2371761838-3269241468-585396966-1000UA.job
2015-08-24 20:36 - 2015-06-27 23:41 - 00000435 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-08-24 20:36 - 2014-11-01 21:16 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-24 20:36 - 2009-07-14 13:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-24 19:59 - 2012-04-12 01:45 - 00000578 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2371761838-3269241468-585396966-1000UA.job
2015-08-24 19:55 - 2012-04-12 01:45 - 00000556 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2371761838-3269241468-585396966-1000Core.job
2015-08-24 07:54 - 2011-11-16 17:33 - 01185866 _____ C:\Windows\WindowsUpdate.log
2015-08-24 02:38 - 2011-11-17 01:09 - 00000496 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2371761838-3269241468-585396966-1000Core.job
2015-08-24 00:35 - 2015-04-28 22:23 - 00000000 ____D C:\Users\Dean\AppData\Roaming\foobar2000
2015-08-23 22:30 - 2012-01-05 15:09 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-23 22:25 - 2011-11-21 20:13 - 00000000 ____D C:\Users\Dean\AppData\Roaming\Skype
2015-08-23 11:38 - 2015-02-11 21:15 - 00000000 ____D C:\Users\Dean\AppData\Roaming\vlc
2015-08-23 09:48 - 2013-05-30 16:33 - 00000000 ____D C:\Users\Dean\AppData\Local\CrashDumps
2015-08-23 09:40 - 2013-06-27 13:54 - 00003872 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8B2A4A9E-C913-4828-A2D8-31F88F38F998}
2015-08-22 09:43 - 2015-02-06 14:35 - 00000000 ____D C:\Users\Dean\AppData\Roaming\qBittorrent
2015-08-21 20:46 - 2014-05-26 18:55 - 00000000 ____D C:\Program Files\AMD
2015-08-21 20:46 - 2011-11-16 18:14 - 00000000 ____D C:\ProgramData\AMD
2015-08-21 20:41 - 2012-10-22 10:05 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-21 20:36 - 2011-10-18 00:01 - 00000000 ____D C:\AMD
2015-08-19 00:42 - 2015-05-02 21:44 - 00000000 ____D C:\Users\Dean\AppData\Roaming\Mp3tag
2015-08-18 21:05 - 2011-11-17 01:18 - 00000000 ____D C:\ProgramData\Origin
2015-08-18 21:00 - 2011-11-17 01:19 - 00000000 ____D C:\Users\Dean\AppData\Roaming\Origin
2015-08-15 17:57 - 2014-11-05 13:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-15 17:57 - 2011-11-21 20:13 - 00000000 ____D C:\ProgramData\Skype
2015-08-10 00:13 - 2011-11-16 18:22 - 00000000 ____D C:\Users\Dean\Documents\My Games
2015-08-04 14:28 - 2014-10-05 03:08 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-08-04 14:28 - 2014-10-05 03:07 - 10094152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-08-04 14:28 - 2014-09-16 06:31 - 07929616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-08-04 14:28 - 2014-09-16 06:31 - 07408936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-08-04 14:28 - 2014-09-16 06:31 - 01193904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-08-04 14:28 - 2014-09-16 06:31 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-08-04 14:28 - 2014-06-21 13:26 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-08-04 14:28 - 2014-06-21 13:25 - 11948704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-08-04 14:28 - 2011-07-28 17:39 - 01445224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-08-04 10:32 - 2014-11-21 10:19 - 25299968 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-08-04 09:43 - 2014-11-21 10:09 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-08-04 09:43 - 2014-11-21 10:09 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-08-04 09:42 - 2014-11-21 10:08 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-07-31 23:33 - 2014-11-09 21:52 - 00000000 ____D C:\Users\Public\Documents\Winstep
2015-07-26 21:59 - 2009-07-14 13:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-26 21:36 - 2009-08-29 12:17 - 00501746 _____ C:\Windows\system32\prfh0404.dat
2015-07-26 21:36 - 2009-08-29 12:17 - 00160496 _____ C:\Windows\system32\prfc0404.dat
2015-07-26 21:36 - 2009-07-14 13:13 - 01618714 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-26 21:06 - 2014-11-01 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-26 21:06 - 2014-11-01 20:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

==================== Files in the root of some directories =======

2013-06-19 21:30 - 2013-08-20 20:41 - 0001078 _____ () C:\Users\Dean\AppData\Roaming\base64.cer
2011-11-21 23:46 - 2015-02-06 04:48 - 0000954 _____ () C:\Users\Dean\AppData\Roaming\CoreAVC.ini
2015-01-28 22:19 - 2015-01-28 22:19 - 0001658 _____ () C:\Users\Dean\AppData\Roaming\SvcTraceViewer.exe.settings
2013-12-25 01:00 - 2013-12-25 01:00 - 0000056 _____ () C:\Users\Dean\AppData\Roaming\xlgdlapp.ini
2011-11-16 17:51 - 2015-08-24 21:00 - 0007647 _____ () C:\Users\Dean\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\Dean\AppData\Local\Temp\DefaultPackOffer.dll
C:\Users\Dean\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Dean\AppData\Local\Temp\tmp1017.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-22 00:35

==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:23-08-2015
Ran by Dean (2015-08-24 22:09:31)
Running from C:\Users\Dean\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2371761838-3269241468-585396966-500 - Administrator - Disabled)
Dean (S-1-5-21-2371761838-3269241468-585396966-1000 - Administrator - Enabled) => C:\Users\Dean
Guest (S-1-5-21-2371761838-3269241468-585396966-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2371761838-3269241468-585396966-1013 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

《天之炼狱》之狼族再起 版本 6.67 (HKLM-x32\...\{E4E8A1F9-BB6A-4F88-B5A4-8097D2AA1381}_is1) (Version: 6.67 - 上海聚圣网络科技有限公司)
4K Video Downloader 3.4 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.4.4.1500 - Open Media LLC)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Activision® (x32 Version: 1.00.0000 - Activision) Hidden
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Chinese Traditional (HKLM-x32\...\{AC76BA86-7AD7-1028-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Apple 應用程式支援 (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
AutoHotkey 1.1.15.00 (HKLM\...\AutoHotkey) (Version: 1.1.15.00 - Lexikos)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour 列印服務 (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Bulk Rename Utility 2.7.1.2 (HKLM\...\Bulk Rename Utility_is1) (Version: - TGRMN Software)
calibre 64bit (HKLM\...\{52E45FA3-B1CE-4852-8E93-774BB3F4D468}) (Version: 1.25.0 - Kovid Goyal)
Chinese Simplified Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Command & Conquer?Red Alert?3 (HKLM\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Command & Conquer?Red Alert?3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.601.0 - THQ Inc.)
ControlCenter (HKLM-x32\...\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1) (Version: 1.0.230 - MSI)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike (HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Counter-Strike) (Version: - )
Counter-Strike 1.6 (HKLM-x32\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
CPUID CPU-Z 1.64.0 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crystal Reports Basic for Visual Studio 2008 (HKLM-x32\...\{AA467959-A1D6-4F45-90CD-11DC57733F32}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports Basic Runtime Simplified Chinese Language Pack for Visual Studio 2008 (x64) (HKLM\...\{64D12BC6-E58C-4EB1-A6C9-4C6D1C56C25C}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports Basic Simplified Chinese Language Pack for Visual Studio 2008 (HKLM-x32\...\{CA3FD10A-8587-40E2-9B74-D6313D07183B}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
Curse Client (HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 4.41.0315.0262 - DT Soft Ltd)
Defense Grid 2 (HKLM-x32\...\Defense Grid 2_is1) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions)
doxygen 1.8.9.1 (HKLM\...\doxygen_is1) (Version: 1.8.9.1 - Dimitri van Heesch)
Dragon Age 2 - The Deep Green 1.03 (HKLM-x32\...\Dragon Age 2 - The Deep Green 1.03) (Version: - )
Dragon Age Awakening Redesigned (HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Dragon Age Awakening Redesigned) (Version: - )
Dragon Age II (HKLM\...\{F2E23139-3404-4E3C-9855-7724415D62A5}) (Version: 1.00 - Electronic Arts, Inc.)
Dragon Age II (HKLM-x32\...\{F2E23139-3404-4E3C-9855-7724415D62A5}) (Version: 1.04 - Electronic Arts, Inc.)
Dragon Age Redesigned ?Morrigan (HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Dragon Age Redesigned ?Morrigan) (Version: - )
Dragon Age Redesigned- Leliana's Song (HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Dragon Age Redesigned- Leliana's Song) (Version: - )
Dragon Age Redesigned? Zevran (HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Dragon Age Redesigned? Zevran) (Version: - )
Dragon Age Redesigned?Leliana (HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Dragon Age Redesigned?Leliana) (Version: - )
Dragon Age Redesigned?Sten (HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Dragon Age Redesigned?Sten) (Version: - )
Dragon Age Redesigned?Wynne (HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Dragon Age Redesigned?Wynne) (Version: - )
Dropbox (HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Dropbox) (Version: 2.6.33 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{BCA02FAD-2C86-4C8C-A815-51C09F4E51FF}) (Version: 1.1.1.0135 - AMD)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Fallout (HKLM-x32\...\GOGPACKFALLOUT_is1) (Version: 2.0.0.14 - GOG.com)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
Folder Size Explorer (HKLM-x32\...\{5842EF9D-F74D-4B40-9C28-ABBE26200748}) (Version: 1.1.2 - Bazwise)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
GamersFirst LIVE! (HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\GamersFirst LIVE!) (Version: - GamersFirst)
Gangsters (HKLM-x32\...\Gangsters) (Version: - )
Ghost Recon Phantoms - EU (HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\d8be6c3f847d7d92) (Version: 1.36.2063.1 - Ubisoft)
Ghost Recon Phantoms - NA (HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\fc418bf9b18f76aa) (Version: 1.36.2063.1 - Ubisoft)
GhostDoc (HKLM-x32\...\{134A5765-D59B-4160-8C70-B84BF9F53DF9}) (Version: 4.9.14358.0 - SubMain)
GitHub (HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\5f7eb300e2ea4ebf) (Version: 2.1.0.0 - GitHub, Inc.)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Grand Theft Auto IV (HKLM\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Graphviz (HKLM-x32\...\{884CF059-9A11-4DF7-A2A7-17EFE90B9278}) (Version: 2.38 - AT&T Research Labs.)
Guild Wars (HKLM-x32\...\Steam App 29720) (Version: - ArenaNet)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Halo 2 for Windows Vista (x32 Version: 1.0.0.0 - Microsoft Corporation) Hidden
Helbreath Olympia (HKLM-x32\...\Helbreath Olympia) (Version: - )
Homeworld Remastered Collection (HKLM-x32\...\Steam App 244160) (Version: - Gearbox Software)
HP Deskjet 3070 B611 series 基本裝置軟體 (HKLM\...\{24810365-6CD6-49D6-9C38-E0739C733676}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3070 B611 series 產品改善研究 (HKLM\...\{AFA67718-B41F-496C-978E-7BBD2CF40984}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
HP Deskjet 3070 B611 series 說明 (HKLM-x32\...\{9F20CE56-3828-432D-A3C5-3EC6A2ED93C6}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Ma螔 H顤z)
i-Charger (HKLM-x32\...\i-Charger_is1) (Version: - msi, Inc.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
iVMS-4200(v2.00) (HKLM-x32\...\{7697245D-2E00-4B83-AD27-C051DE314D1F}) (Version: 2.00.02.01 - hikvision)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java SE Development Kit 7 Update 13 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170130}) (Version: 1.7.0.130 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LEGO® Batman™ 2: DC Super Heroes (HKLM-x32\...\{4E2EA555-3DAE-4BE1-96BF-6A632ACFE8DE}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
LG USB Modem Drivers (HKLM-x32\...\{3E8DE1A6-B365-4FF6-B917-2892A34990E8}) (Version: 4.9.7 - LG Electronics)
Local Subtitles for 64-bit WMP (HKLM\...\{190BC83F-D54E-4494-830E-7FB4A5F4B964}) (Version: 1.6.0.0 - Alexander Demidov)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Marvel Heroes 2015 (HKLM-x32\...\Steam App 226320) (Version: - Gazillion Entertainment)
Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Metro Tile Skin Pack 1.0-X64 (HKLM-x32\...\Metro Tile Skin Pack) (Version: 1.0-X64 - Publisher)
Microsoft .NET Compact Framework 2.0 SP2 (HKLM-x32\...\{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - 繁體中文語言套件 (HKLM-x32\...\{AC5222AD-EE18-47E1-9789-F57D3387A4C3}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 繁體中文語言套件 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1028) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Advertising SDK for Windows Phone - ENU (HKLM-x32\...\{656458ED-DA77-4C82-AF2F-1640C191A2A7}) (Version: 5.2.819.0 - Microsoft Corporation)
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Device Emulator (64 bit) version 3.0 - ENU (HKLM\...\{EF8B1A2E-9CCB-3AB2-91E3-4EEDAB1294E1}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Device Emulator (64 位) 3.0 版 - 简体中文 (HKLM\...\{8438B84F-CFBB-3D66-A117-E6E54C922E3E}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version: - Microsoft Corporation)
Microsoft Document Explorer 2008 语言包 - 简体中文 (HKLM-x32\...\Microsoft Document Explorer 2008 Language Pack - CHS) (Version: - Microsoft Corporation)
Microsoft Expression Blend 3 SDK (HKLM-x32\...\{256E7DAC-9BE8-494E-8DE7-7857BF96B774}) (Version: 1.0.1343.0 - Microsoft Corporation)
Microsoft Expression Blend 4 (HKLM-x32\...\Blend_4.0.30816.0) (Version: 4.0.30816.0 - Microsoft Corporation)
Microsoft Expression Blend 4 Add-in for Adobe FXG Import (HKLM-x32\...\{EFBBD030-48F0-43B3-A8AD-789894DAD0B5}) (Version: 1.0.20817.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for .NET 4 (HKLM-x32\...\{9B3A1C97-A361-463E-8817-444F9F88CDFE}) (Version: 2.0.20525.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for Silverlight 4 (HKLM-x32\...\{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}) (Version: 2.0.20525.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for Windows Phone 7 (HKLM-x32\...\{69E11501-75F7-4ACE-8103-52513DDCFE26}) (Version: 2.0.20901.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for Windows Phone OS 7.1 (HKLM-x32\...\{12B8E200-99CC-4203-A8D1-4145FC4D0192}) (Version: 2.0.30816.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 for Devices CHS (HKLM-x32\...\{66F0066C-3923-441B-A243-40906C07899C}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 - 简体中文版 (HKLM-x32\...\{C46CE07D-C241-442B-8E02-E80EEA026510}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English (HKLM-x32\...\{0C19D563-5F25-4621-BF10-01F741BD283F}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 设计工具 - 简体中文版 (HKLM-x32\...\{56BA922D-111B-4B8F-B04F-F14AECDFB392}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 CHT (HKLM\...\{E3DE79B9-0C1B-4F4C-8C18-E07F0B99E0FC}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - CHT (11.1.20828.01) (HKLM-x32\...\{5BB45F50-293C-4EDB-ABDE-EE8253FA8743}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - CHT (11.1.20828.01) (HKLM-x32\...\{D6B382DC-5F3C-479D-B1D1-B679803D452D}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.3 (HKLM-x32\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{50822200-2E95-4E62-A8D8-41C3B308DF5E}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C# 2008 Express Edition with SP1 - ENU (HKLM-x32\...\Microsoft Visual C# 2008 Express Edition with SP1 - ENU) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2008 远程调试器 - 简体中文 (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger - CHS) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 远程调试器 - 简体中文 Service Pack 1 (KB945140) (HKLM-x32\...\{BA458007-1D1A-3125-8243-07C80EED211D}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Web - ENU (HKLM-x32\...\{5f035f44-df1d-4309-a527-f027693f15ca}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - 繁體中文 (HKLM-x32\...\{86bf69e1-6236-4397-b195-9e69c3db53a6}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{c93c1c16-fd12-4b07-8926-2a4af46b6597}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Visual Studio Team System 2008 Team Suite - 简体中文 (HKLM-x32\...\Microsoft Visual Studio Team System 2008 Team Suite - CHS) (Version: - Microsoft Corporation)
Microsoft Visual Studio Team System 2008 Team Suite - 简体中文 Service Pack 1 (KB945140) (HKLM-x32\...\{3D89E4F2-543C-3852-A874-850AA6422208}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio Team System 2008 Team Suite - 简体中文 的关键更新 (KB2938806) (HKLM-x32\...\{3D89E4F2-543C-3852-A874-850AA6422208}.KB2938806) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio Web Authoring Component (HKLM-x32\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - )
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (HKLM\...\{29C93182-34F6-3275-A18D-59326851CD57}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{9aa5f39c-a8de-46b0-919a-0248f8bc8490}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (HKLM\...\{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}) (Version: 6.1.5295.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Tools (HKLM\...\{62EED300-E841-4083-A1D6-60B906271804}) (Version: 6.1.5294.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Win32 Tools (HKLM\...\{A992BBAA-723D-4574-A07F-983BF8FAA3E1}) (Version: 6.1.5294.17011 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Game Studio 3.1 (HKLM-x32\...\XNA Game Studio 3.1) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Game Studio 4.0 (HKLM-x32\...\XNA Game Studio 4.0) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Game Studio Platform Tools (HKLM-x32\...\{0666E46E-A860-4353-BE6D-13AA72FABB57}) (Version: 1.3.0.0 - Microsoft Corporation)
Microsoft 說明檢視器 2.0 語言套件 - CHT (HKLM-x32\...\Microsoft 說明檢視器 2.0 語言套件 - CHT) (Version: 2.0.50727 - Microsoft Corporation)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - Tale Worlds)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mp3tag v2.70 (HKLM-x32\...\Mp3tag) (Version: v2.70 - Florian Heidenreich)
Multiline Search and Replace (HKLM-x32\...\{04613ADF-608F-4988-A7F7-21E7640FF1F9}) (Version: 1.6 - Helixoft)
MUSILAND Monitor 系列 (USB) 驅動程式 (HKLM\...\{A877987B-5495-43FA-8C33-96A18E9F7AE0}) (Version: 2.4.2.1 - MUSILAND Electronic Technology Co.,Ltd)
MySQL Connector C++ 1.1.3 (HKLM\...\{5C7A1ED6-DC5F-4017-B363-3E80644B4BD0}) (Version: 1.1.3 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{4C5FFB59-6222-45CA-9257-EFB93D5E1756}) (Version: 5.1.26 - Oracle Corporation)
MySQL Connector Net 6.9.5 (HKLM-x32\...\{5E5D3141-7714-4B2E-8BF2-650C8EF65E3E}) (Version: 6.9.5 - Oracle)
MySQL Connector/ODBC 5.2 (HKLM\...\{6F4E90AC-3B32-4631-A9E5-5CC0186CA97B}) (Version: 5.2.6 - Oracle Corporation)
MySQL Documents 5.6 (HKLM-x32\...\{D5080D2C-37D0-4701-B74D-4A7449584E6D}) (Version: 5.6.14 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM-x32\...\{44D03537-3061-490B-BF0C-DACA4DEE8797}) (Version: 5.6.14 - Oracle Corporation)
MySQL For Excel 1.1.3 (HKLM-x32\...\{F8D0595A-C8F0-40FF-8246-AA655EF0A3BA}) (Version: 1.1.3 - Oracle)
MySQL for Visual Studio 1.0.2 (HKLM-x32\...\{0D406BCC-D62A-46FB-9AB7-A7BF10FB8B31}) (Version: 1.0.2 - Oracle)
MySQL Installer (HKLM-x32\...\{9BF56AF8-3471-4EE2-889F-73733D492297}) (Version: 1.3.3.0 - Oracle Corporation)
MySQL Notifier 1.1.4 (HKLM-x32\...\{D7C3E617-EB02-47B3-8D0E-BF3E00D873D5}) (Version: 1.1.4 - Oracle)
MySQL Server 5.6 (HKLM\...\{23EEC459-9E65-4DCE-83B8-A1FDB44B9337}) (Version: 5.6.14 - Oracle Corporation)
MySQL Utilities (HKLM-x32\...\{6A494EFD-CFC6-4534-9E14-26D3F7D888DE}) (Version: 1.3.4 - Oracle)
MySQL Workbench 6.0 CE (HKLM-x32\...\{0B724473-51F5-49E8-958C-4BB3C0AAAF35}) (Version: 6.0.7 - Oracle Corporation)
Nexus Ultimate 12.2 (HKLM-x32\...\Winstep Xtreme_is1) (Version: - )
Node.js (HKLM\...\{40435563-20B0-4DA3-8E52-E5BF28ABE5C3}) (Version: 0.12.2 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.1 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.3 (HKLM-x32\...\{4580A2AE-6B80-4C4A-95E1-DCFEEAF46048}) (Version: 3.3.9567 - OpenOffice.org)
Oracle VM VirtualBox 4.2.4 (HKLM\...\{867DE0DC-A93F-41EA-9654-A212514FA946}) (Version: 4.2.4 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 1.1.2.32695 - Grinding Gear Games)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
Pro Evolution Soccer 2013 (HKLM-x32\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2014 (HKLM-x32\...\{5EFD3544-2371-4900-8ACA-F157BA80FB0C}) (Version: 1.00.0000 - KONAMI)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
qBittorrent 3.2.0 (HKLM-x32\...\qBittorrent) (Version: 3.2.0 - The qBittorrent project)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.0.2-1.0.1512.31 - raidcall.com)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0 beta r1990 - )
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
RC語音 (HKLM-x32\...\RC語音) (Version: 8.1.0-1.0.12800.571 - raidcall.com.tw)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.43.321.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Rise of Nations: Extended Edition (HKLM-x32\...\Rise of Nations: Extended Edition_is1) (Version: - Microsoft Studios)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
SDFormatter (HKLM-x32\...\{A5355F15-F98B-4704-9BAE-E53B9FE48F48}) (Version: 3.1.0 - SD Association)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
ShadowFlare (HKLM-x32\...\ShadowFlare) (Version: - )
Shockwave (HKLM-x32\...\Shockwave) (Version: - )
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
SRS Premium Sound Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.1900 - SRS Labs, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Strife (HKLM-x32\...\Strife) (Version: - S2 Games)
Switcher 2.0.0 (HKLM-x32\...\{F7DB6677-661D-4835-AAD8-1B7F4C98D7CE}) (Version: 2.0.0 - Bao Nguyen)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Bureau: XCOM Declassified - Hanger 6 R&D DLC (HKLM-x32\...\VGhlQnVyZWF1WENPTURlY2xhc3NpZmllZEhhbmdlcjZSRA==_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.625.10 - Electronic Arts Inc.)
Tom Clancy's Ghost Recon Future Soldier (HKLM-x32\...\{6D87CAD9-9B94-4421-A439-B25F8DE14575}) (Version: 1.00 - Ubisoft)
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.03 - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.01 - Ubisoft)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 2008 IA64 Runtime - v9.0.30729.01 (HKLM-x32\...\{22E23C71-C27A-3F30-8849-BB6129E50679}.vc_i64runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 2008 x64 Runtime - v9.0.30729.01 (HKLM-x32\...\{0DF3AE91-E533-3960-8516-B23737F8B7A2}.vc_x64runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual Studio .NET Prerequisites - English (HKLM\...\{D3E39E77-0EB4-36FB-B97A-8C8AB21B9A45}) (Version: 9.0.21022 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime 语言包 - 简体中文 (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime Language Pack - CHS) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime 语言包 - 简体中文 Service Pack 1 (KB949258) (HKLM-x32\...\{1CE4F85A-4B2A-3113-BC17-32D98656A4ED}.KB949258LP) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0-pre3 - VideoLAN)
Warframe (HKLM-x32\...\{23B8178A-5389-4E11-AA42-5136D91EE6FA}) (Version: 1.0.0 - Digital Extremes)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services SDK for Windows Phone (HKLM-x32\...\{6F33C2E2-5E02-4344-90BC-ED55C48341D2}) (Version: 4.7.6.0 - Microsoft Corporation)
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: - )
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WildStar (HKLM-x32\...\WildStar) (Version: - NCSOFT)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Pocket PC (HKLM-x32\...\{6C9F6D23-E9AD-43C9-B43A-011562AAF876}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Pocket PC (HKLM-x32\...\{FA96D76E-30C9-4DDD-947B-00B870AA6281}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Smartphone (HKLM-x32\...\{208CEAED-29A9-4C67-B45C-4C8CCD8A44D7}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Smartphone (HKLM-x32\...\{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Phone Emulator x64 - ENU (HKLM\...\{C9AEABC2-1DD6-3280-9A1A-11E1E8D34AAD}) (Version: 10.0.40219 - Microsoft Corporation)
Windows Phone SDK 7.1 - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Express for Windows Phone 7.1 - ENU) (Version: 10.1.40219 - Microsoft Corporation)
Windows Phone SDK 7.1 Add-in for Visual Studio 2010 - ENU (HKLM-x32\...\{A721BC43-E63E-3531-B1BF-6A405F9530BD}) (Version: 10.0.40219 - Microsoft Corporation)
Windows Phone SDK 7.1 Assemblies (HKLM-x32\...\{9E2F2BAC-A9FD-35BC-B8E0-253FEBED0F9B}) (Version: 10.0.40219 - Microsoft Corporation)
Windows Phone SDK 7.1 Extensions for XNA Game Studio 4.0 (HKLM-x32\...\{A4CC18F6-DB05-4B03-B724-4128322FA85F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Windows 驅動程式封裝 - Tactrix CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\3802337B44E5BF5CB0CA4873DF997CCA6F04BDF6) (Version: 10/22/2009 2.06.00 - Tactrix)
Windows 驅動程式封裝 - Tactrix CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\4E44A38168EEDD1DFC7B6D363DC423FBCA864874) (Version: 10/22/2009 2.06.00 - Tactrix)
Windows 驅動程式封裝 - Tactrix Inc. (openport) VehiclePassThru (11/17/2012 1.0.0.3652) (HKLM\...\F1038080FA5CE34BF42E572B1E656DA2CFC79F8E) (Version: 11/17/2012 1.0.0.3652 - Tactrix Inc.)
WinRAR 5.01 (64 位元) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WPF Toolkit February 2010 (Version 3.5.50211.1) (HKLM-x32\...\{5EE6E987-1B79-4A93-832B-27472C7D1579}) (Version: 3.5.50211.1 - Microsoft Corporation)
XBCD Uninstaller (HKLM\...\{04054166-0801-48A9-89E0-BC4B53FE7A81}_is1) (Version: 0.2.7 - XBCD Project)
X-Men Origins - Wolverine™ (HKLM-x32\...\InstallShield_{7F0B94C6-828C-4EDE-A86B-ECF4D792B68D}) (Version: 1.00.0000 - Activision)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )
千千静听 5.6正式版 (HKLM-x32\...\TTPlayer) (Version: 5.6正式版 - Alen Soft)
搜苹果 (HKLM-x32\...\搜苹果 ) (Version: - 搜苹果)
新天堂II 貳章塔武提 (HKLM-x32\...\{D8E96886-34D6-4EB7-8A72-639C76EE0B4A}) (Version: 2.00.0000 - NC TAIWAN CO., LTD.)
雷柏8300驅動程式 V1.0 (HKLM-x32\...\{1A675FBE-1D26-4870-A430-D556E97F7648}_is1) (Version: - Rapoo Inc.)
影像中心 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
適用於 Visual Studio 2012 的 Entity Framework Designer - CHT (HKLM-x32\...\{1B993AA1-8DE6-4D4A-8C34-83A614AD5D8C}) (Version: 11.1.20810.00 - Microsoft Corporation)
爐石戰記 (HKLM-x32\...\爐石戰記) (Version: - Blizzard Entertainment)
魔獸世界 (HKLM-x32\...\魔獸世界) (Version: - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dean\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{8a77c66e-19cb-4cdb-8031-095df103f1a2}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dean\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dean\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dean\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dean\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

15-07-2015 02:04:09 Windows Update
18-07-2015 05:14:36 Windows Update
22-07-2015 03:22:43 Windows Update
25-07-2015 04:56:49 Windows Update
29-07-2015 05:00:09 Windows Update
05-08-2015 02:55:36 Windows Update
08-08-2015 03:32:38 Windows Update
13-08-2015 02:57:44 Windows Update
18-08-2015 02:09:00 Windows Update
21-08-2015 20:41:03 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
22-08-2015 05:03:13 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:34 - 2015-01-10 17:02 - 00000025 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {067FD77D-B4CA-429F-9408-FFC539276884} - System32\Tasks\{4B716A57-18D4-4CF1-A514-8ECD95F34EE5} => pcalua.exe -a E:\TDDOWNLOAD\LeagueofLegends_NA_Installer_05_07_13.exe -d C:\Windows\SysWOW64 -c /groupsextract:100;102; /out:"C:\Users\Dean\AppData\Roaming\Riot Games\League of Legends\prerequisites" /callbackid:10756
Task: {08CAD9A6-25B4-4BF0-8F35-E4E23DD22892} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0FE06BFF-EF69-43BF-AE5C-9C39382F93D1} - System32\Tasks\{C624CF2E-B367-49B8-B8CD-8B179C97E140} => pcalua.exe -a "E:\TDDOWNLOAD\Dragon Age\Dragon Age Redesigned Version 7.3d\Dragon Age DLC- Leliana's Song\Leliana's Song Redesigned.exe" -d "E:\TDDOWNLOAD\Dragon Age\Dragon Age Redesigned Version 7.3d\Dragon Age DLC- Leliana's Song"
Task: {1110A782-AE61-4347-8625-EA32794B7A1B} - System32\Tasks\HPCustParticipation HP Deskjet 3070 B611 series => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2011-06-08] (Hewlett-Packard Co.)
Task: {23CBFB0E-4EEF-4C2F-A50F-D9DC3F05EA71} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {24EA04FA-C1BF-4B19-B3DD-6186367BBC31} - System32\Tasks\WindowedBorderlessGaming-Dean => E:\TDDOWN~1\WINDOW~1.EXE
Task: {2CCA1430-6C2C-4A52-AC5B-DC096741B964} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {2FB15357-CBCC-4406-A846-CD8163C645BE} - System32\Tasks\SRS Premium Sound => C:\Program Files\SRS Labs\SRS Control Panel\srspanel_64.exe [2011-04-06] (SRS Labs, Inc.)
Task: {3FA7B08F-8B8A-4D32-877F-27C3F9FBF940} - System32\Tasks\{8ED44B3A-D2BA-45C6-BD0E-013CEC93F948} => pcalua.exe -a "E:\Games @ E\Rainbow Six Vegas 2\rainbow_six_vegas_2_1.01.exe" -d "E:\Games @ E\Rainbow Six Vegas 2"
Task: {3FF4CF03-0220-4075-A6C2-FA85905FC6FD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {5A2128D7-F9AB-48F5-A1D3-4B786579D444} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {5AC80468-0B2D-4F1D-967E-F9CF55A93F0D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2371761838-3269241468-585396966-1000UA => C:\Users\Dean\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {5C0B8339-B1EE-4860-9533-B2788FAD77D6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2371761838-3269241468-585396966-1000Core => C:\Users\Dean\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {6D7060E9-491B-4407-9BDF-5DD3CE054008} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2371761838-3269241468-585396966-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {7B23E25A-86AE-4F8F-9324-5BC6C0AF0D9A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {876B6DB7-5C84-47D1-821B-5304E2B52B6C} - System32\Tasks\{3A4ADE9B-BDA2-4BFF-8121-68DDB52A8317} => pcalua.exe -a "C:\Program Files (x86)\Claro LTD\claro\1.8.8.5\GUninstaller.exe" -c -uprtc -key "claro"
Task: {9ED83239-22B2-4342-9077-17A5E71BE4DF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {A007C121-B6F3-45FE-9D05-2E79DD7586BF} - System32\Tasks\{EFD032E1-809E-4055-8A87-23BC6E272ACF} => msiexec.exe /package "C:\Users\Dean\Downloads\Warframe.msi"
Task: {A00EE2DB-FAEB-4595-952B-C23009C592BA} - System32\Tasks\{94376D5D-75B3-4B5F-BEB6-251E670D87CF} => pcalua.exe -a F:\Setup.now.exe -d F:\
Task: {B0100BF5-B1C2-4DB4-B4DB-2B784CEF7578} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {B128F8FA-E2A7-4C18-AA0A-F0F5FE96F53C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {BB15BE8D-6F7F-44E6-999B-909D583110E1} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Dean-PC-Dean Dean-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {DBAC374B-17CF-4F10-A3EA-01A9AC4A6DE0} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-08-02] ()
Task: {DE6BF877-F2AA-4DB3-BA4D-2149772C41F7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {E823C6A4-57E6-4D53-898D-89DCADD3F0FB} - System32\Tasks\{5BEAC895-1F00-421E-A0A5-13FDAD208024} => pcalua.exe -a "E:\Games @ E\Battlefield 3\pbsetup.exe" -d "E:\Games @ E\Battlefield 3"
Task: {EFF46EC3-29C5-4C96-9E6C-1A9056863D83} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2371761838-3269241468-585396966-1000Core => C:\Users\Dean\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {FC968B80-DF39-4B34-ABCB-0207855E8575} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2371761838-3269241468-585396966-1000UA => C:\Users\Dean\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {FDFCBEDB-62DF-4A8E-BDBD-6FE89CE12393} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2371761838-3269241468-585396966-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2371761838-3269241468-585396966-1000Core.job => C:\Users\Dean\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2371761838-3269241468-585396966-1000UA.job => C:\Users\Dean\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2371761838-3269241468-585396966-1000Core.job => C:\Users\Dean\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2371761838-3269241468-585396966-1000UA.job => C:\Users\Dean\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe

==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2371761838-3269241468-585396966-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dean\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AlipaySecSvc => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: FunshionSvr => 2
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: PingzapperSvc => 2
MSCONFIG\Services: RzKLService => 2
MSCONFIG\Services: SplashtopRemoteService => 2
MSCONFIG\Services: SSUService => 2
MSCONFIG\startupfolder: C:^Users^Dean^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^Dean^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Dean^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk => C:\Windows\pss\GamersFirst LIVE!.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Dean^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TaskbarController.lnk => C:\Windows\pss\TaskbarController.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Dean\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FileZilla Server Interface => "C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe"
MSCONFIG\startupreg: Funshion => "C:\Program Files (x86)\Funshion Online\3.0.1.30\Funshion.exe" startbywindows tray
MSCONFIG\startupreg: GameCompanion => "C:\Users\Dean\Desktop\GameCompanion\GameCompanion.exe"
MSCONFIG\startupreg: General Downloader => C:\Program Files (x86)\General Downloader\GD.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Dean\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Grid Service => "C:\Program Files (x86)\GridService\peer.exe" -n Grid
MSCONFIG\startupreg: HP Deskjet 3070 B611 series (NET) => "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN25T6103T05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: kwmusic => "C:\Program Files (x86)\KWMUSIC\Kwmusic.exe" /autorun
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: MySQL Notifier => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySqlNotifier.exe
MSCONFIG\startupreg: PPS Accelerator => C:\PPS.tv\PPStream\PPSKernel.exe
MSCONFIG\startupreg: RaidCall => C:\Program Files (x86)\RC語音\raidcall.exe
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: RazerGameBooster => C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe -autorun
MSCONFIG\startupreg: RocketDock => "C:\Program Files (x86)\RocketDock\RocketDock.exe"
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SRS Audio Sandbox => "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Thunder => C:\Program Files (x86)\Thunder Network\Thunder\Program\Thunder.exe -silent -StartType:AutoRun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7B9CE798-27ED-4C66-8E56-6FCA39E11682}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\Xmp.exe
FirewallRules: [{BD4FD63D-B6A8-4163-9A00-633BFE256A7F}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\Xmp.exe
FirewallRules: [{CC0E75D2-BDA6-4900-95CB-3B79864832F3}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XLBugReport.exe
FirewallRules: [{B3AA60D5-37CF-4D14-81BC-CE05A7567802}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XLBugReport.exe
FirewallRules: [{CBC3D189-D7D5-407C-9613-5FB383D13FA3}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\Xmp.exe
FirewallRules: [{7CF08141-41F4-46CB-AB63-F87457784B10}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\ThunderServiceLite.exe
FirewallRules: [{1DF76925-855B-46D9-8B46-5E5D9F109698}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\Xmp.exe
FirewallRules: [{43021BE1-4885-4845-B9A6-553A3ACA0972}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\ThunderServiceLite.exe
FirewallRules: [{425F6BCB-C1D7-486E-9E1E-99740EF92E98}] => (Allow) svchost.exe
FirewallRules: [TCP Query User{1F574075-F7A9-4827-9432-335AE21508BD}C:\program files (x86)\ttplayer\ttplayer.exe] => (Allow) C:\program files (x86)\ttplayer\ttplayer.exe
FirewallRules: [UDP Query User{ECC5705D-7B8F-4252-975A-1B959219F982}C:\program files (x86)\ttplayer\ttplayer.exe] => (Allow) C:\program files (x86)\ttplayer\ttplayer.exe
FirewallRules: [{1D5D1E2F-CF7E-49D2-8C47-01015A718A48}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{EC7C853D-B8E5-460D-BD2C-5BA6F624073B}C:\program files (x86)\flashget network\flashget 3\flashget3.exe] => (Allow) C:\program files (x86)\flashget network\flashget 3\flashget3.exe
FirewallRules: [UDP Query User{23903AF4-56C1-4279-8835-3BA96C7C72FE}C:\program files (x86)\flashget network\flashget 3\flashget3.exe] => (Allow) C:\program files (x86)\flashget network\flashget 3\flashget3.exe
FirewallRules: [{D8D7C0D3-FEFA-4505-993E-199386ECA80C}] => (Allow) C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe
FirewallRules: [{FE8450EC-2957-4A85-AC65-89F08B93F69E}] => (Allow) C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe
FirewallRules: [{DF48A0F9-4537-48F3-A2E8-FF0839D5B452}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [TCP Query User{419B5EF4-B88D-46F7-9588-168C266E4774}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{9D25554A-6B47-4318-B2A6-79F8DF78D557}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [{7D1917FD-0EBA-4992-AEF7-73ECCC8AC094}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E929A956-A2D5-4C85-88E7-56ED495B2FC5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7B6FCAB2-4B05-414F-BBBD-68B33D663EDD}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{499C94C6-35CE-474E-9368-B305288554F0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{319033CF-4A32-440B-838A-52874B2C3EC4}C:\program files (x86)\java\jre6\launch4j-tmp\jdownloader.exe] => (Allow) C:\program files (x86)\java\jre6\launch4j-tmp\jdownloader.exe
FirewallRules: [UDP Query User{DDA4FACC-FAA8-4326-9324-606C35936073}C:\program files (x86)\java\jre6\launch4j-tmp\jdownloader.exe] => (Allow) C:\program files (x86)\java\jre6\launch4j-tmp\jdownloader.exe
FirewallRules: [{CE30E168-570D-4F4A-8E6E-6CC356DEBC58}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\Xmp.exe
FirewallRules: [{4D33A447-570F-4EFA-BAC8-E6D60CAE6800}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\Xmp.exe
FirewallRules: [{52A1C249-30AA-4F5C-A9D1-5A80A4AF3627}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XLBugReport.exe
FirewallRules: [{F28935A6-B482-4F06-A06A-63ADC93BDB2D}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XLBugReport.exe
FirewallRules: [{8FC45D0B-F996-4D8A-B4F6-2A88591F1B44}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\Xmp.exe
FirewallRules: [{210EF401-A802-4C5E-9D1A-1DFD55C6CF5E}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\ThunderServiceLite.exe
FirewallRules: [{22F2C8B9-9252-46E6-863B-AFFF30C9596A}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\Xmp.exe
FirewallRules: [{31DCE169-22D6-42D5-A871-5993478FAF19}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\ThunderServiceLite.exe
FirewallRules: [{071D6627-A105-425B-BFF6-268830E26748}] => (Allow) C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe
FirewallRules: [{E3E9289C-7A1F-4F89-939C-A4D22AB914A8}] => (Allow) C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe
FirewallRules: [TCP Query User{A5EC1C38-3F19-485C-BD83-2ED47245685F}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{36197439-2D96-4C76-8893-890D60034FCD}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{3D4350C8-2CB2-4207-9F30-3F7E4425F993}] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{243E39EA-1BAA-4B1B-A6DB-90883A0747B5}] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{A36B02B5-A008-4F5E-B9E5-8EC5C95D2904}C:\vlan\vlan.exe] => (Allow) C:\vlan\vlan.exe
FirewallRules: [UDP Query User{4799B170-1717-4E13-BEE2-14B542755B3E}C:\vlan\vlan.exe] => (Allow) C:\vlan\vlan.exe
FirewallRules: [{946F34E5-E9D3-498C-AB1F-97E0EFA4B728}] => (Block) C:\vlan\vlan.exe
FirewallRules: [{A96409E9-C21A-4AA7-ADC2-C410D0913B7B}] => (Block) C:\vlan\vlan.exe
FirewallRules: [TCP Query User{8A711665-718B-4CC9-B025-82D8B8C9A888}H:\age of empires ii\age2_x11.exe] => (Allow) H:\age of empires ii\age2_x11.exe
FirewallRules: [UDP Query User{70356F32-9EC2-43AC-9C06-545F118D0467}H:\age of empires ii\age2_x11.exe] => (Allow) H:\age of empires ii\age2_x11.exe
FirewallRules: [{F48D2FA4-1AE3-442D-B122-435369877B34}] => (Block) H:\age of empires ii\age2_x11.exe
FirewallRules: [{CF9D3347-CD46-4EC6-AB6A-7CFA78DAD4D6}] => (Block) H:\age of empires ii\age2_x11.exe
FirewallRules: [{1B911BE6-792D-4E2E-9214-9E1C1046CD7B}] => (Allow) E:\BACKUP\TOOLS\Foxy.exe
FirewallRules: [{4E62318A-B97B-4EA2-ACE9-48D6487356CA}] => (Allow) E:\BACKUP\TOOLS\Foxy.exe
FirewallRules: [{CFDF32D5-6D3C-4566-B1FC-E688447560DC}] => (Allow) LPort=11825
FirewallRules: [{35DA60DF-8694-4195-8BF5-06CB29351990}] => (Allow) LPort=11825
FirewallRules: [{63115A1F-8118-423B-AD69-F7F5FCF08F79}] => (Allow) C:\ProgramData\QvodPlayer\QvodDown.exe
FirewallRules: [{C0093511-B5CE-4742-800B-2D1255529873}] => (Allow) C:\ProgramData\QvodPlayer\QvodDown.exe
FirewallRules: [TCP Query User{92851E34-92C6-4E5B-97B9-E8430B3799DB}E:\backup\xampp\apache\bin\httpd.exe] => (Allow) E:\backup\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{A62BAB7B-BCCA-4461-A9E4-5FB104833912}E:\backup\xampp\apache\bin\httpd.exe] => (Allow) E:\backup\xampp\apache\bin\httpd.exe
FirewallRules: [{327F79EF-F80F-4C0F-AAE4-7B4D30A5A158}] => (Block) E:\backup\xampp\apache\bin\httpd.exe
FirewallRules: [{6B4CD382-9490-4D0A-A31D-FCA74CEB94BF}] => (Block) E:\backup\xampp\apache\bin\httpd.exe
FirewallRules: [{DC6734B5-1A9F-4BBC-8850-DDE502FAA426}] => (Allow) LPort=3389
FirewallRules: [{9915B2D6-AE12-4359-B011-6BC02F3DB1B0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{B4B854B2-CED6-4E0D-ABD4-DB3AE2EBFA7D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{482A51A4-A323-468D-B509-4D08CDCC27E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{694EA9C9-F786-438E-A416-4019BE178B2B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{79EEF1FD-3F9C-4B18-8E2F-2EFAEBF656A7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C16D8B7A-FC6F-41D8-AFD5-FB9E10504BFC}] => (Allow) C:\Users\Dean\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1A23FDBD-D52B-41AA-9B00-343CF38BE660}] => (Allow) C:\Users\Dean\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{319A32E6-EFB6-4BA4-88B5-AA650DE27ADF}] => (Allow) C:\Users\Dean\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{EF03D875-3A57-48F0-9FE0-7D47623F52B2}] => (Allow) C:\Users\Dean\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2AE113A0-8555-4B3D-B1EE-D0ED3517AC38}] => (Allow) LPort=34641
FirewallRules: [TCP Query User{0E49C6A6-2CA3-40CF-80A8-EB63A53DAF99}C:\programdata\baidu\baiduplayer\bdupdate.exe] => (Allow) C:\programdata\baidu\baiduplayer\bdupdate.exe
FirewallRules: [UDP Query User{0602686E-5EEF-486C-A0AA-D49A35FB1C51}C:\programdata\baidu\baiduplayer\bdupdate.exe] => (Allow) C:\programdata\baidu\baiduplayer\bdupdate.exe
FirewallRules: [{5850824F-1443-4194-9675-2454F00F5D1E}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XMP.exe
FirewallRules: [{20E68D24-B9DA-4344-9F5C-C9477BEC1519}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XMP.exe
FirewallRules: [{46D203E3-E295-4E01-AB9D-BE954FEEFC84}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XLBugReport.exe
FirewallRules: [{21C77B61-F48B-4894-93D3-6B27344BC388}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XLBugReport.exe
FirewallRules: [{778352B5-72AE-49CF-8BD0-CF0AEBE1C24F}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\thunderservicelite.exe
FirewallRules: [{D5047271-A788-4AB3-AF3F-B1A183E04B9F}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\thunderservicelite.exe
FirewallRules: [{08461E9A-6CD1-4BB2-928D-0A642A131E65}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\KanKanLive.exe
FirewallRules: [{48A0D004-F9BF-4758-87C5-CA8B62985E8C}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\KanKanLive.exe
FirewallRules: [{60AC5E78-003B-44BE-A420-404DCD9BDD1F}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\XLBugReport.exe
FirewallRules: [{4F85F9F5-6F0E-4D62-ACCE-5E3AD9280648}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\XLBugReport.exe
FirewallRules: [{FDFAC496-B8D0-44B5-9EE4-69F19AF5677B}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\Xmp.exe
FirewallRules: [{AF66FD8E-3167-4CA5-952F-10F56B5FF718}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\Xmp.exe
FirewallRules: [{06AE8B5A-A828-4566-B712-928C68F029D3}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\KanKanLive.exe
FirewallRules: [{966820EE-46A7-49B4-B068-B2A45708B1A1}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\KanKanLive.exe
FirewallRules: [TCP Query User{FF140523-71D1-408A-BFFF-0CDAD2EED460}F:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) F:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [UDP Query User{9A7BF5C2-3618-4449-924F-A213A29887D9}F:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) F:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [TCP Query User{6E40F3BB-ED9F-4C6E-B4FC-231DDA2F9F76}C:\programdata\baidu\baiduplayer\bdupdate.exe] => (Allow) C:\programdata\baidu\baiduplayer\bdupdate.exe
FirewallRules: [UDP Query User{6F7936E5-9B86-497E-A054-F0AEA5FAE24F}C:\programdata\baidu\baiduplayer\bdupdate.exe] => (Allow) C:\programdata\baidu\baiduplayer\bdupdate.exe
FirewallRules: [TCP Query User{7310B818-0C65-447F-98C0-5FB9274BB736}C:\program files (x86)\thunder network\thunder\program\thunder.exe] => (Allow) C:\program files (x86)\thunder network\thunder\program\thunder.exe
FirewallRules: [UDP Query User{9C0FA683-F6B7-4C3A-A788-BA78AA00308C}C:\program files (x86)\thunder network\thunder\program\thunder.exe] => (Allow) C:\program files (x86)\thunder network\thunder\program\thunder.exe
FirewallRules: [{3B7DC286-D189-4B3E-89F3-76B03B8EBF36}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{F778221E-A38D-4A7B-9D29-D162EC5912C5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{AC20FA2A-93F0-46BA-ABF6-EEC62D23BCC2}C:\program files (x86)\qvodplayer\qvodplayer.exe] => (Allow) C:\program files (x86)\qvodplayer\qvodplayer.exe
FirewallRules: [UDP Query User{1AC007FE-CF83-4239-9EB3-F05443962E50}C:\program files (x86)\qvodplayer\qvodplayer.exe] => (Allow) C:\program files (x86)\qvodplayer\qvodplayer.exe
FirewallRules: [TCP Query User{99622DE9-9D61-4073-ACC4-EA4CD6C1904C}C:\games\dcoo cs1.6\cstrike.exe] => (Block) C:\games\dcoo cs1.6\cstrike.exe
FirewallRules: [UDP Query User{87DD099A-2C09-41C7-BEA4-2348064498DF}C:\games\dcoo cs1.6\cstrike.exe] => (Block) C:\games\dcoo cs1.6\cstrike.exe
FirewallRules: [{564F5C4A-0917-4757-8372-CF00E0D3178B}] => (Allow) C:\Program Files (x86)\PPLive\PPLite\PPLite.exe
FirewallRules: [{9605F728-2751-460A-965E-E936CA7CAE60}] => (Allow) C:\Program Files (x86)\PPLive\PPLite\PPLite.exe
FirewallRules: [{A1173E41-D694-47FF-925F-616ECA19173A}] => (Allow) C:\ProgramData\Baidu\BaiduPlayer\bdupdate.exe
FirewallRules: [{FA04B9CF-3F0E-4733-802C-9A33ECCB650D}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
FirewallRules: [{37736D9C-3E5B-4221-A74E-6D9338F54468}] => (Allow) C:\Program Files\7-Zip\7zFM.exe
FirewallRules: [{CE7FC7BB-CD94-4C70-ABFE-AD490F4E1D7E}] => (Allow) C:\Program Files\7-Zip\7zFM.exe
FirewallRules: [{F85768B2-E302-4E24-8519-9232DDF63EC8}] => (Allow) C:\Program Files\7-Zip\7zFM.exe
FirewallRules: [{9894B146-9D2E-4724-8B18-5C80D9BBC5B2}] => (Allow) C:\Program Files\7-Zip\7zFM.exe
FirewallRules: [{4A958587-A9A4-430E-B146-59D339B2D4B3}] => (Allow) LPort=3306
FirewallRules: [TCP Query User{42D6E76F-B06A-4CB4-A5F5-555D74B7E9C6}C:\program files (x86)\steam\steamapps\mrdevil103\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mrdevil103\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{355125C9-1541-489E-80B3-627A0353D70B}C:\program files (x86)\steam\steamapps\mrdevil103\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\mrdevil103\team fortress 2\hl2.exe
FirewallRules: [{B7F5736C-9F71-4C68-8DEB-81B315054848}] => (Allow) LPort=57779
FirewallRules: [{64B0504A-E115-4C8D-91D7-F2838342DEC9}] => (Allow) LPort=57779
FirewallRules: [{7271056C-A1CA-4DB2-A842-C7286A8EDED7}] => (Allow) LPort=57779
FirewallRules: [{C0C1D233-1561-40C4-91D6-E7AA3AF097FD}] => (Allow) LPort=57779
FirewallRules: [{DDE51347-A557-4380-AA01-A237451D3F10}] => (Allow) C:\Users\Dean\AppData\Roaming\PPStream\ppsupdate.exe
FirewallRules: [{77A1B682-DEC6-4133-92FB-3D2D7D2D940A}] => (Allow) C:\Users\Dean\AppData\Roaming\PPStream\ppsupdate.exe
FirewallRules: [{6D37823A-4A8F-4E2D-8250-14169C901249}] => (Allow) C:\PPS.tv\PPStream\PPStream.exe
FirewallRules: [{F2F1E0DF-980A-40D8-A8E6-F1E0A8654259}] => (Allow) C:\PPS.tv\PPStream\PPStream.exe
FirewallRules: [TCP Query User{71B7CF9E-BD91-426E-94DA-89852CFE953A}C:\sandbox\dean\defaultbox\drive\d\games @ d\planetside 2\planetside2.exe] => (Block) C:\sandbox\dean\defaultbox\drive\d\games @ d\planetside 2\planetside2.exe
FirewallRules: [UDP Query User{FF5D3C5C-09D9-4136-BC09-39D12EBA609D}C:\sandbox\dean\defaultbox\drive\d\games @ d\planetside 2\planetside2.exe] => (Block) C:\sandbox\dean\defaultbox\drive\d\games @ d\planetside 2\planetside2.exe
FirewallRules: [{7848C973-A3C5-4A9A-8512-F8E58B0A6AE2}] => (Allow) C:\Users\Dean\AppData\Roaming\PPlive\PPLive\3.3.0.0061\PPLiveU.exe
FirewallRules: [{B2C722F1-DFAD-497E-AAE2-B2E4A37D54CB}] => (Allow) C:\Users\Dean\AppData\Roaming\PPlive\PPLive\3.3.0.0061\PPLiveU.exe
FirewallRules: [{72969CC9-CFF5-43F7-BD9A-04BDDA31CB87}] => (Allow) C:\Users\Dean\AppData\Roaming\PPlive\PPLive\3.3.0.0061\PPLiveU.exe
FirewallRules: [{11C292B3-AED1-44C3-B7B9-9315D9A21ED9}] => (Allow) C:\Users\Dean\AppData\Roaming\PPlive\PPLive\3.3.0.0061\PPLiveU.exe
FirewallRules: [{959BA0BF-8C8D-4740-91BD-FCB933949279}] => (Allow) C:\Users\Dean\AppData\Roaming\PPlive\PPLive\3.3.0.0061\RepairSetup.exe
FirewallRules: [{BF6C41A1-AB3B-45A8-BFF1-FE6DE02EE13E}] => (Allow) C:\Users\Dean\AppData\Roaming\PPlive\PPLive\3.3.0.0061\RepairSetup.exe
FirewallRules: [{BACFB334-64B1-47BC-ADB0-FDF51E99C4D0}] => (Allow) C:\Users\Dean\AppData\Roaming\PPlive\PPLive\3.3.0.0061\RepairSetup.exe
FirewallRules: [{3AE3F840-3D36-4B91-BF9D-87CB484143C3}] => (Allow) C:\Users\Dean\AppData\Roaming\PPlive\PPLive\3.3.0.0061\RepairSetup.exe
FirewallRules: [{59DB7FD0-E07A-419F-9666-800705D879F9}] => (Allow) C:\Users\Dean\AppData\Roaming\PPlive\PPLive\3.3.0.0061\crashreporter.exe
FirewallRules: [{545D5D0B-1EEB-4637-AF5F-857670939C5E}] => (Allow) C:\Users\Dean\AppData\Roaming\PPlive\PPLive\3.3.0.0061\crashreporter.exe
FirewallRules: [{CC641D8B-BFF9-4634-AECC-88A5852C65F7}] => (Allow) C:\Users\Dean\AppData\Roaming\PPlive\PPLive\3.3.0.0061\crashreporter.exe
FirewallRules: [{43A36E15-0D48-46DE-8904-3A34180B4F92}] => (Allow) C:\Users\Dean\AppData\Roaming\PPlive\PPLive\3.3.0.0061\crashreporter.exe
FirewallRules: [{9754C246-7A7E-41E2-9C14-740202475507}] => (Allow) C:\Windows\System32\PPTVLauncher.exe
FirewallRules: [{B472A375-33B3-44E5-82F6-AC70BE2D756F}] => (Allow) C:\Windows\System32\PPTVLauncher.exe
FirewallRules: [{5194A802-AA99-41B4-A8C4-720F6E9EAB83}] => (Allow) C:\Windows\System32\PPTVLauncher.exe
FirewallRules: [{8E60A947-D9F7-484B-9F77-F7789E7AB366}] => (Allow) C:\Windows\System32\PPTVLauncher.exe
FirewallRules: [{20A5376A-E853-47DB-8473-568FCE0188F8}] => (Allow) C:\Program Files (x86)\Common Files\PPLiveNetwork\PPAP.exe
FirewallRules: [{0F3FA20C-6EF2-4914-B328-E69B7568EAE0}] => (Allow) C:\Program Files (x86)\Common Files\PPLiveNetwork\PPAP.exe
FirewallRules: [TCP Query User{2E458937-5AB7-4F12-BCC0-6771D80851E6}C:\program files (x86)\common files\pplivenetwork\ppap.exe] => (Allow) C:\program files (x86)\common files\pplivenetwork\ppap.exe
FirewallRules: [UDP Query User{97A29C98-9784-4D6C-98AA-E5C1DA91F03D}C:\program files (x86)\common files\pplivenetwork\ppap.exe] => (Allow) C:\program files (x86)\common files\pplivenetwork\ppap.exe
FirewallRules: [{D4707860-6CEE-4DA7-B84B-61CFF5D60AE5}] => (Allow) C:\Program Files (x86)\Internet Explorer\PPLite\plugin\1.0.1.2908\PluginInstaller.exe
FirewallRules: [{CEB43BDE-2008-4A81-B3E2-AE78E82358B6}] => (Allow) C:\Program Files (x86)\Internet Explorer\PPLite\plugin\1.0.1.2908\PluginInstaller.exe
FirewallRules: [{325BD067-979D-4F6B-B4AC-12FFD985A54B}] => (Allow) C:\Program Files (x86)\Internet Explorer\PPLite\plugin\1.0.1.2908\PluginInstaller.exe
FirewallRules: [{CE54E881-77AB-426D-9373-EF27BDB0B7B1}] => (Allow) C:\Program Files (x86)\Internet Explorer\PPLite\plugin\1.0.1.2908\PluginInstaller.exe
FirewallRules: [{FC709DD8-9839-4E5D-AB1F-F9D5C260C01B}] => (Allow) C:\ProgramData\Baidu\BaiduPlayer\bdupdate.exe
FirewallRules: [{E89F5CE3-CE74-4161-AA90-E47AF6F0F152}] => (Allow) C:\Program Files (x86)\Foxy\Foxy.exe
FirewallRules: [{412E8195-07B9-4C9E-901E-B54AC29B9073}] => (Allow) C:\Program Files (x86)\Foxy\Foxy.exe
FirewallRules: [{B4F92E57-A53B-4B43-B85F-751316315370}] => (Allow) C:\Users\Public\Thunder Network\KanKan\Pusher\XmpTipWnd.1.0.0.70.exe
FirewallRules: [{48D4C19D-1828-4A99-96B1-FF9505A1D600}] => (Allow) C:\Users\Public\Thunder Network\KanKan\Pusher\XmpTipWnd.1.0.0.70.exe
FirewallRules: [{8366DEDD-E06C-44AF-9C66-B00F851A9690}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XMP.exe
FirewallRules: [{08BB7C1E-8757-4A2D-BEEA-25281A26237F}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XMP.exe
FirewallRules: [{6C650F1B-40AF-4977-8C86-4FE52EA9C047}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XLLiveUD.exe
FirewallRules: [{F34E88FB-FA41-445C-A09B-20CD8EC83EB9}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XLLiveUD.exe
FirewallRules: [{5809A043-5268-4791-9C7C-0B935030D44B}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XLBugReport.exe
FirewallRules: [{5D974A36-A369-43C5-AC0A-C270A4E1B2B7}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XLBugReport.exe
FirewallRules: [{2C6816F8-8F98-42F9-A7BF-089F5B525D39}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\TP\ThunderPlatform.exe
FirewallRules: [{F7C5A426-498C-475A-B4E9-36DFE4935A28}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\TP\ThunderPlatform.exe
FirewallRules: [{AECD027D-2D08-4989-953B-826301CA321E}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\ThunderServiceLite.exe
FirewallRules: [{6DDD7091-91B1-47B5-B92A-F7C81060923A}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\ThunderServiceLite.exe
FirewallRules: [{F97CB613-DACF-4D12-A5CA-CAAB02DC8644}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\KanKanLive.exe
FirewallRules: [{B0A212B1-655E-46D0-B7D5-6413A99CFAB1}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\KanKanLive.exe
FirewallRules: [{5CDEC045-0F1A-4747-8928-8E87CFE59A09}] => (Allow) C:\Users\Public\Thunder Network\XMP4\Core\Program\XLLiveUD.exe
FirewallRules: [{8A8948F5-0FA2-4023-9702-F68B09A400D2}] => (Allow) C:\Users\Public\Thunder Network\XMP4\Core\Program\XLLiveUD.exe
FirewallRules: [TCP Query User{400AF83D-A80C-45BE-9947-6A25F64637F1}C:\program files (x86)\ttplayer\ttplayer.exe] => (Allow) C:\program files (x86)\ttplayer\ttplayer.exe
FirewallRules: [UDP Query User{63932735-C1E4-4ABD-B6CE-E6C1EE24AEFE}C:\program files (x86)\ttplayer\ttplayer.exe] => (Allow) C:\program files (x86)\ttplayer\ttplayer.exe
FirewallRules: [{08DCA5EE-AD4B-4656-AB3B-52D0BD18A9B8}] => (Allow) C:\Program Files (x86)\Baidu\BaiduPlayer\1.19.0.137\BaiduP2PService.exe
FirewallRules: [{7A04F1AB-79FB-4861-9248-BB0B13D4450C}] => (Allow) C:\Program Files (x86)\Baidu\BaiduPlayer\1.19.0.137\StatReport.exe
FirewallRules: [{A1D65E41-BF74-46B6-9885-C2DD70A5A7D3}] => (Allow) C:\Program Files (x86)\Baidu\BaiduPlayer\1.19.0.137\BaiduPlayer.exe
FirewallRules: [{5034934F-EE38-4F68-B151-2754FB1CECB2}] => (Allow) C:\ProgramData\Baidu\BaiduPlayer\bdupdate.exe
FirewallRules: [{93D6D6F7-4E56-4A55-AB32-3C81634B53B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guild Wars\Gw.exe
FirewallRules: [{24822F1C-BE76-4A9F-9813-7CFF532BD1F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guild Wars\Gw.exe
FirewallRules: [TCP Query User{BACF673F-078E-4B2A-B20D-355A0F8B5368}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{5CD9FC3A-FA77-42B6-9B44-364C38BBEBF0}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{CD3EE9F4-E5B2-43FF-9B15-B373399B5A66}C:\users\dean\documents\desktop\eclipse\eclipse.exe] => (Allow) C:\users\dean\documents\desktop\eclipse\eclipse.exe
FirewallRules: [UDP Query User{204A92C0-9552-4DE1-84E1-AEFBC3D428EC}C:\users\dean\documents\desktop\eclipse\eclipse.exe] => (Allow) C:\users\dean\documents\desktop\eclipse\eclipse.exe
FirewallRules: [{124A2828-30C9-4CFC-8E49-D6653E0DD0DB}] => (Allow) C:\Program Files (x86)\RC語音\rcplugin.exe
FirewallRules: [{D0027900-25F0-4EAB-96F4-25D4EF859DAD}] => (Allow) C:\Program Files (x86)\RC語音\rcplugin.exe
FirewallRules: [{6959F3B0-4312-4991-AA24-3E3C2D7A596B}] => (Allow) C:\Program Files (x86)\RC語音\rcplugin.exe
FirewallRules: [{B7CFA21F-BA34-4F50-A58E-2F5845073713}] => (Allow) C:\Program Files (x86)\RC語音\rcplugin.exe
FirewallRules: [{C129C53A-A3F9-4443-9D7F-B5869BE39216}] => (Allow) C:\Program Files (x86)\Foxy\Foxy.exe
FirewallRules: [{C8A35202-C56A-42F6-9302-80D6A975459A}] => (Allow) C:\Program Files (x86)\Foxy\Foxy.exe
FirewallRules: [{F50A032D-4FA8-4AF3-A831-39CA8604266D}] => (Allow) LPort=13106
FirewallRules: [{9E3184BE-03D3-41B1-845B-6B5DBF269FDC}] => (Allow) LPort=13106
FirewallRules: [{E20E43E4-D963-429A-B659-F0DBECDE9DF1}] => (Allow) LPort=80
FirewallRules: [{59A62E8F-FFFE-43D2-BC0E-AB6F49EB4036}] => (Allow) LPort=443
FirewallRules: [{DEDAA273-9817-4A29-92EF-3EF125CB0A15}] => (Allow) LPort=20010
FirewallRules: [{1BCD82F9-2623-412C-801B-B82EAF5B5EF3}] => (Allow) LPort=3478
FirewallRules: [{E93C03D7-3A3F-473B-8824-F1B13F672946}] => (Allow) LPort=7850
FirewallRules: [{82573083-A7CE-47DE-9524-490DAB63ADD0}] => (Allow) LPort=27022
FirewallRules: [{0FBAF243-6E19-4E84-AB15-B4F74A204343}] => (Allow) LPort=6881
FirewallRules: [{36902157-578F-4520-AC04-47F739C24F2D}] => (Allow) LPort=33333
FirewallRules: [{5BA52AAA-522E-4E4D-B0E7-C8D0EFE2DAD7}] => (Allow) LPort=20443
FirewallRules: [{8C308255-9C55-41F1-97DB-F17D59966942}] => (Allow) LPort=8090
FirewallRules: [{F4569A0E-B5AA-4A57-9F22-F041AF9E1834}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XMP.exe
FirewallRules: [{92E984B1-1FA6-45A5-AFE4-16F30A367A70}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XMP.exe
FirewallRules: [{138C33D6-5159-4440-9627-C8E4B37FBF7B}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XLBugReport.exe
FirewallRules: [{F2C757D5-7719-4E45-9997-9377DF120DBD}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XLBugReport.exe
FirewallRules: [{E8C8BF64-0377-4108-AF4B-8B7FAB109A5D}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XLLiveUD.exe
FirewallRules: [{BE09ABD8-A582-410C-90E7-E4B46837E251}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XLLiveUD.exe
FirewallRules: [TCP Query User{1146049B-B7CD-4017-9A5A-55CE770421A0}C:\ttkvod2\qvodterminal.exe] => (Allow) C:\ttkvod2\qvodterminal.exe
FirewallRules: [UDP Query User{DD3D04F0-E781-4C1A-A8FB-04BC8E794192}C:\ttkvod2\qvodterminal.exe] => (Allow) C:\ttkvod2\qvodterminal.exe
FirewallRules: [{61B4F9B4-BEC7-4A6C-B443-619AE3903510}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{87AED5E9-D3D6-4F05-8083-A82C99690830}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{76274676-19A7-4ECF-97F1-B8F05E6E14C2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{63B4494E-6975-4EF8-8F85-076F5444EFB8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{8582478C-9BB7-458B-B65D-5C8F0E595AA2}C:\users\dean\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\dean\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{2315D031-48E7-45D2-94EA-F95F6218D9A1}C:\users\dean\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\dean\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{1F70DBD5-CCC7-4A49-BDBC-B3245B8839F7}C:\games\浩方\gameclient.exe] => (Allow) C:\games\浩方\gameclient.exe
FirewallRules: [UDP Query User{3611FF38-51C8-4CFE-8077-7D86A87F15AF}C:\games\浩方\gameclient.exe] => (Allow) C:\games\浩方\gameclient.exe
FirewallRules: [TCP Query User{C6702279-1CAC-4D61-BDFB-E675346F713B}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{44AA8E22-628A-4DDC-B6E3-76F3990B7980}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{4917CDA4-C67C-4BB4-AF1A-D08F1AF1259B}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{E99D909D-7769-444E-9017-CC7DEBCF687D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{DACDB6EC-4EDD-4809-82E4-0488729EF8D6}C:\program files (x86)\qvodplayer\qvodplayer.exe] => (Allow) C:\program files (x86)\qvodplayer\qvodplayer.exe
FirewallRules: [UDP Query User{DBFB7BA1-AA51-4083-912E-4F1587D6A23F}C:\program files (x86)\qvodplayer\qvodplayer.exe] => (Allow) C:\program files (x86)\qvodplayer\qvodplayer.exe
FirewallRules: [TCP Query User{18604660-980E-48FB-930E-C6B901ABA7D2}C:\ttkvod2\qvodterminal.exe] => (Allow) C:\ttkvod2\qvodterminal.exe
FirewallRules: [UDP Query User{57DC2EDD-ED05-464C-BADD-D461873BB74D}C:\ttkvod2\qvodterminal.exe] => (Allow) C:\ttkvod2\qvodterminal.exe
FirewallRules: [{9B4D871D-4FEE-4117-A005-2A16C50514AD}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\TP\Ver1\1.1.2.221_1111\ThunderPlatform.exe
FirewallRules: [{240BE1BF-F1A7-431A-92E9-EC0955338088}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\TP\Ver1\1.1.2.221_1111\ThunderPlatform.exe
FirewallRules: [{A694CE03-D1E9-4BFF-9A20-5DEE986A7166}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\TP\Ver1\1.1.2.221_1111\XLBugReport.exe
FirewallRules: [{3394DEA0-3077-4DB7-82C8-43C3DA0C8000}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\TP\Ver1\1.1.2.221_1111\XLBugReport.exe
FirewallRules: [{2D4BCDFB-381E-4914-ACEF-02CF9CDC7991}] => (Allow) LPort=3306
FirewallRules: [{020217D0-3805-447D-9AE7-37ECA0C3AAEC}] => (Allow) LPort=3306
FirewallRules: [{A5B63762-6424-4961-85BB-9594BB04B55B}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{0F19FB67-CBFF-44F1-A394-8747544C392E}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{589B9761-CF56-4400-9B1C-24412E76DE0A}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{B6772F13-6313-4B02-8F93-88B5357A00D2}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{B0477D3B-1A50-4B7F-96B6-7AA611FF2A6D}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{0D73F83E-3EF2-433F-B3A4-DC47516FE7D5}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{3191D194-7A7F-40BC-B676-88D4DCD8AB99}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{4A27E24B-5421-4E11-A104-382E45548D7B}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{D4AEEF59-670B-4778-AF88-64847C30F1DF}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{B1F3A38C-F9A4-413B-A537-52EB28287D44}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{597040B2-29A6-4EE9-BE32-B1F72DBE0961}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{0B94B8A3-1337-4226-B2DC-A05A26A7B2AD}] => (Allow) C:\Users\Dean\Downloads\jl1127_setup.exe
FirewallRules: [{922BC102-3F2C-4DA2-B3B2-BE70BC22FF5A}] => (Allow) C:\Users\Dean\Downloads\jl1127_setup.exe
FirewallRules: [{24A9E9DB-00F0-497E-A0A4-C15AFD36F303}] => (Allow) c:\users\dean\appdata\roaming\tencent\剑灵\d6f1efc4d8def7d310d545454056000d\teniodl\teniodl.exe
FirewallRules: [{25B27E8E-DA47-4712-8F8C-13D3063FF5C4}] => (Allow) c:\users\dean\appdata\roaming\tencent\剑灵\d6f1efc4d8def7d310d545454056000d\teniodl\teniodl.exe
FirewallRules: [{25D03656-4A8C-4B30-B6E2-76F0F3149643}] => (Allow) c:\users\dean\appdata\roaming\tencent\剑灵\85c9a21988d93048bb4c0ed95645486e\teniodl\teniodl.exe
FirewallRules: [{5201DF5C-E899-42D4-9393-61A456AF8AF8}] => (Allow) c:\users\dean\appdata\roaming\tencent\剑灵\85c9a21988d93048bb4c0ed95645486e\teniodl\teniodl.exe
FirewallRules: [{F1254AF7-D0A7-40F5-AF7A-BD137D6FF693}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{AED14468-9AFD-4521-875F-410FA24A41ED}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{E6EC6752-8C0A-4F69-8015-F722B57AECDB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{178C304B-2B2C-41A1-B627-7EE13D8A70AE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{860A3682-3B6A-47B7-97EA-9B3F0515CDD9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{23CD3561-4837-405F-9B4A-69ED20C203B9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F48D604E-232B-4BCB-A2B4-639FBE2112EE}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{7608B96F-076D-4D59-91AB-34D8A24388EC}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{A7BD705C-12A1-45BD-829E-96553B209A29}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{CA7DC774-39D1-40B7-A09C-6C399DB80F4B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
FirewallRules: [{4BBA5883-D466-4C23-81A9-4798C344747D}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
FirewallRules: [{9AB290C9-5E6C-4F26-B047-9FED79BC2A03}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
FirewallRules: [{87FF7DD6-DC26-4233-B43D-B8F15DB3B750}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
FirewallRules: [TCP Query User{9B95311D-8078-4612-80EF-7E6347A397AB}C:\users\dean\appdata\roaming\baidu\baiduyunguanjia\baiduyunguanjia.exe] => (Allow) C:\users\dean\appdata\roaming\baidu\baiduyunguanjia\baiduyunguanjia.exe
FirewallRules: [UDP Query User{DD9F065B-9693-4B2C-BB7E-7DA64DDCE8E6}C:\users\dean\appdata\roaming\baidu\baiduyunguanjia\baiduyunguanjia.exe] => (Allow) C:\users\dean\appdata\roaming\baidu\baiduyunguanjia\baiduyunguanjia.exe
FirewallRules: [{93995CE2-D00C-41F6-B23C-991FDD325222}] => (Allow) E:\Games @ E\Battle.net\Battle.net.exe
FirewallRules: [{008665ED-2E69-4CE1-9037-C5542457023B}] => (Allow) E:\Games @ E\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{B5FACD84-8ED5-4EC5-BC42-CA46FC8D2986}C:\users\dean\downloads\tinyumbrella-7.04.00.exe] => (Allow) C:\users\dean\downloads\tinyumbrella-7.04.00.exe
FirewallRules: [UDP Query User{31C7F9B3-52B3-4121-8CCE-EBED18F45CCF}C:\users\dean\downloads\tinyumbrella-7.04.00.exe] => (Allow) C:\users\dean\downloads\tinyumbrella-7.04.00.exe
FirewallRules: [{AAB228A6-C7D0-4559-A45D-EAC398E77D64}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{3024A7A1-71BE-4E41-88D0-CB983E3BD001}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{97880827-1767-4B30-924D-33F023297741}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{4E9D05EE-87B2-447E-BF41-042D8B47DE4D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{32AFAF9C-B1AA-4414-AA53-61CE38BEB7C7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{491F43E7-6199-4355-A31B-1F3C905C46AC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [TCP Query User{2B86A49A-1885-4641-91CE-DDCACFFEC5E3}C:\program files (x86)\flashget network\flashget 3\flashget3.exe] => (Allow) C:\program files (x86)\flashget network\flashget 3\flashget3.exe
FirewallRules: [UDP Query User{6CCB3D5A-B8F3-4501-9ADD-2AF9E1591F26}C:\program files (x86)\flashget network\flashget 3\flashget3.exe] => (Allow) C:\program files (x86)\flashget network\flashget 3\flashget3.exe
FirewallRules: [{1093E6AC-AD65-4589-B54E-16A8BF717135}] => (Allow) C:\Program Files (x86)\Microsoft XNA\XNA Game Studio\v4.0\Bin\XnaLiveProxy.exe
FirewallRules: [TCP Query User{D501A373-D8DA-4724-A2DC-6E87C3443553}C:\program files (x86)\common files\thunder network\tp\ver1\1.1.2.221_1111\thunderplatform.exe] => (Block) C:\program files (x86)\common files\thunder network\tp\ver1\1.1.2.221_1111\thunderplatform.exe
FirewallRules: [UDP Query User{6DC42AC2-96EA-4D85-B8A6-ECD4A177AD24}C:\program files (x86)\common files\thunder network\tp\ver1\1.1.2.221_1111\thunderplatform.exe] => (Block) C:\program files (x86)\common files\thunder network\tp\ver1\1.1.2.221_1111\thunderplatform.exe
FirewallRules: [{71436A17-CC63-494D-87F9-FD2888EE24F5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{3C971C69-E5C6-4E7C-8FAA-43D460AC0270}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [TCP Query User{A1CD86A4-C07A-4131-89BC-F37582C0F4E8}C:\users\dean\appdata\roaming\baidu\baiduyunguanjia\baiduyunguanjia.exe] => (Allow) C:\users\dean\appdata\roaming\baidu\baiduyunguanjia\baiduyunguanjia.exe
FirewallRules: [UDP Query User{79801081-2CE3-402C-8DCE-F99EFCBC1527}C:\users\dean\appdata\roaming\baidu\baiduyunguanjia\baiduyunguanjia.exe] => (Allow) C:\users\dean\appdata\roaming\baidu\baiduyunguanjia\baiduyunguanjia.exe
FirewallRules: [{A1869A93-2880-456F-9319-CB31A7E4740F}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{EC892F63-6E10-4505-BA8A-73714AB857C1}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{B5D89B9B-CD29-473E-A812-6CE04C5C95DE}] => (Allow) LPort=27666
FirewallRules: [{C6A7E0D9-80F5-45C1-982D-949D0F461D44}] => (Allow) LPort=24300
FirewallRules: [{3A698823-2654-4E8C-94D1-F2B2B57539E6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{563D5304-853B-4777-AF0A-2716D03E241F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{73A8CAD8-C6D8-4911-B1D3-9171A5F0B614}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A7B5A3DC-8451-4FA9-9552-2BB5A0EC544C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1656CF78-BB56-4E7A-A2A3-CC20A577B736}] => (Allow) C:\Users\Dean\AppData\Local\Apps\2.0\5HP16NV1.O7K\RNP5L1WA.E0B\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe
FirewallRules: [{04544E60-EE51-4BB3-9564-05913D5DF59D}] => (Allow) C:\Users\Dean\AppData\Local\Apps\2.0\5HP16NV1.O7K\RNP5L1WA.E0B\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe
FirewallRules: [TCP Query User{46D5EA62-24A4-47FD-AF2F-B78FEAC99B3C}E:\games @ e\guild wars 2\gw2.exe] => (Allow) E:\games @ e\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{20FCE956-E6FE-4E40-A934-930D04A17778}E:\games @ e\guild wars 2\gw2.exe] => (Allow) E:\games @ e\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{BA5AC534-E5D4-4B2B-883A-55E0091FC441}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\streamserver\streamserverapp.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\streamserver\streamserverapp.exe
FirewallRules: [UDP Query User{6F87ECE8-6021-43FF-96AD-567AD8E2D412}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\streamserver\streamserverapp.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\streamserver\streamserverapp.exe
FirewallRules: [TCP Query User{87E60DC0-B90C-46DC-919C-B762A0C65735}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe
FirewallRules: [UDP Query User{C0DD0D54-167F-4ACF-8D65-4B36CED46FE3}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe
FirewallRules: [TCP Query User{AD713FB0-B0C9-4BE8-9741-20C3C52FA010}C:\program files\ivms-4200 station\ivms-4200 web\php\php-cgi.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200 web\php\php-cgi.exe
FirewallRules: [UDP Query User{8402352F-07DB-4717-A355-E597670617B2}C:\program files\ivms-4200 station\ivms-4200 web\php\php-cgi.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200 web\php\php-cgi.exe
FirewallRules: [{7F0F5DEB-004B-400C-A786-CF9C825BD16F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5EA1E8A2-03D8-4CF8-A27D-EECEED747B97}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{E80B89BC-5A83-44A5-A5DC-5AB77E2451B2}C:\users\public\thunder network\kankan\pusher\xmptipwnd.1.0.0.70.exe] => (Allow) C:\users\public\thunder network\kankan\pusher\xmptipwnd.1.0.0.70.exe
FirewallRules: [UDP Query User{1ADD6D40-430C-4BC5-A45A-C31EC059CF54}C:\users\public\thunder network\kankan\pusher\xmptipwnd.1.0.0.70.exe] => (Allow) C:\users\public\thunder network\kankan\pusher\xmptipwnd.1.0.0.70.exe
FirewallRules: [{8190422E-C4C6-480C-A5B0-9F8F15E2E6E2}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{5A629331-8B10-409A-BCBB-D8986743EE79}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [TCP Query User{E44C0244-3769-4C6D-9F30-4F6D52131473}C:\ttkvod2\filmeveryday.exe] => (Allow) C:\ttkvod2\filmeveryday.exe
FirewallRules: [UDP Query User{011B77DF-EFA3-423E-B649-EE38BD3B3685}C:\ttkvod2\filmeveryday.exe] => (Allow) C:\ttkvod2\filmeveryday.exe
FirewallRules: [TCP Query User{2080C7B5-8BC6-454B-8BF3-B4C63DEF2970}C:\windows\syswow64\rundll32.exe] => (Allow) C:\windows\syswow64\rundll32.exe
FirewallRules: [UDP Query User{1764539F-BEB7-443F-A6D3-DC8A4718848D}C:\windows\syswow64\rundll32.exe] => (Allow) C:\windows\syswow64\rundll32.exe
FirewallRules: [{BF3AACE8-61AC-451E-819E-C44377D2C6F9}] => (Allow) C:\Users\Dean\AppData\Local\Apps\2.0\5HP16NV1.O7K\RNP5L1WA.E0B\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe
FirewallRules: [{A9F01280-58F5-46F6-8300-39907540DB94}] => (Allow) C:\Users\Dean\AppData\Local\Apps\2.0\5HP16NV1.O7K\RNP5L1WA.E0B\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe
FirewallRules: [TCP Query User{150FFD05-C65B-4EFE-8DB9-787BFFDB4BEF}E:\games @ e\grand theft auto iv\gtaiv.exe] => (Allow) E:\games @ e\grand theft auto iv\gtaiv.exe
FirewallRules: [UDP Query User{262BC8A1-4265-404D-8275-EA9F1598D498}E:\games @ e\grand theft auto iv\gtaiv.exe] => (Allow) E:\games @ e\grand theft auto iv\gtaiv.exe
FirewallRules: [{DB151362-1ADB-40F2-BCE7-0B2A6AD8F783}] => (Allow) E:\Games @ E\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{ECFD7448-F4DE-4E06-B5DB-D99811D4197C}] => (Allow) E:\Games @ E\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [TCP Query User{55B0AC2A-0A0F-4E35-9EF6-D4BCA0223019}C:\users\dean\appdata\local\apps\2.0\5hp16nv1.o7k\rnp5l1wa.e0b\laun...app_59711684aa47878d_0001.0024_a21c2f22a8c1ce10\launcher.exe] => (Allow) C:\users\dean\appdata\local\apps\2.0\5hp16nv1.o7k\rnp5l1wa.e0b\laun...app_59711684aa47878d_0001.0024_a21c2f22a8c1ce10\launcher.exe
FirewallRules: [UDP Query User{4EE2975A-239D-4258-84BC-30B0715B2482}C:\users\dean\appdata\local\apps\2.0\5hp16nv1.o7k\rnp5l1wa.e0b\laun...app_59711684aa47878d_0001.0024_a21c2f22a8c1ce10\launcher.exe] => (Allow) C:\users\dean\appdata\local\apps\2.0\5hp16nv1.o7k\rnp5l1wa.e0b\laun...app_59711684aa47878d_0001.0024_a21c2f22a8c1ce10\launcher.exe
FirewallRules: [TCP Query User{F49338F5-99B4-400D-97BB-19D29E589C48}E:\games @ e\ghost recon phantoms\ncsa-live\ghostreconphantoms.exe] => (Allow) E:\games @ e\ghost recon phantoms\ncsa-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{33D1F15B-10D0-41FB-B095-B4F504F3594C}E:\games @ e\ghost recon phantoms\ncsa-live\ghostreconphantoms.exe] => (Allow) E:\games @ e\ghost recon phantoms\ncsa-live\ghostreconphantoms.exe
FirewallRules: [{CD1C0242-424E-407B-9C41-9EED61D3CE26}] => (Allow) C:\Program Files (x86)\JJPlayer\hdacc.exe
FirewallRules: [{A3C8FC8E-E526-4A49-A0CB-D0B0C95E0C7D}] => (Allow) C:\Program Files (x86)\JJPlayer\hdacc.exe
FirewallRules: [{5F7C4558-94FC-49E6-8F81-275C0CEC630C}] => (Allow) C:\Program Files (x86)\xfplay\xfp2p.exe
FirewallRules: [{EBD9F311-E1A2-4415-94A4-06EB0C3AE247}] => (Allow) C:\Program Files (x86)\xfplay\xfplay.exe
FirewallRules: [{F40EB4D3-B2A3-4630-A306-0A0222CABDDD}] => (Allow) C:\Program Files (x86)\xfplay\xfplay.exe
FirewallRules: [{C7FAEE7F-1A57-4B61-AB2D-81E3275311D9}] => (Allow) C:\Program Files (x86)\xfplay\xfplay.exe
FirewallRules: [{0E797CF6-AC4B-44D2-A1E8-73F8F7C2973A}] => (Allow) C:\Program Files (x86)\xfplay\xfp2p.exe
FirewallRules: [{FB278214-07E7-4C68-9558-67842231D4DA}] => (Allow) C:\Program Files (x86)\xfplay\gengxin.exe
FirewallRules: [{4EDCC577-D1E1-4445-9EE4-43B83734ED18}] => (Allow) C:\Program Files (x86)\xfplay\xfp2p.exe
FirewallRules: [TCP Query User{3558AFAA-E03B-427C-BE0B-FF29479C6BCF}E:\games @ e\stronghold crusader 2\bin\win32_release\crusader2.exe] => (Allow) E:\games @ e\stronghold crusader 2\bin\win32_release\crusader2.exe
FirewallRules: [UDP Query User{3957B92B-43CB-437D-A052-ACF30F449504}E:\games @ e\stronghold crusader 2\bin\win32_release\crusader2.exe] => (Allow) E:\games @ e\stronghold crusader 2\bin\win32_release\crusader2.exe
FirewallRules: [TCP Query User{A9347E94-3D48-421F-9597-C200DB76B1E4}E:\games @ e\defense grid 2\defensegrid2_release.exe] => (Allow) E:\games @ e\defense grid 2\defensegrid2_release.exe
FirewallRules: [UDP Query User{494244BF-F7DB-4CB5-AB82-94C8F1447109}E:\games @ e\defense grid 2\defensegrid2_release.exe] => (Allow) E:\games @ e\defense grid 2\defensegrid2_release.exe
FirewallRules: [TCP Query User{B0DE15BF-ABCA-488D-AD35-0DC9D16E0A70}E:\games @ e\borderlands pre sequel\binaries\win32\borderlandspresequel.exe] => (Allow) E:\games @ e\borderlands pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{79236DCD-405D-4E0F-906C-03E0DBB15EC4}E:\games @ e\borderlands pre sequel\binaries\win32\borderlandspresequel.exe] => (Allow) E:\games @ e\borderlands pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{3521FD42-31A3-430D-95AF-8C0C9BB6C6AA}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E022FD9B-D0FC-486A-9388-AB2DBE2D79F0}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{27A490D4-F34F-48B5-93A0-3721826F5D0B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{CE1F704C-EC3D-4BED-8570-3CA7D718202A}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{09611CE2-DEB0-4ACC-9F67-9FA29715C5A1}] => (Allow) C:\Program Files (x86)\duowan\gamebox\3.7.398836.146\yygamebox.exe
FirewallRules: [{15119391-B401-4F24-879F-E0F95CEA6B6F}] => (Allow) C:\Program Files (x86)\duowan\gamebox\3.7.398836.146\yygamebox.exe
FirewallRules: [{2690121B-2E2D-437E-A15C-E8DD1341F323}] => (Allow) C:\Program Files (x86)\duowan\gamebox\3.7.398836.146\bugreport.exe
FirewallRules: [{7F8747BD-E5C1-4020-935F-09B3F4048549}] => (Allow) C:\Program Files (x86)\duowan\gamebox\3.7.398836.146\bugreport.exe
FirewallRules: [TCP Query User{9C0A6354-788E-47BD-AB26-4A22FE914407}C:\program files (x86)\duowan\gamebox\3.7.398836.146\yygamebox.exe] => (Block) C:\program files (x86)\duowan\gamebox\3.7.398836.146\yygamebox.exe
FirewallRules: [UDP Query User{FB66E27A-4B14-4190-AB23-719D7E85B37C}C:\program files (x86)\duowan\gamebox\3.7.398836.146\yygamebox.exe] => (Block) C:\program files (x86)\duowan\gamebox\3.7.398836.146\yygamebox.exe
FirewallRules: [{C4BEB2DE-7F2C-4C27-A233-45F4173687E4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{064A8253-75D5-42A5-96CC-B20F5AC1B04C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{5D6E8842-8388-4F85-B7B2-ACE8E982D518}] => (Allow) LPort=34249
FirewallRules: [TCP Query User{B396DD67-C7C6-4481-AC02-57F173E6274E}E:\games @ e\company of heroes 2\reliccoh2.exe] => (Allow) E:\games @ e\company of heroes 2\reliccoh2.exe
FirewallRules: [UDP Query User{ED0D7435-6FC6-405E-9BF7-FC6CE64B4F13}E:\games @ e\company of heroes 2\reliccoh2.exe] => (Allow) E:\games @ e\company of heroes 2\reliccoh2.exe
FirewallRules: [{27BD57DA-4793-477F-8310-618FC2A9B4AC}] => (Allow) C:\Users\Public\Thunder Network\KanKan\Pusher\XmpTipWnd.1.0.0.79.exe
FirewallRules: [{6119E3E1-14AB-4103-897F-8A5D9884B503}] => (Allow) C:\Users\Public\Thunder Network\KanKan\Pusher\XmpTipWnd.1.0.0.79.exe
FirewallRules: [{2FCDA6F5-942F-47FE-B92D-96D22A750113}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A48C4A38-6B7E-49A8-8A98-0125E8DBC0A6}] => (Allow) LPort=2869
FirewallRules: [{BE5C14B1-734F-4AE8-9CB7-45C876CF1EBC}] => (Allow) LPort=1900
FirewallRules: [{F01347C6-353C-4A24-8BEB-B44CD7C295C7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{9C19D0D2-B3F2-4874-8D3A-674E6179983F}E:\games @ e\pro evolution soccer 2015\pes2015.exe] => (Allow) E:\games @ e\pro evolution soccer 2015\pes2015.exe
FirewallRules: [UDP Query User{7A2AAEF6-6E14-46F0-969B-1BED3463EDBC}E:\games @ e\pro evolution soccer 2015\pes2015.exe] => (Allow) E:\games @ e\pro evolution soccer 2015\pes2015.exe
FirewallRules: [TCP Query User{9603E75D-BD73-4FC3-B97A-9FDB3B5A8C35}E:\games @ e\dragon age\bin_ship\daorigins.exe] => (Allow) E:\games @ e\dragon age\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{7CF33369-C37D-4A9D-BBC4-7B5C11F2F08D}E:\games @ e\dragon age\bin_ship\daorigins.exe] => (Allow) E:\games @ e\dragon age\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{4310AE49-665C-4B0A-8EC9-4099D65CDA4B}E:\games @ e\dragon age\bin_ship\daorigins.exe] => (Allow) E:\games @ e\dragon age\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{A53B7585-F6F3-4348-B0D2-15BE2BAEA27D}E:\games @ e\dragon age\bin_ship\daorigins.exe] => (Allow) E:\games @ e\dragon age\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{615FF4DF-7957-487C-9DAE-D7BDC209526E}E:\games @ e\steamlib\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) E:\games @ e\steamlib\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{ECC1E28F-7F4E-4BDB-B14D-A699C3A514C0}E:\games @ e\steamlib\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) E:\games @ e\steamlib\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{7D3F85A4-796E-4C6E-8472-CABDDC2515B1}] => (Allow) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\DeviceSetup.exe
FirewallRules: [{8CCFDAFE-3636-46A9-A758-4273EEADFF3E}] => (Allow) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{BB93663E-F772-4D58-8124-B6C022BED81D}] => (Allow) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{527035D6-FEFC-43D7-B00C-805951328272}E:\games @ e\dying light\dyinglightgame.exe] => (Allow) E:\games @ e\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{B1062D82-FC11-4762-8EF2-C1EBF10A5D95}E:\games @ e\dying light\dyinglightgame.exe] => (Allow) E:\games @ e\dying light\dyinglightgame.exe
FirewallRules: [{3594E9F8-B8FF-48F2-8B04-3E9B8E6D3A51}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XLLiveUD.exe
FirewallRules: [{D8418A31-0650-4C97-BF14-B0AC1BFF857A}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\XLLiveUD.exe
FirewallRules: [{12A7558E-2ABE-4A47-8612-B6CF5DC55732}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{688958FA-68A8-432B-B683-EA63534F1CA1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0E08FB7C-8250-4B75-ADE5-517B61FF5824}E:\games @ e\evolve\bin64_steamretail\evolve.exe] => (Allow) E:\games @ e\evolve\bin64_steamretail\evolve.exe
FirewallRules: [UDP Query User{ECA890ED-A3CB-4A7F-BA73-4416A51115B4}E:\games @ e\evolve\bin64_steamretail\evolve.exe] => (Allow) E:\games @ e\evolve\bin64_steamretail\evolve.exe
FirewallRules: [{CD0BFA6E-D9E7-4191-B8DB-70470ACDDA31}] => (Allow) LPort=80
FirewallRules: [{00172C05-62B4-4D69-9C08-845AE2C17115}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{B4199351-02F2-41EE-995F-B684198B0F40}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{E7ED3BB9-DC64-4D37-937C-E6E34B89F026}] => (Allow) E:\Games @ E\SteamLib\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{6028F092-B4B9-4AE5-A7DA-417E5DC947B0}] => (Allow) E:\Games @ E\SteamLib\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{9595172E-30A5-47BC-8000-322EF5041B94}] => (Allow) E:\Games @ E\SteamLib\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{A74B39D6-2951-403A-963E-F8572F6F0D5B}] => (Allow) E:\Games @ E\SteamLib\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{7429DE3A-CB53-4DC5-8145-228ACFA1E8AD}] => (Allow) E:\Games @ E\SteamLib\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{A95A4540-38C2-49FC-A1C0-CD2EC5E99370}] => (Allow) E:\Games @ E\SteamLib\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{6A4E4659-81C1-4577-B488-1C9BDC8ADFB7}] => (Allow) E:\Games @ E\SteamLib\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{87071321-A0DE-4BEC-BED2-E461DC06E241}] => (Allow) E:\Games @ E\SteamLib\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{7ABD7990-E327-4B67-9F50-723F102F2C30}] => (Allow) E:\Games @ E\SteamLib\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{ED0D4058-FD0F-4720-A63E-CE299D4E0BAB}] => (Allow) E:\Games @ E\SteamLib\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{D0F692C9-6D7A-4CF7-B410-CD38B8C85731}] => (Allow) E:\Games @ E\SteamLib\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{93A7B537-B626-4286-AD05-DA54DC84966E}] => (Allow) E:\Games @ E\SteamLib\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{1832C7A0-AA46-4396-93AA-3534129A9779}E:\games @ e\dawn of war - dark crusade\darkcrusade.exe] => (Block) E:\games @ e\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [UDP Query User{DA925240-858C-4623-849B-CC0FE50260FD}E:\games @ e\dawn of war - dark crusade\darkcrusade.exe] => (Block) E:\games @ e\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [{68FD9928-DF6B-429F-857F-D1F8FD6D6447}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\XLDoctor\7.2.1.3136_1\Program\XLDoctorUI.exe
FirewallRules: [{7208D04C-224D-4BD1-B8D8-FA3A4D329EA4}] => (Allow) C:\Program Files (x86)\Thunder Network\Thunder\XLDoctor\7.2.1.3136_1\Program\XLDoctorUI.exe
FirewallRules: [{70651C90-C308-4A54-8697-0A7BBEEC7966}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\Xmp.exe
FirewallRules: [{14B79128-94C3-455A-BBB7-88C7E882736C}] => (Allow) C:\Program Files (x86)\Thunder Network\Xmp\Program\Xmp.exe
FirewallRules: [{031C5CCD-F8DB-4C6C-91FB-456D1B825F67}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\Xmp.exe
FirewallRules: [{4FD9605F-4D06-46F8-9D29-1A520C43651E}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\Xmp.exe
FirewallRules: [{207B2323-3497-4B4D-B57B-FD416CE2FFB3}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\ThunderServiceLite.exe
FirewallRules: [{55180304-859C-45ED-833C-7AABDF1012E0}] => (Allow) C:\Program Files (x86)\Common Files\Thunder Network\Kankan\ThunderServiceLite.exe
FirewallRules: [TCP Query User{79960E3A-60C9-4E51-821B-2F0F41A5F0D8}E:\games @ e\darkeden\darkedencn.exe] => (Allow) E:\games @ e\darkeden\darkedencn.exe
FirewallRules: [UDP Query User{A1D80614-375B-4E4A-9D30-E7C8F9F93591}E:\games @ e\darkeden\darkedencn.exe] => (Allow) E:\games @ e\darkeden\darkedencn.exe
FirewallRules: [{6CF0D896-4135-463A-B412-8C2FA01E3036}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{48963E5C-B3A1-497B-BB94-53F5827315AF}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [TCP Query User{963850CC-FE9A-4D2B-A47B-8D6035DC3365}E:\games @ e\cs 1.6\hl.exe] => (Allow) E:\games @ e\cs 1.6\hl.exe
FirewallRules: [UDP Query User{847D1F5D-A311-4D5B-A326-73969C9C7245}E:\games @ e\cs 1.6\hl.exe] => (Allow) E:\games @ e\cs 1.6\hl.exe
FirewallRules: [{E106B9EB-9FB5-416F-B235-7CFF9ED7252C}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{06F585C6-1C9C-4291-A2E0-1CB2CB66F7BF}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7E80B23E-AC34-4D3C-B863-25ED69FEC2F2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{72B6436F-0BB9-4F84-942D-AE59BFFA8012}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{3CF3E620-F721-4920-B250-0C889B75068D}C:\users\dean\downloads\tscq_0.2.9_install.exe.torrent.exe] => (Allow) C:\users\dean\downloads\tscq_0.2.9_install.exe.torrent.exe
FirewallRules: [UDP Query User{D2C3454B-EABC-4840-9BED-47DB0CEFEF97}C:\users\dean\downloads\tscq_0.2.9_install.exe.torrent.exe] => (Allow) C:\users\dean\downloads\tscq_0.2.9_install.exe.torrent.exe
FirewallRules: [TCP Query User{21A962E9-040B-43B2-889A-10677DE0349C}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe
FirewallRules: [UDP Query User{550DF9DD-FE75-49C8-BA5E-16220C6C3475}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe
FirewallRules: [{80C2A547-4ECB-4F76-9237-E041717E516F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{043A3705-3EED-4E1F-B842-1A945CB27D20}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{C25B02AB-E03D-4012-A57B-6A2AA26ED2D3}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{3D0286CB-63F0-43CA-B797-CE1AB497424A}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{20A8FE7C-530A-4FB0-9836-5D7164A96707}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CBF130BE-3786-4CE7-A2E0-F7D41FD00819}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C07ECBC5-CC5F-41C6-881F-157079711A8B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{993E4B8A-0249-4806-8D3D-A614A9093BD2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{8A2809DF-97CF-480B-B4B6-413EC5427689}E:\games @ e\steamlib\steamapps\common\america's army\aapg\binaries\win32\aagame.exe] => (Allow) E:\games @ e\steamlib\steamapps\common\america's army\aapg\binaries\win32\aagame.exe
FirewallRules: [UDP Query User{736CF9FB-DDEA-48D0-8E76-5EF0149ACE85}E:\games @ e\steamlib\steamapps\common\america's army\aapg\binaries\win32\aagame.exe] => (Allow) E:\games @ e\steamlib\steamapps\common\america's army\aapg\binaries\win32\aagame.exe
FirewallRules: [{DC6A219E-9BAF-48C3-9BB2-3EF42DCB9724}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{1A9AD99A-72C6-4E66-A0D7-0CF5B62EFB90}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{06522BD8-0F08-4ED6-9D37-68446C7A33D2}] => (Allow) C:\Program Files (x86)\115Chrome\Application\115chrome.exe
FirewallRules: [{91FBCB87-86A3-42B2-85D5-694E0B560083}] => (Allow) C:\Program Files (x86)\115Chrome\Application\115chrome.exe
FirewallRules: [{82D934D2-1C4F-47BD-9ED2-2CC36950DEBF}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{9C273F9D-8A21-40E7-A77C-C96482EE284F}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{01B5C47B-421E-4CF4-AF3E-08E99F52BF47}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{C92D86EA-B9AC-4EF6-972C-A56EA5985CB0}] => (Allow) E:\Games @ E\SteamLib\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{80DA2F27-B8D6-46D3-BFDF-0D52B9FA4357}E:\games @ e\steamlib\steamapps\common\freestyle2\freestyle2.exe] => (Block) E:\games @ e\steamlib\steamapps\common\freestyle2\freestyle2.exe
FirewallRules: [UDP Query User{953A7F61-D159-49B3-9314-B120C8D17464}E:\games @ e\steamlib\steamapps\common\freestyle2\freestyle2.exe] => (Block) E:\games @ e\steamlib\steamapps\common\freestyle2\freestyle2.exe
FirewallRules: [{A0C471D2-EC47-4DA9-8860-BEE24C525E5C}] => (Allow) C:\Users\Dean\AppData\Local\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3

==================== Faulty Device Manager Devices =============

Name: avast! VM Monitor
Description: avast! VM Monitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: sptd
Description: sptd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sptd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: avast! Revert
Description: avast! Revert
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/24/2015 10:05:07 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: 無法建立還原點 (處理程序 = C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe" -Embedding; 描述 = Configured Microsoft Office Professional Plus 2013; 錯誤 = 0x8007043c)。

Error: (08/24/2015 07:59:21 PM) (Source: Google Update) (EventID: 20) (User: Dean-PC)
Description: Network Request Error.
Error: 0x80072ee2. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned

Error: (08/24/2015 04:55:05 AM) (Source: Google Update) (EventID: 20) (User: Dean-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (08/23/2015 07:55:05 AM) (Source: Google Update) (EventID: 20) (User: Dean-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (08/23/2015 04:52:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 失敗的應用程式名稱: LolClient.exe,版本: 0.0.0.0,時間戳記: 0x515663e0
失敗的模組名稱: Adobe AIR.dll,版本: 3.7.0.1530,時間戳記: 0x5156646c
例外狀況碼: 0xc0000005
錯誤位移: 0x0006dd76
失敗的處理程序識別碼: 0x502c
失敗的應用程式開始時間: 0xLolClient.exe0
失敗的應用程式路徑: LolClient.exe1
失敗的模組路徑: LolClient.exe2
報告識別碼: LolClient.exe3

Error: (08/22/2015 02:40:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 失敗的應用程式名稱: rads_user_kernel.exe,版本: 0.0.0.0,時間戳記: 0x4e65c1ac
失敗的模組名稱: rads_user_kernel.exe,版本: 0.0.0.0,時間戳記: 0x4e65c1ac
例外狀況碼: 0xc0000005
錯誤位移: 0x000b8554
失敗的處理程序識別碼: 0x4bb8
失敗的應用程式開始時間: 0xrads_user_kernel.exe0
失敗的應用程式路徑: rads_user_kernel.exe1
失敗的模組路徑: rads_user_kernel.exe2
報告識別碼: rads_user_kernel.exe3

Error: (08/15/2015 01:28:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 失敗的應用程式名稱: vlc.exe,版本: 2.2.0.0,時間戳記: 0x00000004
失敗的模組名稱: libqt4_plugin.dll,版本: 2.2.0.0,時間戳記: 0x00020002
例外狀況碼: 0x40000015
錯誤位移: 0x0084fe35
失敗的處理程序識別碼: 0x6b54
失敗的應用程式開始時間: 0xvlc.exe0
失敗的應用程式路徑: vlc.exe1
失敗的模組路徑: vlc.exe2
報告識別碼: vlc.exe3

Error: (08/11/2015 11:13:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 失敗的應用程式名稱: vlc.exe,版本: 2.2.0.0,時間戳記: 0x00000004
失敗的模組名稱: unknown,版本: 0.0.0.0,時間戳記: 0x00000000
例外狀況碼: 0x80000026
錯誤位移: 0x7398cb49
失敗的處理程序識別碼: 0x870
失敗的應用程式開始時間: 0xvlc.exe0
失敗的應用程式路徑: vlc.exe1
失敗的模組路徑: vlc.exe2
報告識別碼: vlc.exe3

Error: (06/22/2015 02:12:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: 程式 vlc.exe 版本 2.2.0.0 已停止與 Windows 互動,而且已關閉。若要查看是否有此問題的詳細資訊,請檢查位於 [行動作業中心] 控制台中的問題歷程記錄。

處理程序識別碼: 405c

開始時間: 01d0ac4d9f624134

終止時間: 3

應用程式路徑: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

報告識別碼: fb0e4880-1840-11e5-89ea-8c89a5543acd

Error: (06/21/2015 10:55:06 PM) (Source: Google Update) (EventID: 20) (User: Dean-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80


System errors:
=============
Error: (08/24/2015 10:09:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: SMB 2.0 MiniRedirector 服務依存的 SMB MiniRedirector 包裝函式與引擎 服務因為發生下列錯誤而無法啟動:
%%577

Error: (08/24/2015 10:09:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: SMB 1.x MiniRedirector 服務依存的 SMB MiniRedirector 包裝函式與引擎 服務因為發生下列錯誤而無法啟動:
%%577

Error: (08/24/2015 10:09:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: SMB MiniRedirector 包裝函式與引擎 服務無法啟動,因為下列錯誤:
%%577

Error: (08/24/2015 10:09:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Workstation 服務依存的 瀏覽支援驅動程式 服務因為發生下列錯誤而無法啟動:
%%577

Error: (08/24/2015 10:09:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Computer Browser 服務依存的 Server 服務因為發生下列錯誤而無法啟動:
%%1068

Error: (08/24/2015 10:09:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: 瀏覽支援驅動程式 服務無法啟動,因為下列錯誤:
%%577

Error: (08/24/2015 10:09:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: SMB 2.0 MiniRedirector 服務依存的 SMB MiniRedirector 包裝函式與引擎 服務因為發生下列錯誤而無法啟動:
%%577

Error: (08/24/2015 10:09:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: SMB 1.x MiniRedirector 服務依存的 SMB MiniRedirector 包裝函式與引擎 服務因為發生下列錯誤而無法啟動:
%%577

Error: (08/24/2015 10:09:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: SMB MiniRedirector 包裝函式與引擎 服務無法啟動,因為下列錯誤:
%%577

Error: (08/24/2015 10:09:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Workstation 服務依存的 瀏覽支援驅動程式 服務因為發生下列錯誤而無法啟動:
%%577


Microsoft Office:
=========================
Error: (08/24/2015 10:05:07 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Professional Plus 20130x8007043c

Error: (08/24/2015 07:59:21 PM) (Source: Google Update) (EventID: 20) (User: Dean-PC)
Description: Network Request Error.
Error: 0x80072ee2. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned

Error: (08/24/2015 04:55:05 AM) (Source: Google Update) (EventID: 20) (User: Dean-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (08/23/2015 07:55:05 AM) (Source: Google Update) (EventID: 20) (User: Dean-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (08/23/2015 04:52:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: LolClient.exe0.0.0.0515663e0Adobe AIR.dll3.7.0.15305156646cc00000050006dd76502c01d0dcaa78c46cdaD:\Games @ D\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.157\deploy\LolClient.exeD:\Games @ D\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.157\deploy\Adobe AIR\Versions\1.0\Adobe AIR.dllbb44ad49-490f-11e5-aa81-8c89a5543acd

Error: (08/22/2015 02:40:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rads_user_kernel.exe0.0.0.04e65c1acrads_user_kernel.exe0.0.0.04e65c1acc0000005000b85544bb801d0dca5715647ddD:\Games @ D\League of Legends\RADS\system\rads_user_kernel.exeD:\Games @ D\League of Legends\RADS\system\rads_user_kernel.exeaf6eec3b-4898-11e5-aa81-8c89a5543acd

Error: (08/15/2015 01:28:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.2.0.000000004libqt4_plugin.dll2.2.0.000020002400000150084fe356b5401d0d6b69237e300C:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dlld78cbf1d-42a9-11e5-b571-8c89a5543acd

Error: (08/11/2015 11:13:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.2.0.000000004unknown0.0.0.000000000800000267398cb4987001d0d44823dd998bC:\Program Files (x86)\VideoLAN\VLC\vlc.exeunknown7472b885-403b-11e5-b49f-8c89a5543acd

Error: (06/22/2015 02:12:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: vlc.exe2.2.0.0405c01d0ac4d9f6241343C:\Program Files (x86)\VideoLAN\VLC\vlc.exefb0e4880-1840-11e5-89ea-8c89a5543acd

Error: (06/21/2015 10:55:06 PM) (Source: Google Update) (EventID: 20) (User: Dean-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80


CodeIntegrity:
===================================
Date: 2015-08-24 22:09:35.550
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mrxsmb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-24 22:09:35.504
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mrxsmb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-24 22:09:35.472
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\bowser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-24 22:09:35.441
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\bowser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-24 22:09:35.394
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mrxsmb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-24 22:09:35.363
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mrxsmb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-24 22:09:35.332
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\bowser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-24 22:09:35.285
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\bowser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-24 22:09:35.254
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mrxsmb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-24 22:09:35.223
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mrxsmb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Phenom™ II X4 965 Processor
Percentage of memory in use: 19%
Total physical RAM: 8191.18 MB
Available physical RAM: 6571.68 MB
Total Virtual: 22495.25 MB
Available Virtual: 21067.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:146.39 GB) (Free:8.44 GB) NTFS
Drive d: () (Fixed) (Total:48.83 GB) (Free:37.02 GB) NTFS
Drive e: () (Fixed) (Total:270.45 GB) (Free:92.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3A283A27)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=146.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=270.4 GB) - (Type=07 NTFS)

==================== End of log ============================

Attached Files


Edited by Oh My!, 27 August 2015 - 05:27 PM.


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,413 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:53 PM

Posted 27 August 2015 - 06:22 PM

Greetings Dean and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Please consider and do this. If necessary, run the programs in Safe Mode.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have evidence of P2P downloads. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities.

===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Scan
  • Upon completion click Report
  • Review the entries and uncheck any items you would like to keep on your computer (leaving an item checked will cause its deletion)
  • Click Clean to remove the items still checked
  • Click OK twice to reboot your computer
  • Copy and paste the contents of the text file on your desktop upon reboot in your reply
  • You can also find the logfile at C:\AdwCleaner\AdwCleaner.txt
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

RogueKiller by Tigzy

--------------------
  • Download RogueKiller and save it to your desktop
  • Close all running programs
  • For Windows 8/7/Vista users right click on the icon and select Run as Administrator
  • For Windows XP simply double click on the icon
  • The program will conduct a prescan and when finished you wlll see Prescan Finished. Please hit the scan button
  • Click Scan
  • A report should open and a copy of the report will be placed on your desktop. If not, hit the Report button.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If it really won't run, rename it winlogon.exe (or winlogon.com) and try again
  • Copy and paste the contents of the report in your reply
===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Run: [Nexus] => [X]
BHO: No Name -> {004B0726-A010-4ABF-8556-FCDB7F1FCA1E} ->  No File
BHO-x32: No Name -> {889D2FEB-5411-4565-8998-1DD2C5261283} ->  No File
BHO-x32: Microsoft 帳戶登入協助程式 -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO-x32: Microsoft Web Test Recorder 9.0 Helper -> {E31CE47F-C268-41ba-897B-B415E613947D} -> E:\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO90.dll No File
FF Plugin: @qvod.com/QvodShare -> C:\Program Files (x86)\QvodPlayer\npShareModule_x64.dll [No File]
FF Plugin-x32: @alipay.com/npaliedit -> C:\Windows\system32\aliedit\3.6.0.0\npaliedit.dll [No File]
FF Plugin-x32: @baidu.com/npxbdyy -> C:\Program Files (x86)\Baidu\BaiduPlayer\1.19.0.137\npxbdyy.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll [No File]
FF Plugin-x32: @funshion.com/npFunshion -> C:\Users\Dean\funshion\funshiontools\npFunshion.dll [No File]
FF Plugin-x32: @raidcall.tw/RCplugin -> C:\Users\Dean\AppData\Roaming\RCTW\plugins\nprcplugin.dll [No File]
FF Plugin-x32: @soupingguo.com/npSpg -> C:\Program Files (x86)\搜蘋果\Addin\npSpg.dll [No File]
FF Plugin-x32: @xunlei.com/npxunlei;version=1.0.0.2 -> C:\Program Files (x86)\Thunder Network\Thunder\Data\npxunlei1.0.0.2.dll [No File]
FF Plugin HKU\S-1-5-21-2371761838-3269241468-585396966-1000: @qvod.com/QvodInsert -> C:\Program Files (x86)\QvodPlayer\npQvodInsert.dll No File
FF Plugin HKU\S-1-5-21-2371761838-3269241468-585396966-1000: @xunlei.com/npxunlei;version=1.0.0.2 -> C:\Program Files (x86)\Thunder Network\Thunder\Data\npxunlei1.0.0.2.dll No File
FF Plugin HKU\S-1-5-21-2371761838-3269241468-585396966-1000: gf2.gameflier.com/WebLauncher -> C:\Program Files (x86)\GF2_WebLaunch\npWebLauncher.dll No File
FF Plugin HKU\S-1-5-21-2371761838-3269241468-585396966-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\searchplugins\katcr.xml [2015-05-03]
CHR HKLM-x32\...\Chrome\Extension: [aaaaoggiphohkihibdkcnhnokmkfmhnj] - C:\Users\Dean\AppData\Local\APN\GoogleCRXs\aaaaoggiphohkihibdkcnhnokmkfmhnj_7.14.1.0.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [hmbifdmobcbjlhplmlnbjbofnnoolink] - C:\Program Files (x86)\Thunder Network\Thunder\BHO\xl_plugin_chrome.crx <not found>
S4 PPTVService; C:\Windows\SysWOW64\PPTVSvc.dll [X]
S2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService [X]
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
2015-08-11 22:23 - 2015-08-24 00:42 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
C:\Users\Dean\AppData\Local\Temp\tmp1017.exe
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
Task: {DBAC374B-17CF-4F10-A3EA-01A9AC4A6DE0} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-08-02] ()
File: C:\Users\Dean\AppData\Roaming\base64.cer
cmd: rename C:\Users\Dean\AppData\Roaming\xlgdlapp.ini xlgdlapp.ini.old
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Farbar's MiniToolBox

--------------------
  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure only the following options are checked:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries

  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • AdwCleaner log
  • Junkware log
  • RogueKiller log
  • Fixlog
  • Result.txt
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 seeker103

seeker103
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:53 AM

Posted 28 August 2015 - 11:55 PM

Thanks for the reply sir and sorry for the wait. Since the day I posted the symptoms that led me here seems to have disappeared, I don't know if it was a virus that caused it or just a messed up Windows that did.

Anyways here's the log, should you need any translation please ask, I'm from Hong Kong and my computer is not in English. Your help is greatly appreciated!

 

 

=========================================== AdwCleaner ===========================================

 

# AdwCleaner v5.004 - Logfile created 29/08/2015 at 00:32:24
# Updated 26/08/2015 by Xplode
# Database : 2015-08-25.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Dean - DEAN-PC
# Running from : C:\Users\Dean\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
[-] File Deleted : C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\Extensions\superdrag@enjoyfreeware.org.xpi

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
[-] Key Deleted : HKLM\SOFTWARE\W3I
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF

***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1262 bytes] ##########
 

 

=========================================== JRT ===========================================

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.9 (08.27.2015:1)
OS: Windows 7 Ultimate x64
Ran by Dean on 2015/08/29 ¶g¤» at  0:52:58.95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1FF7973D-AB0A-496d-82C1-4EADBBA11E7B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{889D2FEB-5411-4565-8998-1DD2C5261283}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{889D2FEB-5411-4565-8998-1DD2C5261283}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{889D2FEB-5411-4565-8998-1DD2C5261283}



~~~ Files

Successfully deleted: [File] C:\Users\Dean\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_bigefpfhnfcobdlfbedofhhaibnlghod_0.localstorage
Successfully deleted: [File] C:\Users\Dean\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_bigefpfhnfcobdlfbedofhhaibnlghod_0.localstorage-journal



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\thunder network
Successfully deleted: [Folder] C:\Users\Dean\Appdata\Local\thunder network
Successfully deleted: [Folder] C:\Users\Dean\Appdata\LocalLow\thunder network
Successfully deleted: [Folder] C:\Users\Public\thunder network



~~~ FireFox

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@alipay.com/npaliedit
Emptied folder: C:\Users\Dean\AppData\Roaming\mozilla\firefox\profiles\qs09tjzq.default\minidumps [55 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Dean\Appdata\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod

[C:\Users\Dean\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Dean\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
bigefpfhnfcobdlfbedofhhaibnlghod

[C:\Users\Dean\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Dean\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  bigefpfhnfcobdlfbedofhhaibnlghod,
  gkcbebbklfkjeocpmoamnopdllfekind,
  pcidejejpblipcjpnkfkddlkmgndblch
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2015/08/29 ¶g¤» at  0:56:33.34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

=========================================== RKill ===========================================

 

RogueKiller V10.10.2.0 [Aug 24 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Dean [Administrator]
Started from : C:\Users\Dean\Desktop\RogueKiller.exe
Mode : Scan -- Date : 08/29/2015 01:17:09

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[VT.Unknown] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Rapoo 8300 : C:\Program Files (x86)\Rapoo\8300\8300_Mouse.exe [-] -> 找到
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01  -> 找到
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2371761838-3269241468-585396966-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01  -> 找到
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2371761838-3269241468-585396966-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01  -> 找到
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2371761838-3269241468-585396966-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> 找到
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2371761838-3269241468-585396966-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> 找到

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1       localhost

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUP][FIREFX:Addon] qs09tjzq.default : Super Drag [superdrag@enjoyfreeware.org] -> 找到

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST3500418AS ATA Device +++++
--- User ---
[MBR] 2e966ce6f1a5f9de7c04a0f20604e0a1
[BSP] cd319ce7f9caedd907d96bc395507b5f : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 50000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 102606848 | Size: 149900 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409602048 | Size: 276938 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
 

 

============================================= FRST ===========================================

 

Fix result of Farbar Recovery Scan Tool (x64) Version:27-08-2015
Ran by Dean (2015-08-29 01:23:41) Run:1
Running from C:\Users\Dean\Desktop
Loaded Profiles: Dean (Available Profiles: Dean & Classic .NET AppPool & DefaultAppPool & PayPal_ExpressCheckout)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-21-2371761838-3269241468-585396966-1000\...\Run: [Nexus] => [X]
BHO: No Name -> {004B0726-A010-4ABF-8556-FCDB7F1FCA1E} ->  No File
BHO-x32: No Name -> {889D2FEB-5411-4565-8998-1DD2C5261283} ->  No File
BHO-x32: Microsoft 帳戶登入協助程式 -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO-x32: Microsoft Web Test Recorder 9.0 Helper -> {E31CE47F-C268-41ba-897B-B415E613947D} -> E:\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO90.dll No File
FF Plugin: @qvod.com/QvodShare -> C:\Program Files (x86)\QvodPlayer\npShareModule_x64.dll [No File]
FF Plugin-x32: @alipay.com/npaliedit -> C:\Windows\system32\aliedit\3.6.0.0\npaliedit.dll [No File]
FF Plugin-x32: @baidu.com/npxbdyy -> C:\Program Files (x86)\Baidu\BaiduPlayer\1.19.0.137\npxbdyy.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll [No File]
FF Plugin-x32: @funshion.com/npFunshion -> C:\Users\Dean\funshion\funshiontools\npFunshion.dll [No File]
FF Plugin-x32: @raidcall.tw/RCplugin -> C:\Users\Dean\AppData\Roaming\RCTW\plugins\nprcplugin.dll [No File]
FF Plugin-x32: @soupingguo.com/npSpg -> C:\Program Files (x86)\搜蘋果\Addin\npSpg.dll [No File]
FF Plugin-x32: @xunlei.com/npxunlei;version=1.0.0.2 -> C:\Program Files (x86)\Thunder Network\Thunder\Data\npxunlei1.0.0.2.dll [No File]
FF Plugin HKU\S-1-5-21-2371761838-3269241468-585396966-1000: @qvod.com/QvodInsert -> C:\Program Files (x86)\QvodPlayer\npQvodInsert.dll No File
FF Plugin HKU\S-1-5-21-2371761838-3269241468-585396966-1000: @xunlei.com/npxunlei;version=1.0.0.2 -> C:\Program Files (x86)\Thunder Network\Thunder\Data\npxunlei1.0.0.2.dll No File
FF Plugin HKU\S-1-5-21-2371761838-3269241468-585396966-1000: gf2.gameflier.com/WebLauncher -> C:\Program Files (x86)\GF2_WebLaunch\npWebLauncher.dll No File
FF Plugin HKU\S-1-5-21-2371761838-3269241468-585396966-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\searchplugins\katcr.xml [2015-05-03]
CHR HKLM-x32\...\Chrome\Extension: [aaaaoggiphohkihibdkcnhnokmkfmhnj] - C:\Users\Dean\AppData\Local\APN\GoogleCRXs\aaaaoggiphohkihibdkcnhnokmkfmhnj_7.14.1.0.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [hmbifdmobcbjlhplmlnbjbofnnoolink] - C:\Program Files (x86)\Thunder Network\Thunder\BHO\xl_plugin_chrome.crx <not found>
S4 PPTVService; C:\Windows\SysWOW64\PPTVSvc.dll [X]
S2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService [X]
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
2015-08-11 22:23 - 2015-08-24 00:42 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
C:\Users\Dean\AppData\Local\Temp\tmp1017.exe
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Dean\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
Task: {DBAC374B-17CF-4F10-A3EA-01A9AC4A6DE0} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-08-02] ()
File: C:\Users\Dean\AppData\Roaming\base64.cer
cmd: rename C:\Users\Dean\AppData\Roaming\xlgdlapp.ini xlgdlapp.ini.old
*****************

HKU\S-1-5-21-2371761838-3269241468-585396966-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Nexus => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{004B0726-A010-4ABF-8556-FCDB7F1FCA1E}" => key removed successfully
HKCR\CLSID\{004B0726-A010-4ABF-8556-FCDB7F1FCA1E} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{889D2FEB-5411-4565-8998-1DD2C5261283} => key not found.
HKCR\Wow6432Node\CLSID\{889D2FEB-5411-4565-8998-1DD2C5261283} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E31CE47F-C268-41ba-897B-B415E613947D}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{E31CE47F-C268-41ba-897B-B415E613947D}" => key removed successfully
"HKLM\Software\MozillaPlugins\@qvod.com/QvodShare" => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@alipay.com/npaliedit => key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@baidu.com/npxbdyy" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.104.0" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@funshion.com/npFunshion" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@raidcall.tw/RCplugin" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@soupingguo.com/npSpg" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@xunlei.com/npxunlei;version=1.0.0.2" => key removed successfully
"HKU\S-1-5-21-2371761838-3269241468-585396966-1000\Software\MozillaPlugins\@qvod.com/QvodInsert" => key removed successfully
C:\Program Files (x86)\QvodPlayer\npQvodInsert.dll => not found.
"HKU\S-1-5-21-2371761838-3269241468-585396966-1000\Software\MozillaPlugins\@xunlei.com/npxunlei;version=1.0.0.2" => key removed successfully
C:\Program Files (x86)\Thunder Network\Thunder\Data\npxunlei1.0.0.2.dll => not found.
"HKU\S-1-5-21-2371761838-3269241468-585396966-1000\Software\MozillaPlugins\gf2.gameflier.com/WebLauncher" => key removed successfully
C:\Program Files (x86)\GF2_WebLaunch\npWebLauncher.dll => not found.
"HKU\S-1-5-21-2371761838-3269241468-585396966-1000\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin" => key removed successfully
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => not found.
C:\Users\Dean\AppData\Roaming\Mozilla\Firefox\Profiles\qs09tjzq.default\searchplugins\katcr.xml => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaoggiphohkihibdkcnhnokmkfmhnj" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hmbifdmobcbjlhplmlnbjbofnnoolink" => key removed successfully
PPTVService => service removed successfully
Winstep Xtreme Service => service removed successfully
AODDriver4.01 => service removed successfully
AODDriver4.2.0 => service removed successfully
EagleX64 => service removed successfully
C:\Windows\System32\Tasks\AutoKMS => moved successfully
C:\Users\Dean\AppData\Local\Temp\tmp1017.exe => moved successfully
"HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => key removed successfully
"HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}" => key removed successfully
"HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => key removed successfully
"HKU\S-1-5-21-2371761838-3269241468-585396966-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBAC374B-17CF-4F10-A3EA-01A9AC4A6DE0} => key not found.
C:\Windows\System32\Tasks\AutoKMS => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => key removed successfully

========================= File: C:\Users\Dean\AppData\Roaming\base64.cer ========================

File not signed
MD5: 6FB0ACA0C76368E5AC6E16C79E311238
Creation and modification date: 2013-06-19 21:30 - 2013-08-20 20:41
Size: 0001078
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


=========  rename C:\Users\Dean\AppData\Roaming\xlgdlapp.ini xlgdlapp.ini.old =========


========= End of CMD: =========


==== End of Fixlog 01:23:42 ====

 

 

=========================================== MTB ===========================================

 

MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by Dean (administrator) on 29-08-2015 at 12:36:31
Running from "C:\Users\Dean\Desktop"
Microsoft Windows 7 旗艦版  Service Pack 1 (X64)
Model: MS-7641 Manufacturer: MSI
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1       localhost
127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = 區域連線 (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Hardware not present)
TAP-Win32 Adapter V9 = 區域連線 3 (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0
add address name="?????? 2" address=192.168.137.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Dean-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : setup.net

Ethernet adapter ????* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : IPvE Adapter
   Physical Address. . . . . . . . . : 00-FF-10-B6-07-12
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter ????:

   Connection-specific DNS Suffix  . : setup.net
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 8C-89-A5-54-3A-CD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::912b:2a06:7984:10fb%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.8.49(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 2015?8?29? ?? 12:35:19
   Lease Expires . . . . . . . . . . : 2015?8?29? ?? 12:45:19
   Default Gateway . . . . . . . . . : 192.168.8.1
   DHCP Server . . . . . . . . . . . : 192.168.8.1
   DHCPv6 IAID . . . . . . . . . . . : 244091301
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-55-69-D3-8C-89-A5-54-3A-CD
   DNS Servers . . . . . . . . . . . : 192.168.8.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:cbc6:503d:18d8:1a47:3f57:f7ce(Preferred)
   Link-local IPv6 Address . . . . . : fe80::18d8:1a47:3f57:f7ce%22(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.setup.net:

   Connection-specific DNS Suffix  . : setup.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.8.49%19(Preferred)
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 192.168.8.1
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dsldevice.setup\.net
Address:  192.168.8.1

Name:    google.com.setup.net
Addresses:  64.15.205.101
      208.48.81.133
      208.48.81.134
      64.15.205.100


Pinging google.com [173.194.126.70] with 32 bytes of data:
Reply from 173.194.126.70: bytes=32 time=62ms TTL=54
Reply from 173.194.126.70: bytes=32 time=62ms TTL=55

Ping statistics for 173.194.126.70:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 62ms, Maximum = 62ms, Average = 62ms
Server:  dsldevice.setup\.net
Address:  192.168.8.1

Name:    yahoo.com.setup.net
Addresses:  64.15.205.101
      208.48.81.134
      64.15.205.100
      208.48.81.133


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=165ms TTL=52
Reply from 206.190.36.45: bytes=32 time=165ms TTL=53

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 165ms, Maximum = 165ms, Average = 165ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...00 ff 10 b6 07 12 ......IPvE Adapter
 10...8c 89 a5 54 3a cd ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 22...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.8.1     192.168.8.49     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.8.0    255.255.255.0         On-link      192.168.8.49    276
     192.168.8.49  255.255.255.255         On-link      192.168.8.49    276
    192.168.8.255  255.255.255.255         On-link      192.168.8.49    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.8.49    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.8.49    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 22     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 22     58 2001::/32                On-link
 22    306 2001:0:cbc6:503d:18d8:1a47:3f57:f7ce/128
                                    On-link
 10    276 fe80::/64                On-link
 22    306 fe80::/64                On-link
 19    281 fe80::5efe:192.168.8.49/128
                                    On-link
 22    306 fe80::18d8:1a47:3f57:f7ce/128
                                    On-link
 10    276 fe80::912b:2a06:7984:10fb/128
                                    On-link
  1    306 ff00::/8                 On-link
 22    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

**** End of log ****
 

Attached Files



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,413 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:53 PM

Posted 29 August 2015 - 02:51 PM

Greetings,

Glad for the good report and things are looking pretty good with the logs you posted. Please do this.

===================================================

Emsisoft Emergency Kit Scan

--------------------
  • Download Emsisoft Emergency Kit and save it to your desktop.
  • Double click on the EmsisoftEmergencyKit.exe icon, click Run then Extract
  • Double click the Start Emsisoft Emergency Kit icon that will appear after extraction
  • Click Yes to update the program
  • Once the update is completed click the Back button
  • Click on 2. Scan (not Quick Scan or Smart Scan)
  • Click Smart Scan (recommended)
  • Patiently wait for the thorough scan to complete, this can be a lengthy process
  • Once completed click Quarantine selected objects (if computer is clean you will not have this option) then click OK
  • Click View Report
  • Copy and paste the contents of the report in your reply
  • Note: If you receive an error report saying there are too many emoticons simply attach the file instead
  • Close the program then click Close
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double click the icon to launch the program
  • Click OK
  • Select Run Note: If you receive an error message attempt to run the program in Safe Mode
  • Press any key to start the program
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Emsisoft report (if applicable)
  • Security Check log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 seeker103

seeker103
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:53 AM

Posted 31 August 2015 - 11:57 AM

Here are the logs requested, thanks!

 

==============================================================================================================

 

Emsisoft Emergency Kit - Version 10.0
Last update: 2015/8/31 ?? 08:03:53
User account: Dean-PC\Dean

Scan settings:

Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files

Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start:    2015/8/31 ?? 08:05:04
Key: HKEY_USERS\S-1-5-21-2371761838-3269241468-585396966-1000\SOFTWARE\CLASSES\CLSID\{F3D0D36F-23F8-4682-A195-74C92B03D4AF}     detected: Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F3D0D36F-23F8-4682-A195-74C92B03D4AF}     detected: Application.Toolbar (A)
C:\Users\Dean\AppData\Roaming\baidu     detected: Application.AppInstall (A)
Value: HKEY_USERS\S-1-5-21-2371761838-3269241468-585396966-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR     detected: Setting.DisableTaskMgr (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS     detected: Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-2371761838-3269241468-585396966-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS     detected: Setting.DisableRegistryTools (A)

Scanned    87797
Found    6

Scan end:    2015/8/31 ?? 08:12:48
Scan time:    0:07:44

Value: HKEY_USERS\S-1-5-21-2371761838-3269241468-585396966-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS    Quarantined Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS    Quarantined Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-2371761838-3269241468-585396966-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR    Quarantined Setting.DisableTaskMgr (A)
C:\Users\Dean\AppData\Roaming\baidu    Quarantined Application.AppInstall (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F3D0D36F-23F8-4682-A195-74C92B03D4AF}    Quarantined Application.Toolbar (A)

Quarantined    5
 

 

========================================================================================================================

 

 Results of screen317's Security Check version 1.008  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 40  
 Visual Studio Extensions for Windows Library for JavaScript
 Java version 32-bit out of Date!
 Adobe Flash Player 18.0.0.232  
 Adobe Reader XI  
 Mozilla Firefox (39.0)
 Google Chrome (44.0.2403.155)
 Google Chrome (44.0.2403.157)
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast afwServ.exe  
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
 



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,413 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:53 PM

Posted 31 August 2015 - 11:59 AM

Thanks looks good. Are you having any issues?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,413 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:53 PM

Posted 03 September 2015 - 08:54 AM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 seeker103

seeker103
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:53 AM

Posted 03 September 2015 - 10:35 AM

Hi, sorry for the late reply, I've been busy this week.

Things have been smooth lately and there hasn't been any signs of virus.

As always, thank you for all your help!



#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,413 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:53 PM

Posted 03 September 2015 - 02:16 PM

Hi Dean, that is great to hear.

Now that your computer is running well it is my great pleasure to proclaim to you the Good News!

===================================================

All Clean!

--------------

Your machine appears to be clean and you may delete any programs or logs on your computer as a result of our efforts. If we used Emsisoft Emergency Kit just delete the icon on your desktop and the C:\EEK folder. For everything else you simply delete the log files or desktop icons.

Please take the time to read below on how to secure the machine and take the necessary steps to keep it clean :thumbsup:

Lawrence Abrams, the founder of BleepingComputer.com, has developed an excellent tutorial which will provide you with the information you need to know to keep your computer secure and clean. Please take the time to read:In addition, here are some more links you might find of interest:I will leave this topic open for just a brief period of time in case you have any further issues then it will be closed shortly thereafter.

Thank you for placing your trust in BleepingComputer. It was a pleasure serving you. OhMy_done.gif
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,413 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:53 PM

Posted 04 September 2015 - 07:51 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users