Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Chrome Extension Virus "Ads By Lyrics"


  • This topic is locked This topic is locked
16 replies to this topic

#1 Oscar19Ross

Oscar19Ross

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:37 PM

Posted 20 January 2016 - 11:34 AM

So I mustve downloaded something but ive got an extension on my google chrome now called "SavePages" and basically it constantly pops up adverts whenever I click somewhere on a page.
The extension cant be deleted and i have tried to follow this : http://howtoremove.guide/ads-by-lyrics-removal/
But none of the files shown in it are actually on my computer. Any help would be great

Thanks



BC AdBot (Login to Remove)

 


#2 olgun52

olgun52

  • Malware Response Team
  • 3,782 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 20 January 2016 - 05:53 PM

Hello Oscar19Ross and Welcome to the BleepingComputer. :welcome:
My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

Before we move on, please read the following points carefully.

  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
  • I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
  • Please reply to this thread. Do not start a new topic
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
  • Please open as administrator  the computer. How is open as administrator  the computer?
  • Disable your AntiVirus and AntiSpyware applications, as they will  interfere with our tools and the removal. If you are unsure how to do  this, please refer to get help here

Thanks
---------------------------------------------------------------------------------------------------------
 
Please do the following.
 
Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure the following option is checked: addition.png
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Sincerely  . :hello:


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#3 olgun52

olgun52

  • Malware Response Team
  • 3,782 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 21 January 2016 - 06:23 PM

Hello !

Are you still with me?


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#4 Oscar19Ross

Oscar19Ross
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:37 PM

Posted 22 January 2016 - 12:31 PM

Hello !

Are you still with me?

Hi sorry just saw this I will do it tomorrow and let you know !!
Thanks loads



#5 olgun52

olgun52

  • Malware Response Team
  • 3,782 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 22 January 2016 - 04:06 PM

Okay. I am waiting.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#6 Oscar19Ross

Oscar19Ross
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:37 PM

Posted 23 January 2016 - 03:26 AM

FRST LOG

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
Ran by Oscar (administrator) on OSCAR-PC (23-01-2016 12:12:36)
Running from C:\Users\Oscar\Downloads
Loaded Profiles: Oscar (Available Profiles: Oscar)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCService.exe
(IOBit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCAvSvc.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Gigabyte Technology CO.) C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCTray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Spotify Ltd) C:\Users\Oscar\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
(Razer USA Ltd.) C:\Program Files (x86)\Razer\Arctosa\razerhid.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(RockMelt Inc.) C:\Users\Oscar\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [STCAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe [776064 2011-03-04] (Splashtop Inc.)
HKLM-x32\...\Run: [ZyngaGamesAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [841544 2010-11-15] (Splashtop Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)
HKLM-x32\...\Run: [Arctosa] => C:\Program Files (x86)\Razer\Arctosa\razerhid.exe [147456 2008-10-06] (Razer USA Ltd.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5889824 2015-07-28] (IObit)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2552320 2011-03-30] (Gigabyte Technology CO., LTD.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-03-09] (AMD)
HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCTray.exe [2596640 2015-05-22] (IObit)
HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\Run: [uTorrent] => C:\Users\Oscar\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-03] (BitTorrent Inc.)
HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1079592 2015-06-26] (Apple Inc.)
HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\Run: [Spotify Web Helper] => C:\Users\Oscar\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-20] (Spotify Ltd)
HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\Run: [Spotify] => C:\Users\Oscar\AppData\Roaming\Spotify\Spotify.exe [8387696 2015-12-20] (Spotify Ltd)
HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\MountPoints2: E - E:\Setup.exe
HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\MountPoints2: G - G:\Setup.exe
HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Oscar\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Oscar\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Oscar\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Oscar\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Oscar\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Oscar\AppData\Local\MEGAsync\ShellExtX32.dll No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{24B2F5D9-E0BB-4D2A-A733-21ECBF4D1D21}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CEEE95BA-D70C-40EC-9272-256DDDCF8266}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DF035E86-1E88-424D-8B24-3BB810F619AC}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=116987&tt=4412_5&babsrc=HP_ss&mntrId=2ac8e5830000000000007a7905757d0c
URLSearchHook: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000 - (No Name) - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - No File
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=116987&tt=4412_5&babsrc=SP_ss&mntrId=2ac8e5830000000000007a7905757d0c
SearchScopes: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=116987&tt=4412_5&babsrc=SP_ss&mntrId=2ac8e5830000000000007a7905757d0c
SearchScopes: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000 -> {53FFD81A-C4DA-4c57-94AC-5038BB1A3F44} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000 -> {9368ECBD-E9FF-4227-8654-154D79F18533} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000 -> {FC473F05-5D5E-4b8f-AD26-1AF3227CC377} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-07] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-07] (Oracle Corporation)
BHO-x32: Premiumplay Codec-C -> {11111111-1111-1111-1111-110011041135} -> C:\Program Files (x86)\Premiumplay Codec-C\Premiumplay Codec-C.dll => No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-07] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2012-11-04] (Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-07] (Oracle Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Handler: linkscanner - No CLSID Value
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Oscar\AppData\Roaming\Mozilla\Firefox\Profiles\8nrwi0tz.default
FF DefaultSearchEngine: Google
FF NetworkProxy: "http", "109.123.126.253"
FF NetworkProxy: "http_port", 8080
FF Homepage: hxxp://isearch.avg.com/?cid={5154771D-EF68-4899-8A19-25C8832B0E4E}&mid=96dcab517ef247d182087fe25ae5f647-13ec92fbf7a2030bfa929a7f36b0ea094917bbc1&lang=en&ds=AVG&pr=fr&d=2013-01-25 22:17:10&v=15.2.0.5&pid=avg&sg=0&sap=hp
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\system32\npDeployJava1.dll [2012-03-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-07] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll [2013-02-28] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll [2013-05-30] (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-05-07] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2236986606-2246995401-2298012194-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Oscar\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2236986606-2246995401-2298012194-1000: @us-w1.rockmelt.com/RockMelt Update;version=8 -> C:\Users\Oscar\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll [2012-06-03] (RockMelt Inc.)
FF Plugin HKU\S-1-5-21-2236986606-2246995401-2298012194-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-05-07] (Pando Networks)
FF Extension: No Name - C:\Users\Oscar\AppData\Roaming\Mozilla\Firefox\Profiles\8nrwi0tz.default\extensions\ascsurfingprotection@iobit.com [not found]
FF Extension: No Name - C:\Users\Oscar\AppData\Roaming\Mozilla\Firefox\Profiles\8nrwi0tz.default\extensions\OneClickDownload@OneClickDownload.com [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [not found]
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2012-12-21] [not signed]
FF Extension: No Name - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [not found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [not found]
FF Extension: No Name - C:\Users\Oscar\AppData\Roaming\Mozilla\Firefox\Profiles\8nrwi0tz.default\extensions\iobitascsurfingprotection@iobit.com [not found]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2013-12-30] [not signed]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-03-06] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
 
Chrome: 
=======
CHR Profile: C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-20]
CHR Extension: (Google Docs) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-20]
CHR Extension: (Google Drive) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-20]
CHR Extension: (YouTube) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-20]
CHR Extension: (Google Search) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-20]
CHR Extension: (SavePages) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfcamfllailmlhibpelbdcpehpegbbjk [2016-01-20]
CHR Extension: (Google Sheets) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-20]
CHR Extension: (Skype) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-20]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-20]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2016-01-20]
CHR Extension: (Gmail) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-20]
CHR HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Oscar\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-11-04]
CHR HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2012-12-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCService.exe [911648 2014-11-22] (IObit)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ascavsvc.exe [660768 2015-06-11] (IOBit)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-07-17] (IObit)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-10-16] (Hewlett-Packard Company) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-02] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 OpenVPNService; C:\Program Files (x86)\MyExpatNet\bin\openvpnserv.exe [15872 2009-05-18] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-22] ()
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
S3 stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [73728 2006-11-01] (MicroVision Development, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2012-06-21] (Microsoft Corporation) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-07-12] (VIA Technologies, Inc.)
R2 WCUService_STC_FF; C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [493384 2011-03-24] (Splashtop Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2015-12-08] ()
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 bdfsfltr; C:\Windows\system32\Drivers\bdfsfltr.sys [431176 2011-03-24] (BitDefender)
R2 DLABMFSE; C:\Windows\System32\DLA\DLABMFSE.SYS [43888 2008-02-22] (Roxio)
R2 DLABOIOE; C:\Windows\System32\DLA\DLABOIOE.SYS [41712 2008-02-22] (Roxio)
R1 DLACDBHE; C:\Windows\System32\Drivers\DLACDBHE.SYS [15864 2007-02-08] (Roxio)
R2 DLADResE; C:\Windows\System32\DLA\DLADResE.SYS [10096 2008-02-22] (Roxio)
R2 DLAIFS_E; C:\Windows\System32\DLA\DLAIFS_E.SYS [141296 2008-02-22] (Roxio)
R2 DLAOPIOE; C:\Windows\System32\DLA\DLAOPIOE.SYS [33904 2008-02-22] (Roxio)
R2 DLAPoolE; C:\Windows\System32\DLA\DLAPoolE.SYS [17776 2008-02-22] (Roxio)
R1 DLARTL_E; C:\Windows\System32\Drivers\DLARTL_E.SYS [39160 2007-02-08] (Roxio)
R2 DLAUDFAE; C:\Windows\System32\DLA\DLAUDFAE.SYS [136816 2008-02-22] (Roxio)
R2 DLAUDF_E; C:\Windows\System32\DLA\DLAUDF_E.SYS [142832 2008-02-22] (Roxio)
R0 DRVECDB; C:\Windows\System32\Drivers\DRVECDB.SYS [122776 2006-07-21] (Sonic Solutions)
R2 DRVEDDM; C:\Windows\System32\Drivers\DRVEDDM.SYS [63608 2007-02-09] (Roxio)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-01-28] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-03-27] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-08-26] (REALiX™)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [23736 2012-07-20] (Hajo Krabbenhöft)
S3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [329800 2011-11-21] (BitDefender S.R.L.)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-11-13] (OpenLibSys.org)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-23 12:02 - 2016-01-23 12:13 - 00033708 _____ C:\Users\Oscar\Downloads\FRST.txt
2016-01-23 12:02 - 2016-01-23 12:12 - 00000000 ____D C:\FRST
2016-01-23 12:01 - 2016-01-23 12:01 - 02370560 _____ (Farbar) C:\Users\Oscar\Downloads\FRST64.exe
2016-01-20 17:51 - 2016-01-20 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-19 23:48 - 2016-01-19 23:48 - 04499648 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-01-18 22:29 - 2016-01-18 22:48 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\Audacity
2016-01-18 22:29 - 2016-01-18 22:29 - 00001023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-01-18 22:29 - 2016-01-18 22:29 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-01-18 22:28 - 2016-01-18 22:29 - 25186399 _____ (Audacity Team ) C:\Users\Oscar\Downloads\audacity-win-2.1.1.exe
2016-01-18 21:23 - 2016-01-19 16:05 - 00000000 ____D C:\Users\Oscar\Downloads\Kings Of Leon - Come Around Sundown(2010)(MP3@320kbps)2Lions-Team
2016-01-13 20:24 - 2016-01-13 20:28 - 00000000 ____D C:\AdwCleaner
2016-01-13 20:24 - 2016-01-13 20:24 - 01754112 _____ C:\Users\Oscar\Downloads\adwcleaner_5.029.exe
2016-01-13 20:11 - 2016-01-13 20:11 - 00002904 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Oscar
2016-01-13 08:48 - 2015-12-11 22:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 08:48 - 2015-12-09 01:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-13 08:48 - 2015-12-09 01:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-13 08:48 - 2015-12-09 01:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-13 08:48 - 2015-12-09 01:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 08:48 - 2015-12-09 01:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 08:48 - 2015-12-09 01:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-13 08:48 - 2015-12-09 01:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-13 08:48 - 2015-12-09 01:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 08:48 - 2015-12-09 01:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-13 08:48 - 2015-12-09 01:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-13 08:48 - 2015-12-09 01:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-13 08:48 - 2015-12-09 01:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-13 08:48 - 2015-12-09 01:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-13 08:48 - 2015-12-09 01:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-13 08:48 - 2015-12-09 01:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-13 08:48 - 2015-12-09 01:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 08:48 - 2015-12-09 01:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 08:48 - 2015-12-09 01:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-13 08:48 - 2015-12-09 01:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-13 08:48 - 2015-12-09 01:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-13 08:48 - 2015-12-09 01:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-13 08:48 - 2015-12-09 01:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-13 08:48 - 2015-12-09 01:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-13 08:48 - 2015-12-09 01:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-13 08:48 - 2015-12-09 01:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 08:48 - 2015-12-09 01:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-13 08:48 - 2015-12-09 01:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 08:48 - 2015-12-09 01:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-13 08:48 - 2015-12-09 01:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-13 08:48 - 2015-12-09 01:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 08:48 - 2015-12-09 01:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-13 08:48 - 2015-12-09 01:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-13 08:48 - 2015-12-09 01:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-13 08:48 - 2015-12-09 01:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-13 08:48 - 2015-12-09 01:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-13 08:48 - 2015-12-09 01:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 08:48 - 2015-12-08 23:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 08:48 - 2015-12-08 23:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 08:48 - 2015-12-08 23:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 08:48 - 2015-12-08 23:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 08:48 - 2015-12-08 23:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 08:48 - 2015-12-08 23:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 08:48 - 2015-12-08 22:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 08:48 - 2015-12-08 22:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 08:48 - 2015-12-08 22:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 08:48 - 2015-12-08 21:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-13 08:48 - 2015-11-14 03:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 08:48 - 2015-11-14 03:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 08:48 - 2015-11-14 03:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-13 08:48 - 2015-11-14 02:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-13 08:48 - 2015-11-14 02:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-13 08:48 - 2015-11-14 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-13 08:47 - 2015-12-24 03:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-13 08:47 - 2015-12-24 02:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-13 08:47 - 2015-12-12 22:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 08:47 - 2015-12-12 22:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-13 08:47 - 2015-12-12 22:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-13 08:47 - 2015-12-12 22:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-13 08:47 - 2015-12-12 22:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-13 08:47 - 2015-12-12 22:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 08:47 - 2015-12-12 22:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-13 08:47 - 2015-12-12 22:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-13 08:47 - 2015-12-12 22:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-13 08:47 - 2015-12-12 22:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 08:47 - 2015-12-12 22:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-13 08:47 - 2015-12-12 22:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-13 08:47 - 2015-12-12 22:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-13 08:47 - 2015-12-12 22:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 08:47 - 2015-12-12 22:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 08:47 - 2015-12-12 22:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-13 08:47 - 2015-12-12 22:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-13 08:47 - 2015-12-12 22:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-13 08:47 - 2015-12-12 21:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-13 08:47 - 2015-12-12 21:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-13 08:47 - 2015-12-12 21:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-13 08:47 - 2015-12-12 21:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 08:47 - 2015-12-12 21:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-13 08:47 - 2015-12-12 21:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 08:47 - 2015-12-12 21:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 08:47 - 2015-12-12 21:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-13 08:47 - 2015-12-12 21:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-13 08:47 - 2015-12-12 21:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-01-13 08:47 - 2015-12-12 21:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-13 08:47 - 2015-12-12 21:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-13 08:47 - 2015-12-12 21:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-13 08:47 - 2015-12-12 21:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-13 08:47 - 2015-12-12 21:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-13 08:47 - 2015-12-12 21:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-13 08:47 - 2015-12-12 21:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-13 08:47 - 2015-12-12 21:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 08:47 - 2015-12-12 21:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-01-13 08:47 - 2015-12-12 21:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-13 08:47 - 2015-12-12 21:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-13 08:47 - 2015-12-12 21:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 08:47 - 2015-12-12 21:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-13 08:47 - 2015-12-12 21:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-13 08:47 - 2015-12-12 21:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-13 08:47 - 2015-12-12 21:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-13 08:47 - 2015-12-12 21:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 08:47 - 2015-12-12 21:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-13 08:47 - 2015-12-12 21:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-13 08:47 - 2015-12-12 21:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-13 08:47 - 2015-12-12 21:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-13 08:47 - 2015-12-12 21:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-13 08:47 - 2015-12-12 21:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-13 08:47 - 2015-12-12 21:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 08:47 - 2015-12-12 21:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-13 08:47 - 2015-12-12 21:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 08:47 - 2015-12-12 21:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-13 08:47 - 2015-12-12 21:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-01-13 08:47 - 2015-12-12 21:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 08:47 - 2015-12-12 20:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 08:47 - 2015-12-12 20:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 08:47 - 2015-12-12 20:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 08:47 - 2015-12-12 20:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 08:47 - 2015-12-12 20:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-13 08:45 - 2015-12-09 01:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-13 08:45 - 2015-12-08 23:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 08:45 - 2015-11-17 05:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 08:45 - 2015-11-17 05:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 08:45 - 2015-11-17 05:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 08:45 - 2015-11-17 05:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-13 08:45 - 2015-11-17 05:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 08:45 - 2015-11-17 05:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 08:45 - 2015-11-17 00:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 08:44 - 2015-12-30 23:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 08:44 - 2015-12-30 23:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 08:44 - 2015-12-30 23:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-13 08:44 - 2015-12-30 23:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 08:44 - 2015-12-30 23:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-13 08:44 - 2015-12-30 23:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-13 08:44 - 2015-12-30 23:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-13 08:44 - 2015-12-30 23:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-13 08:44 - 2015-12-30 23:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-13 08:44 - 2015-12-30 23:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-13 08:44 - 2015-12-30 23:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-13 08:44 - 2015-12-30 23:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-13 08:44 - 2015-12-30 23:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 08:44 - 2015-12-30 23:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-13 08:44 - 2015-12-30 23:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-13 08:44 - 2015-12-30 23:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-13 08:44 - 2015-12-30 23:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-13 08:44 - 2015-12-30 23:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-13 08:44 - 2015-12-30 22:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-13 08:44 - 2015-12-30 22:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 08:44 - 2015-12-30 22:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-13 08:44 - 2015-12-30 22:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 08:44 - 2015-12-30 22:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-13 08:44 - 2015-12-30 22:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-13 08:44 - 2015-12-30 22:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-13 08:44 - 2015-12-30 22:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-13 08:44 - 2015-12-30 22:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-13 08:44 - 2015-12-30 22:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-13 08:44 - 2015-12-30 22:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-13 08:44 - 2015-12-30 22:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-13 08:44 - 2015-12-30 22:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-13 08:44 - 2015-12-30 22:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-13 08:44 - 2015-12-30 22:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-13 08:44 - 2015-12-30 22:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-13 08:44 - 2015-12-30 22:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-13 08:44 - 2015-12-30 22:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-13 08:44 - 2015-12-30 22:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-13 08:44 - 2015-12-30 22:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-13 08:44 - 2015-12-30 22:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-13 08:44 - 2015-12-30 22:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-13 08:44 - 2015-12-30 22:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-13 08:44 - 2015-12-30 22:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-13 08:44 - 2015-12-30 22:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-13 08:44 - 2015-12-30 22:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-13 08:44 - 2015-12-30 22:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-13 08:44 - 2015-12-30 22:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-13 08:44 - 2015-12-30 22:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 22:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 21:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-13 08:44 - 2015-12-30 21:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-13 08:44 - 2015-12-30 21:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-13 08:44 - 2015-12-30 21:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-13 08:44 - 2015-12-30 21:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 08:44 - 2015-12-30 21:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-13 08:44 - 2015-12-30 21:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 08:44 - 2015-12-30 21:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-13 08:44 - 2015-12-30 21:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-13 08:44 - 2015-12-30 21:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-13 08:44 - 2015-12-30 21:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-13 08:44 - 2015-12-30 21:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-13 08:44 - 2015-12-30 21:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-13 08:44 - 2015-12-30 21:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-13 08:44 - 2015-12-30 21:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 21:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 21:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 08:44 - 2015-12-30 21:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-13 08:44 - 2015-12-09 01:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-13 08:44 - 2015-12-08 23:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-09 12:03 - 2016-01-09 12:03 - 00000560 __RSH C:\ProgramData\ntuser.pol
2016-01-07 10:03 - 2016-01-07 10:03 - 00000000 ____D C:\Users\Oscar\AppData\Local\{FFA4193E-BC5B-433F-BBA7-4396176A11B3}
2016-01-07 09:45 - 2016-01-07 09:45 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk
2016-01-07 09:36 - 2016-01-07 09:38 - 55889927 _____ C:\Users\Oscar\Downloads\PhotoShop CSPS 4.rar
2016-01-06 21:35 - 2016-01-06 21:36 - 156396131 _____ C:\Users\Oscar\Downloads\Adobe Photoshop CS5 (No Brushes).zip
2016-01-06 21:32 - 2016-01-06 21:32 - 00000000 ____D C:\Users\Oscar\AppData\Local\Mega Limited
2016-01-06 21:30 - 2016-01-06 21:31 - 10152576 _____ (MEGA Limited) C:\Users\Oscar\Downloads\MEGAsyncSetup.exe
2016-01-06 21:24 - 2015-09-18 06:10 - 77313314 _____ C:\Users\Oscar\Downloads\Photoshop CS6.zip
2016-01-06 21:24 - 2015-09-18 06:08 - 77324608 _____ (Adobe Systems, Inc. ) C:\Users\Oscar\Downloads\setup.exe
2016-01-06 21:24 - 2015-02-10 01:13 - 00000085 _____ C:\Users\Oscar\Downloads\License Key.txt
2016-01-06 21:21 - 2016-01-06 21:23 - 77313446 _____ C:\Users\Oscar\Downloads\Program.zip
2016-01-04 20:23 - 2016-01-04 20:25 - 108004254 _____ C:\Users\Oscar\Downloads\Spreadsheet_Videos-2016-01-04.zip
2016-01-03 18:54 - 2016-01-03 18:54 - 00000000 ____D C:\Users\Oscar\AppData\Local\{73C9D1C1-1445-4717-BD76-AED00C8045AB}
2016-01-02 17:04 - 2016-01-02 17:04 - 00000000 ____D C:\FFOutput
2016-01-02 17:01 - 2016-01-02 17:01 - 04506061 _____ (Free Time Inc ) C:\Users\Oscar\Downloads\FormatFactory-3.8.0.2.exe
2016-01-02 16:41 - 2016-01-02 16:58 - 00008751 _____ C:\Users\Oscar\Documents\starburn.txt
2016-01-02 16:41 - 2016-01-02 16:41 - 00000000 ____D C:\Users\Oscar\AppData\Local\Wondershare
2016-01-02 16:41 - 2016-01-02 16:41 - 00000000 ____D C:\ProgramData\Wondershare
2016-01-02 16:40 - 2016-01-02 16:52 - 00000000 ____D C:\Users\Oscar\Documents\Wondershare Filmora
2016-01-02 16:39 - 2016-01-02 16:40 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2016-01-02 16:38 - 2016-01-02 16:39 - 00966728 _____ C:\Users\Oscar\Downloads\filmora_setup_full846.exe
2016-01-02 16:36 - 2016-01-03 17:00 - 01701079 ____N C:\Windows\Minidump\010916-35927-01.dmp
2016-01-02 16:27 - 2016-01-02 16:28 - 00000000 ____D C:\Users\Oscar\AppData\Local\{FFC93CBC-2EB8-4D0F-A19C-E8B5A5AC9036}
2015-12-30 18:27 - 2015-12-30 18:27 - 00303616 _____ C:\Users\Oscar\Downloads\Better Together - Jack Johnson Acoustic Tribute.mp3.sfk
2015-12-27 20:14 - 2015-12-27 20:18 - 14213704 _____ C:\Users\Oscar\Downloads\HSS-5.1.3-install-plain-773-plain.exe
2015-12-27 19:54 - 2015-12-27 19:55 - 03643096 _____ (eVenture Limited ) C:\Users\Oscar\Downloads\Hide.me-Setup-1.1.7.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-23 12:06 - 2009-07-14 08:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-23 12:06 - 2009-07-14 08:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-23 12:05 - 2009-07-14 09:13 - 00800010 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-23 12:05 - 2009-07-14 07:20 - 00000000 ____D C:\Windows\inf
2016-01-23 12:02 - 2009-07-14 07:20 - 00000000 ____D C:\Windows
2016-01-23 11:48 - 2012-04-04 17:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-23 11:23 - 2012-06-03 21:18 - 00000928 _____ C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-2236986606-2246995401-2298012194-1000UA.job
2016-01-23 11:22 - 2013-11-04 15:51 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-23 10:45 - 2013-06-28 10:55 - 00000374 _____ C:\Windows\Tasks\Lyrics-Pal Update.job
2016-01-23 09:22 - 2013-11-04 15:51 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-22 21:23 - 2012-06-03 21:18 - 00000876 _____ C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-2236986606-2246995401-2298012194-1000Core.job
2016-01-21 23:19 - 2014-06-22 16:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-20 17:51 - 2012-01-28 14:32 - 00000000 ____D C:\Users\Oscar\AppData\Local\Google
2016-01-20 17:50 - 2013-11-04 15:51 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-19 23:48 - 2012-04-04 17:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-19 23:48 - 2012-04-04 17:31 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-19 23:48 - 2012-02-26 16:30 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-19 16:05 - 2012-01-28 16:22 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\uTorrent
2016-01-18 21:29 - 2015-10-11 18:52 - 00000000 ____D C:\Users\Oscar\AppData\Local\Spotify
2016-01-18 20:29 - 2015-10-11 18:52 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\Spotify
2016-01-18 15:46 - 2012-02-04 13:18 - 00000000 ____D C:\Users\Oscar\AppData\Local\LogMeIn Hamachi
2016-01-18 15:42 - 2015-08-26 15:47 - 00002874 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Oscar)
2016-01-18 15:41 - 2013-11-04 15:52 - 00000000 ___RD C:\Users\Oscar\Google Drive
2016-01-18 15:38 - 2012-01-27 17:18 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2016-01-18 15:36 - 2013-12-16 16:05 - 00000000 ____D C:\ProgramData\ProductData
2016-01-18 15:35 - 2009-07-14 09:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-15 15:29 - 2015-06-25 13:35 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 10:48 - 2009-07-14 07:20 - 00000000 ____D C:\Windows\rescache
2016-01-14 10:12 - 2009-07-14 08:45 - 05017512 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-14 10:06 - 2014-12-13 03:09 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-14 10:06 - 2014-04-30 22:01 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-14 10:04 - 2012-05-11 23:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 10:04 - 2012-05-11 23:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-14 09:29 - 2012-01-31 16:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-14 09:27 - 2012-05-11 23:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-14 09:07 - 2013-08-15 02:15 - 00000000 ____D C:\Windows\system32\MRT
2016-01-14 08:31 - 2012-02-06 11:25 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-13 20:42 - 2012-03-28 16:01 - 00000000 ____D C:\Users\Oscar\AppData\Local\Paint.NET
2016-01-13 20:28 - 2013-05-05 15:34 - 00001104 _____ C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-13 20:28 - 2012-05-02 20:58 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-13 20:23 - 2015-11-30 18:21 - 00000000 ____D C:\ProgramData\F-Secure
2016-01-13 20:23 - 2012-02-12 15:53 - 00000000 ____D C:\Program Files (x86)\Handbrake
2016-01-09 12:03 - 2009-07-14 07:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-01-09 11:52 - 2012-04-21 14:21 - 00000000 ____D C:\Windows\Minidump
2016-01-07 13:48 - 2012-02-15 17:02 - 00007680 _____ C:\Users\Oscar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-07 10:23 - 2012-01-28 14:35 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\Adobe
2016-01-07 09:47 - 2012-03-14 17:07 - 00000000 ____D C:\Users\Oscar\AppData\Local\Adobe
2016-01-07 09:46 - 2012-01-28 15:18 - 00000000 ___RD C:\Users\Oscar\Desktop\Home
2016-01-07 09:45 - 2012-05-16 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-01-07 09:45 - 2012-03-14 17:02 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-04 20:30 - 2012-02-10 15:47 - 00000000 ___RD C:\Users\Oscar\Desktop\School
2016-01-02 16:41 - 2012-01-27 16:50 - 00126016 _____ C:\Users\Oscar\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-02 16:41 - 2009-07-14 08:57 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-02 16:36 - 2012-02-15 17:13 - 00000000 ____D C:\Users\Oscar\AppData\Local\Windows Live
 
==================== Files in the root of some directories =======
 
2013-12-18 21:08 - 2014-03-31 01:02 - 0000133 _____ () C:\Users\Oscar\AppData\Roaming\WB.CFG
2012-02-15 17:02 - 2016-01-07 13:48 - 0007680 _____ () C:\Users\Oscar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-28 20:29 - 2014-01-28 20:29 - 0017408 _____ () C:\Users\Oscar\AppData\Local\WebpageIcons.db
 
Some files in TEMP:
====================
C:\Users\Oscar\AppData\Local\Temp\arcyat6y.dll
C:\Users\Oscar\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Oscar\AppData\Local\Temp\maverick+sabre+innerstand__10924_i1730872767_il75849.exe
C:\Users\Oscar\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\Oscar\AppData\Local\Temp\rmmrs1c4.dll
C:\Users\Oscar\AppData\Local\Temp\sqlite3.dll
C:\Users\Oscar\AppData\Local\Temp\update.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-01-19 00:56
 
==================== End of FRST.txt ============================


#7 Oscar19Ross

Oscar19Ross
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:37 PM

Posted 23 January 2016 - 03:28 AM

Not sure how to attatch files in this?

 

So here is the addition log

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-01-2016
Ran by Oscar (2016-01-23 12:14:56)
Running from C:\Users\Oscar\Downloads
Windows 7 Professional Service Pack 1 (X64) (2012-01-27 12:35:02)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2236986606-2246995401-2298012194-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2236986606-2246995401-2298012194-1005 - Limited - Enabled)
Guest (S-1-5-21-2236986606-2246995401-2298012194-501 - Limited - Disabled)
Oscar (S-1-5-21-2236986606-2246995401-2298012194-1000 - Administrator - Enabled) => C:\Users\Oscar
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Advanced SystemCare Ultimate (Enabled - Out of date) {91A1210C-78DD-A71C-E865-63DB27C767EE}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Out of date) {A751AC20-3B48-5237-898A-78C4436BB78D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.12 - GIGABYTE)
«Portal 2»  2.0.0.1 (HKLM-x32\...\Portal 2_is1) (Version: 2.0.0.1 - VALVE)
µTorrent (HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Ace of Spades (HKLM-x32\...\{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}) (Version: 0.75.015 - Ben Aksoy)
Adobe After Effects CS5 (HKLM-x32\...\{DA1B174B-4297-467C-9EF8-0AB8D4D5171E}) (Version: 10 - Adobe Systems Incorporated)
Adobe After Effects CS5 Third Party Content (HKLM-x32\...\{C0AA232E-BD1B-40B5-A176-A2BEB67FFAE1}) (Version: 10 - Adobe Systems Incorporated)
Adobe After Effects CS5 Third Party Royalty Content (HKLM-x32\...\{CD29B5CA-4727-4114-9AD9-25CCCE6E4014}) (Version: 10 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (HKLM-x32\...\Adobe Photoshop CS4_is1) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Advanced SystemCare Ultimate 8 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 8.2.0 - IObit)
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Any Video Converter 5 5.0.3 (HKLM-x32\...\Any Video Converter 5_is1) (Version:  - Any-Video-Converter.com)
Any Video Converter 5.8.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.10309 - ATI Technologies Inc.) Hidden
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Batman Arkham City version 1.0 (HKLM-x32\...\{8B7IL77L-LKS1-AC3-BATAC-18CD6E6334R1}_is1) (Version: 1.0 - Warner Bros. Interactive)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.7 - EA Digital Illusions CE AB)
BattlEye (A2Free) Uninstall (HKLM-x32\...\BattlEye A2 Free) (Version:  - )
BCC 7 OFX (HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\BCC 7 OFX) (Version:  - )
BCC 7 OFX 64Bit (HKLM\...\{05D8FAA8-958E-4E47-96DA-F1E043EB01E5}) (Version: 7.0.4 - Boris FX, Inc.)
BeamNG.drive version 0.3.3 Pre-Race (HKLM-x32\...\{7234843B-9077-43B8-90E5-A2B1A81E2F25}_is1) (Version: 0.3.3 Pre-Race - BeamNG)
Belkin 54Mbps Wireless Network Adapter (HKLM-x32\...\{F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE}) (Version: 3.00.07 - Belkin)
Blacklight: Retribution (HKLM-x32\...\Steam App 209870) (Version:  - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version:  - )
Call of Duty® - World at War™ 1.2 Patch (x32 Version:  - ) Hidden
Call of Duty® - World at War™ 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
Call of Duty® - World at War™ 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty® - World at War™ 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty® - World at War™ 1.5 Patch (x32 Version:  - ) Hidden
Call of Duty® - World at War™ 1.5 Patch (x32 Version: 1.5 - Activision) Hidden
Call of Duty® - World at War™ 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty® - World at War™ 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty® - World at War™ 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty® - World at War™ 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty® 4 - Modern Warfare™ 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden
CameraTracker 1.0v3 (64 bit) for AE (HKLM\...\CameraTracker for AE_is1) (Version:  - The Foundry)
Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\CopyTrans Suite) (Version: 4.002 - WindSolutions)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.2.0287 - DT Soft Ltd)
Design Tools - 2D Design V2 (HKLM-x32\...\{A7477808-BDCD-4B3C-AAA0-80150DD612DD}) (Version: 1.61 - TechSoft UK Ltd)
DiRT 3 (x32 Version: 1.0.0000.130 - Codemasters) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
DreamScene Seven version 1.3 (HKLM-x32\...\{2367FAB6-057A-4973-875F-F57F7BBBA363}_is1) (Version: 1.3 - DREAMSCENESEVEN.COM)
Driver Booster 2.4 (HKLM-x32\...\Driver Booster_is1) (Version: 2.4 - IObit)
Driver San Francisco (HKLM-x32\...\Driver San Francisco) (Version: 1.4.0.0 - Ubisoft)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Easy Tune 6 B11.0823.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0823.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Effects Suite 32-bit (HKLM-x32\...\InstallShield_{EAE0D80B-8EC8-45C9-BD1E-5A8AC42F6686}) (Version: 10.0.2 - Red Giant Software)
Effects Suite 32-bit (x32 Version: 10.0.2 - Red Giant Software) Hidden
ENBSeries Configurator for GTA San Andreas (HKLM-x32\...\{783C086A-159E-4E45-B42C-F6E2C4FB14C0}) (Version: 1.0.0 - Chaosis Software)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{32136776-FE3F-453D-80DA-CDD993BDB2A3}) (Version: 11.1.20810.00 - Microsoft Corporation)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.01 - Ubisoft)
FarCry 3 version 5.1 (HKLM-x32\...\{B810D852-DFD6-FC3-89A5-CC4D47756DAF}_is1) (Version: 5.1 - Black_Box)
Fotor 1.3.0 (HKLM-x32\...\Fotor) (Version: 1.3.0 - Everimaging Co., Ltd.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GamersFirst LIVE! (HKLM-x32\...\GamersFirst LIVE!) (Version:  - GamersFirst)
GenArts SapphireEdge Plug-ins 1.011 for OFX (HKLM\...\GenArts SapphireEdge Plug-ins for OFX_is1) (Version:  - )
GhostMouse (HKLM-x32\...\GhostMouse_is1) (Version: Free V3.2 - ghost-mouse.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Greenfoot (HKLM-x32\...\{8C838B70-3A71-41E8-91A6-4ADCF2E483D0}) (Version: 2.4.0 - Greenfoot Team)
GTA IV - Ultimate Vehicle Pack v9.0.0.0 (HKLM-x32\...\GTA IV - Ultimate Vehicle Pack) (Version: 9.0.0.0 - ZZCOOL)
GTA IV Vehicle Mod Installer v1.2 (HKLM-x32\...\GTA IV Vehicle Mod Installer v1.2_is1) (Version:  - MobileD2)
GTA IV: San Andreas (HKLM-x32\...\{8F1EE8DF-0340-41A7-9293-12A8764B6A8C}) (Version: 0.4.2.0 - GTA IV: San Andreas Mod Team)
GTA: San Andreas RIP PT-BR by TemDono - #GTABrasil - BrasNET (HKLM-x32\...\Grand Theft Auto San Andreas_is1) (Version:  - TemDono Design 2005)
HitFilm 2 Express (HKLM\...\{A6E81EFB-2A19-4B5B-8C48-D4E5DB3AD547}) (Version: 2.0.2522.46168 - FXhome)
Hitman Absolution (HKLM-x32\...\Hitman Absolution_is1) (Version:  - )
HydraVision (x32 Version: 4.2.188.0 - ATI Technologies Inc.) Hidden
iCloud (HKLM\...\{B33C558F-772F-4308-A059-390FBF9BAAAE}) (Version: 5.0.2.61 - Apple Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.1.0.20 - IObit)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
LightScribe System Software (HKLM-x32\...\{10CCF16B-F1C9-4B24-9570-B4CCEE42392D}) (Version: 1.18.9.1 - LightScribe)
Logitech SetPoint 6.51 (HKLM\...\sp6) (Version: 6.51.8 - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
Macromedia Dreamweaver 8 (HKLM-x32\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.0.2734 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Fireworks 8 (HKLM-x32\...\{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}) (Version: 8.0.0.777 - Macromedia)
Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Magic Bullet Editors 2.0 Vegas (HKLM-x32\...\Magic Bullet Editors 2.0 Vegas) (Version:  - )
Magic Bullet Suite 32-bit (HKLM-x32\...\InstallShield_{9754C724-ECEF-47E2-AD67-A02462BEEA6D}) (Version: 11.4.0 - Red Giant Software)
Magic Bullet Suite 32-bit (x32 Version: 11.4.0 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.1.0 - Red Giant Software) Hidden
Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
Mozilla Firefox 12.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 12.0 (x86 en-US)) (Version: 12.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 12.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyExpatNet 0.9.1.14 (HKLM-x32\...\MyExpatNet) (Version: 0.9.1.14 - )
NewBlue 3D Explosions for Vegas (HKLM-x32\...\NewBlue 3D Explosions for Vegas) (Version:  - )
NewBlue 3D Transformations for Vegas (HKLM-x32\...\NewBlue 3D Transformations for Vegas) (Version:  - )
NewBlue Art Blends (HKLM-x32\...\NewBlue Art Blends) (Version:  - )
NewBlue Art Effects (HKLM-x32\...\NewBlue Art Effects) (Version:  - )
NewBlue Cartoonr for Vegas (HKLM-x32\...\NewBlue Cartoonr for Vegas) (Version:  - )
NewBlue Film Effects for Vegas (HKLM-x32\...\NewBlue Film Effects for Vegas) (Version:  - )
NewBlue Motion Blends (HKLM-x32\...\NewBlue Motion Blends) (Version:  - )
NewBlue Motion Effects (HKLM-x32\...\NewBlue Motion Effects) (Version:  - )
NewBlue Video Essentials II for Windows (HKLM-x32\...\NewBlue Video Essentials II for Windows) (Version: 1.4 - NewBlue)
Next Car Game Free Technology Demo (HKLM-x32\...\Next Car Game Free Technology Demo) (Version:  - Bugbear Entertainment)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.14.2 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenVPN 2.3.6-I001  (HKLM-x32\...\OpenVPN) (Version: 2.3.6-I001 - )
Origin (HKLM-x32\...\Origin) (Version: 9.0.2.2065 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
Payday The Heist © OVERKILL Software version 1 (HKLM-x32\...\Payday The Heist © OVERKILL Software_is1) (Version: 1 - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Platform (x32 Version: 1.36 - VIA Technologies, Inc.) Hidden
Popcorn Time (HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\Popcorn Time) (Version:  - Popcorn Official)
Portal 2 (HKLM-x32\...\Postal 2_is1) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.9 - Power Software Ltd)
Premiumplay Codec-C (HKLM-x32\...\Premiumplay Codec-C) (Version: 1.6.146.147 - WebPicks) <==== ATTENTION
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Python 3.3.2 (HKLM-x32\...\{92389de9-939e-341b-a076-1d52d7dbca71}) (Version: 3.3.2150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Razer Arctosa (HKLM-x32\...\{2D9C81F2-CF30-47F9-860E-58DACF92ABC9}) (Version: 1.00.0000 - Razer USA Ltd.)
Razer Game Booster (HKLM-x32\...\{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}) (Version: 3.5.6.0 - Razer USA Ltd.)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Rinse (HKLM-x32\...\rinsebyreal) (Version: 1.912 - UNKNOWN)
Rinse (x32 Version: 1.255 - UNKNOWN) Hidden
RockMelt (HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\RockMelt) (Version: 0.16.91.483 - RockMelt, Inc.)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.9.7 - Rockstar Games)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
Roxio Creator Audio (HKLM-x32\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.3.0 - Roxio)
Roxio Creator Basic v9 (HKLM-x32\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio)
Roxio Creator Copy (HKLM-x32\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio)
Roxio Creator Data (HKLM-x32\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.3.0 - Roxio)
Roxio Creator Tools (HKLM-x32\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.3.0 - Roxio)
Roxio Drag-to-Disc (HKLM\...\{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}) (Version: 9.0 - Roxio)
Roxio Express Labeler 3 (HKLM-x32\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.1.0 - Roxio)
Roxio MyDVD Basic v9 (HKLM-x32\...\{938B1CD7-7C60-491E-AA90-1F1888168240}) (Version: 9.0.117 - Roxio)
San Andreas Mod Installer (HKLM-x32\...\San Andreas Mod Installer1.1) (Version: 1.1 - cpmusick)
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart 6 B11.0824.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.2 - IObit)
Sonic Activation Module (x32 Version: 1.0 - Sonic Solutions) Hidden
Splashtop Connect for Firefox (HKLM-x32\...\{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}) (Version: 1.1.8.4 - Splashtop Inc.)
Splashtop Connect IE (HKLM-x32\...\{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}) (Version: 1.1.13.1 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Subway Surfers 1.0 (HKLM-x32\...\Subway Surfers 1.0) (Version: 1.0 - Cat-A-Cat)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{E5F05232-96B6-4552-A480-785A60A94B21}) (Version: 5.0.6.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.14484 - TeamViewer)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version:  - Atari)
Tom Clancy's Ghost Recon Future Soldier (HKLM-x32\...\{6D87CAD9-9B94-4421-A439-B25F8DE14575}) (Version: 1.00 - Ubisoft)
Trapcode Suite 32-bit (HKLM-x32\...\InstallShield_{0CD46F47-D5F9-4962-9CA3-2C2EABF98251}) (Version: 11.0.3 - Red Giant Software)
Trapcode Suite 32-bit (x32 Version: 11.0.3 - Red Giant Software) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 11.0 (HKLM-x32\...\{0F414901-5ED4-11E1-86F3-F04DA23A5C58}) (Version: 11.0.594 - Sony)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VPN Dialer 1.1 (HKLM-x32\...\VPN Dialer_is1) (Version:  - VPNGates.com)
War Thunder Launcher 1.0.1.192 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - 2012 Gaijin Entertainment Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 4.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {169F8A1C-36CE-4C40-9173-2017A568DCDE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated)
Task: {190BFFA0-3FB8-4911-8A8E-8314950D5BF4} - System32\Tasks\ASC7U_SkipUac_Oscar => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASC.exe
Task: {1CD78234-3728-41FF-96BC-9B69A39072A2} - System32\Tasks\Driver Booster SkipUAC (Oscar) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-07-06] (IObit)
Task: {27F59F3C-78B1-4514-B627-4ADA19A2B460} - System32\Tasks\Lyrics-Pal Update => C:\Program Files (x86)\LyricsPal\Lyrics.exe
Task: {3BF3CE08-8309-4633-8DB7-29EA69B77932} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {3F0D01BB-96A8-4B92-AFE0-8BF5BAFBF049} - System32\Tasks\{764D411D-370D-450D-8F89-C426F8E71547} => Chrome.exe hxxp://www.skype.com/go/downloading-beta?source=lightinstaller&amp;ver=5.7.0.137&amp;LastError=403
Task: {427B247E-3904-48CA-971A-BB9573981B08} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2012-11-13] ()
Task: {47CB878F-79B0-4E92-A022-B2969318FC26} - System32\Tasks\Microsoft\Windows\Setup\xtgt\refreshxtgtconfig => C:\Windows\system32\XTgt\XTgtMgr.exe [2015-10-05] (Microsoft Corporation)
Task: {4ED58AD7-3CAB-4BA5-9D25-852B39B77DC3} - System32\Tasks\{8DE21A07-2E95-4225-AA1B-6C13283360EC} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.6.59.110&amp;LastError=403
Task: {4FDA239F-019E-4168-B808-0EF3FF94A899} - System32\Tasks\{838AAC78-F8B3-4F66-B87E-EDE4FD7CF829} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.6.59.110&amp;LastError=403
Task: {5682C329-B9C9-47D0-A082-BD8B6CE34FF5} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-03-03] (IObit)
Task: {57F6922E-0E53-450A-8790-DB32B76529AA} - System32\Tasks\Uninstaller_SkipUac_Oscar => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-11-18] (IObit)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5CCA3970-17E0-4ED9-8561-848AAE52AA84} - System32\Tasks\{5161DA24-920A-454F-984A-732F1329BD03} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/en/go/help.faq.installer?LastError=1604
Task: {5E1BCE39-3BD2-4CFC-BC65-91EDB34A4305} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {6BC3F56E-2CE0-47A9-81CC-AA9E1507AB9A} - System32\Tasks\AdobeAAMUpdater-1.0-Oscar-PC-Oscar => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-02-22] (Adobe Systems Incorporated)
Task: {8277B733-0473-4DFA-B840-38265A1C664B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {854503A7-9787-4290-8423-82E1296516B4} - System32\Tasks\{40386110-DC16-492E-8B4B-0098A5792668} => Chrome.exe hxxp://ui.skype.com/ui/0/5.6.59.110/en/abandoninstall?source=lightinstaller&amp;page=tsProblems&amp;LastError=403&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {93885DA4-F1BF-4281-8ABD-33AFB75461BB} - System32\Tasks\{94E6182A-3B07-4393-8904-57EB50C7FA38} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.6.59.110&amp;LastError=12007
Task: {99DAC3CD-B682-4F21-A482-C31A9D7E0ABE} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-07-06] (IObit)
Task: {9D049DB6-C956-4951-94B8-0B520BC8A8B4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {A560B361-9A22-46E0-A1E2-4B8BAD2121A1} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {A871804B-6726-47E0-953B-D8FC106433C1} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe [2015-07-20] (IObit)
Task: {AC7757F6-F253-4D0A-8040-C1EA0302C4C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {B364CAF8-4E5B-4409-8C37-84C344314464} - System32\Tasks\RockMeltUpdateTaskUserS-1-5-21-2236986606-2246995401-2298012194-1000UA => C:\Users\Oscar\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-06-03] (RockMelt Inc.)
Task: {B3C2C3CC-6C2B-404E-AE16-BED9ABF2971C} - System32\Tasks\{34392F25-1DAD-44A2-B49F-DA8883DB12C2} => pcalua.exe -a "C:\Users\Oscar\Desktop\Games\Sony Vegas Pro 11.0\Twixtor Sony Vegas Pro 11\Twixtor5.11OFXInstall.exe" -d "C:\Users\Oscar\Desktop\Games\Sony Vegas Pro 11.0\Twixtor Sony Vegas Pro 11"
Task: {BB2F3EC0-E9E5-41A1-A933-986F1FFF9A53} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E002AFB4-8906-434D-A811-361D0E1FFB75} - System32\Tasks\RockMeltUpdateTaskUserS-1-5-21-2236986606-2246995401-2298012194-1000Core => C:\Users\Oscar\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-06-03] (RockMelt Inc.)
Task: {F7BF09BB-6783-495E-B22B-970BA2A8B1AA} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {FF3F6B09-2244-450A-94D2-BD21EE9A1C58} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-07-06] (IObit)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Lyrics-Pal Update.job => C:\Program Files (x86)\LyricsPal\Lyrics.exe
Task: C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-2236986606-2246995401-2298012194-1000Core.job => C:\Users\Oscar\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
Task: C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-2236986606-2246995401-2298012194-1000UA.job => C:\Users\Oscar\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyExpatNet\Utilities\Add a new TAP-Win32 virtual ethernet adapter.lnk -> C:\Program Files (x86)\MyExpatNet\bin\addtap.bat ()
Shortcut: C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyExpatNet\Utilities\Delete ALL TAP-Win32 virtual ethernet adapters.lnk -> C:\Program Files (x86)\MyExpatNet\bin\deltapall.bat ()
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-09-10 17:58 - 2015-12-08 16:03 - 01164688 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-03-30 15:54 - 2014-06-22 17:19 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-01-31 17:34 - 2008-02-22 10:22 - 00049648 _____ () C:\Windows\system32\DLAAPI_W.DLL
2012-01-27 17:26 - 2012-01-27 17:26 - 00008704 _____ () C:\Windows\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2012-11-13 21:53 - 2012-11-13 21:53 - 00139024 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\GBV3ContextMenu.dll
2012-01-29 21:33 - 2012-01-09 19:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2016-01-20 17:51 - 2016-01-12 19:43 - 01978184 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-20 17:51 - 2016-01-12 19:43 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
2016-01-20 18:43 - 2016-01-19 14:06 - 29245120 _____ () C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.286\pepflashplayer.dll
2015-03-19 14:45 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\sqlite3.dll
2015-03-19 14:45 - 2013-11-14 16:02 - 00218944 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Antivirus\bdfltlib.dll
2015-03-19 14:45 - 2013-11-14 16:07 - 00225600 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Antivirus\smartscn.dll
2015-03-19 14:46 - 2015-01-09 18:46 - 00517408 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll
2015-03-19 14:45 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\webres.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-03-19 14:46 - 2015-03-27 15:39 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2015-03-19 14:46 - 2015-01-09 18:46 - 00145184 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2015-08-26 15:42 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\ProductStatistics.dll
2013-12-16 16:05 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2013-12-16 16:05 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2013-12-16 16:05 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-01-18 15:39 - 2016-01-18 15:39 - 00098816 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\win32api.pyd
2016-01-18 15:38 - 2016-01-18 15:38 - 00110080 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\pywintypes27.dll
2016-01-18 15:39 - 2016-01-18 15:39 - 00364544 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\pythoncom27.dll
2016-01-18 15:38 - 2016-01-18 15:39 - 00046080 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\_socket.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 01208320 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\_ssl.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00320512 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\win32com.shell.shell.pyd
2016-01-18 15:38 - 2016-01-18 15:38 - 00776704 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\_hashlib.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 01176576 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\wx._core_.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00806400 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\wx._gdi_.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00816128 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\wx._windows_.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 01067008 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\wx._controls_.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00733184 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\wx._misc_.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00682496 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\pysqlite2._sqlite.pyd
2016-01-18 15:38 - 2016-01-18 15:38 - 00088064 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\_ctypes.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00119808 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\win32file.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00108544 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\win32security.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00007168 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\hashobjs_ext.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00017920 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\thumbnails_ext.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00079360 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\usb_ext.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00167936 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\win32gui.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00018432 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\win32event.pyd
2016-01-18 15:38 - 2016-01-18 15:38 - 00128512 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\_elementtree.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00127488 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\pyexpat.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00013824 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\common.time34.pyd
2016-01-18 15:38 - 2016-01-18 15:38 - 00036864 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\_psutil_windows.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00038912 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\win32inet.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00525640 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\windows._lib_cacheinvalidation.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00011264 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\win32crypt.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00077312 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\wx._html2.pyd
2016-01-18 15:38 - 2016-01-18 15:38 - 00027136 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\_multiprocessing.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00020480 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\_yappi.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00035840 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\win32process.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00686080 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\unicodedata.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00123392 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\wx._wizard.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00024064 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\win32pipe.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00010240 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\select.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00025600 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\win32pdh.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00017408 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\win32profile.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00022528 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\win32ts.pyd
2016-01-18 15:39 - 2016-01-18 15:39 - 00078848 _____ () C:\Users\Oscar\AppData\Local\Temp\_MEI34362\wx._animate.pyd
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\...\100sexlinks.com -> 100sexlinks.com
 
There are 4791 more sites.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 06:34 - 2015-12-27 20:06 - 00001337 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2236986606-2246995401-2298012194-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: HssSrv => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AVG_TRAY => "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "c:\program files (x86)\divx\divx update\divxupdate.exe" /checknow
MSCONFIG\startupreg: EvtMgr6 => c:\program files\logitech\setpointp\setpoint.exe /launchgaming
MSCONFIG\startupreg: F5D7050v3 => 
MSCONFIG\startupreg: Google Update => "C:\Users\Oscar\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: LWS => c:\program files (x86)\logitech\lws\webcam software\lws.exe -hide
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RockMelt Update => "C:\Users\Oscar\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" /c
MSCONFIG\startupreg: RoxioDragToDisc => "C:\Program Files (x86)\Roxio\Drag-to-Disc\DrgToDsc.exe"
MSCONFIG\startupreg: Skype => "c:\program files (x86)\skype\phone\skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => 
MSCONFIG\startupreg: STCAgent => "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
MSCONFIG\startupreg: Steam => "c:\program files (x86)\steam\steam.exe" -silent
MSCONFIG\startupreg: uTorrent => "C:\Users\Oscar\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: ZyngaGamesAgent => "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A79AC70A-4523-4A55-AF15-FA5A5C17AA6F}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{FE908C82-4070-4989-9B65-FF9ABAD53323}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{30570735-C0C4-4BC9-AF5A-86283CDFFB58}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{596F2F61-A5D1-431E-8C21-D0B7D6B2FE50}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{D42E4B71-368A-4D92-835D-0C2046D59D2C}C:\program files (x86)\thq\saints row the third\saintsrowthethird.exe] => (Allow) C:\program files (x86)\thq\saints row the third\saintsrowthethird.exe
FirewallRules: [UDP Query User{2D090D74-BE30-4889-B73E-56F4CB92104A}C:\program files (x86)\thq\saints row the third\saintsrowthethird.exe] => (Allow) C:\program files (x86)\thq\saints row the third\saintsrowthethird.exe
FirewallRules: [TCP Query User{E228379B-6496-400C-A1D3-129B2B2F123E}C:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe] => (Allow) C:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe
FirewallRules: [UDP Query User{2D063795-0EB6-48FC-805B-AEC0B0EBE713}C:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe] => (Allow) C:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe
FirewallRules: [TCP Query User{859E6787-A481-48F3-8040-E835925ED2DE}C:\users\oscar\downloads\utorrent.exe] => (Allow) C:\users\oscar\downloads\utorrent.exe
FirewallRules: [UDP Query User{A78B7A95-9B94-4F3C-B71A-35AE57AB1DE7}C:\users\oscar\downloads\utorrent.exe] => (Allow) C:\users\oscar\downloads\utorrent.exe
FirewallRules: [{8986E9CD-2469-4ED5-9F82-80DB6D729E47}] => (Block) C:\users\oscar\downloads\utorrent.exe
FirewallRules: [{BA4E6372-953D-4971-A214-6A99FF358E92}] => (Block) C:\users\oscar\downloads\utorrent.exe
FirewallRules: [TCP Query User{D7F7F6E8-1D37-4911-984C-8EDA763EF17E}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{DC81D403-FA92-4166-ABAD-3BC76979B5ED}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [{7B4BEFD4-F710-4807-B987-9E8A3E51955F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{12986BF8-5038-4264-877F-06636F8ECA8D}] => (Allow) LPort=2869
FirewallRules: [{81123AD7-1B06-4D36-A67B-8EBDBA710E31}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{145D4137-DFC0-427A-ABB0-16BD1525AEDC}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{97C5AAC7-D7C8-4FFB-A600-7A265F4E4C75}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{FAFE9AA6-6BDC-47BB-AA9F-41444BBA785B}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{F2DB2A0B-E171-47EA-B45E-E21CFC10BAC5}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{C7E6E133-A94B-4E9B-8446-6DBE867243CD}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{F7C56592-BCE6-4698-94C4-37D947287F89}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{7F55CED8-FBC9-4112-BC62-5926E6AF761A}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{297610DC-F0BF-491D-BFFA-43459784C264}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{8D1A2742-C804-4C21-A5D5-E397F7CB507A}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe
FirewallRules: [UDP Query User{3CDC1881-EE81-4D19-83AD-61FFEA980343}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe
FirewallRules: [{3C8BED81-5305-4566-BF84-A25B5641A048}] => (Block) C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe
FirewallRules: [{5A9939A3-A267-452C-9869-DAC92B088185}] => (Block) C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe
FirewallRules: [{FB91E17E-DE74-4DFF-A7F3-43E51983A8CD}] => (Allow) C:\Program Files (x86)\Codemasters\DiRT 3\dirt3_game.exe
FirewallRules: [{400C57F0-569E-4EC2-8F2E-1327C24D140A}] => (Allow) C:\Program Files (x86)\Codemasters\DiRT 3\dirt3_game.exe
FirewallRules: [{9FC5145F-EB8A-4B41-A3A7-318163376B0A}] => (Allow) LPort=57149
FirewallRules: [{78120AC7-31E6-4056-A94A-2607FAFBEA51}] => (Allow) LPort=57149
FirewallRules: [{4DF3D677-C593-4192-9E12-9AA815F75903}] => (Allow) LPort=57149
FirewallRules: [{196D6514-1D47-44CB-A017-FE1FDBAC5004}] => (Allow) LPort=57149
FirewallRules: [{F9DFB49E-7871-4DA9-A5B0-A769F39001F9}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{FCDCBD77-C3E9-414B-97C7-0CE85ED5FD27}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{93D5FFC0-0B9C-4697-9859-8EFC60CDB2E3}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [TCP Query User{29E8CEA8-D96B-4C60-843A-EB358DC3B804}C:\users\oscar\downloads\utorrent(torrent,remote.utorrent.com^2ftiny^2fa1nddn).exe] => (Allow) C:\users\oscar\downloads\utorrent(torrent,remote.utorrent.com^2ftiny^2fa1nddn).exe
FirewallRules: [UDP Query User{85B81660-567F-441F-872E-61E28EC0DF96}C:\users\oscar\downloads\utorrent(torrent,remote.utorrent.com^2ftiny^2fa1nddn).exe] => (Allow) C:\users\oscar\downloads\utorrent(torrent,remote.utorrent.com^2ftiny^2fa1nddn).exe
FirewallRules: [{B509A84F-B493-4707-9E82-495089F48BEF}] => (Block) C:\users\oscar\downloads\utorrent(torrent,remote.utorrent.com^2ftiny^2fa1nddn).exe
FirewallRules: [{9AF92180-4F52-4BF7-858F-28E8E88FDD16}] => (Block) C:\users\oscar\downloads\utorrent(torrent,remote.utorrent.com^2ftiny^2fa1nddn).exe
FirewallRules: [{CC092261-074A-4B63-AF1E-459DAA5376F9}] => (Allow) C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8DE26374-3F38-40A3-A57C-80913B52900A}] => (Allow) C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6BA974E7-AF67-4884-844E-2BB9DB1BA5DA}] => (Allow) C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{55540B48-8E40-4ED2-AFAB-D32F2BBDEC57}] => (Allow) C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{34F78033-C3D9-4AC7-AEED-646056C6217C}C:\users\oscar\desktop\games\gta san andreas\server\samp-server.exe] => (Allow) C:\users\oscar\desktop\games\gta san andreas\server\samp-server.exe
FirewallRules: [UDP Query User{8E9BF5EF-E098-4D1D-87D1-BAB9BD6AF76F}C:\users\oscar\desktop\games\gta san andreas\server\samp-server.exe] => (Allow) C:\users\oscar\desktop\games\gta san andreas\server\samp-server.exe
FirewallRules: [{8884210A-7D8B-458D-906E-08A1AEE5EE40}] => (Block) C:\users\oscar\desktop\games\gta san andreas\server\samp-server.exe
FirewallRules: [{4A1D34F9-9C9A-4F9F-8EA8-4A12286CFC8A}] => (Block) C:\users\oscar\desktop\games\gta san andreas\server\samp-server.exe
FirewallRules: [{5E6B5D9C-AAF3-4478-8CCB-AED5C90EA9DB}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{A64681EA-D1A3-41F8-93FC-1FA44691F745}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{3C74E920-374E-422B-BC53-0AE3D0C2EB3D}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{8BC2A5CA-44F1-40FC-B65F-BE2EB24B8C16}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [TCP Query User{26A317C0-C6CA-4F7B-970D-656261FD694A}C:\program files (x86)\atari\tdu2\_uplauncher.exe] => (Block) C:\program files (x86)\atari\tdu2\_uplauncher.exe
FirewallRules: [UDP Query User{D87FB1CB-AA88-4619-BC53-494ECC239CD2}C:\program files (x86)\atari\tdu2\_uplauncher.exe] => (Block) C:\program files (x86)\atari\tdu2\_uplauncher.exe
FirewallRules: [TCP Query User{20B2EC03-CCB0-448A-8D77-5AB85F7B2DCC}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Block) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{B3739BE2-44A5-4A2F-B374-375A16559E01}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Block) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [TCP Query User{3B65449A-6E5B-4B24-93E9-CAF7C6F90AD9}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{B39ADFEC-A2C9-479A-BD46-7D0E37AFC7E7}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [{A8AE63A1-4EA9-4E60-BE32-D76447039EA1}] => (Block) C:\windows\system32\java.exe
FirewallRules: [{BD89ACD8-B3EC-4AB9-827F-E5D325FE540D}] => (Block) C:\windows\system32\java.exe
FirewallRules: [{C8070F3D-0D37-453C-84F7-03632C214804}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5EA069CC-ADBD-4866-9452-17C0563E6E61}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{6C2DFC01-9DDB-4C97-AF85-76367E5080D5}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{79698BFF-36A0-4F69-92FB-A2AB690B5369}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{9DA228A1-621D-414A-9EB1-AB89A37875FE}] => (Allow) LPort=56286
FirewallRules: [{0B8610F5-4F36-4026-98A0-D8D6B256F2A8}] => (Allow) LPort=56286
FirewallRules: [{81DA1778-3463-4671-8EC8-06662F04843D}] => (Allow) LPort=56286
FirewallRules: [{9B0D469C-DF08-4674-9808-2DE448F1C659}] => (Allow) LPort=56286
FirewallRules: [{4FA89AF3-A936-4B47-A5EF-4A87C0107B9C}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{7C8A662B-F0D8-4059-8D9C-3F1F12CE9875}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe
FirewallRules: [{25D8220A-AFD2-402C-96BF-3C857BC20E23}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe
FirewallRules: [{15D4E193-A65E-411F-8C2C-ED0D37D60565}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{5A349138-6579-4BEE-962B-F3AF439595E6}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [TCP Query User{F8EF695A-15AF-4AA0-AA80-5EB25E18D3A7}C:\program files (x86)\sony\vegas pro 11.0\vegas110.exe] => (Allow) C:\program files (x86)\sony\vegas pro 11.0\vegas110.exe
FirewallRules: [UDP Query User{2D039DDC-97D4-4000-8C4D-B454C1571749}C:\program files (x86)\sony\vegas pro 11.0\vegas110.exe] => (Allow) C:\program files (x86)\sony\vegas pro 11.0\vegas110.exe
FirewallRules: [{BBCD6EAC-ABA4-4EA0-9819-58A36280B7E4}] => (Block) C:\program files (x86)\sony\vegas pro 11.0\vegas110.exe
FirewallRules: [{68439B34-8A21-49F1-B9BB-DF793A651646}] => (Block) C:\program files (x86)\sony\vegas pro 11.0\vegas110.exe
FirewallRules: [TCP Query User{78691B8D-5662-4D09-90B2-7F90464F933C}C:\users\oscar\downloads\call of duty world at war full game mp - sp  -=aviara=-\call of duty - world at war\cod5sp.exe] => (Allow) C:\users\oscar\downloads\call of duty world at war full game mp - sp  -=aviara=-\call of duty - world at war\cod5sp.exe
FirewallRules: [UDP Query User{D9AC850D-D075-470C-84F4-8311C498A882}C:\users\oscar\downloads\call of duty world at war full game mp - sp  -=aviara=-\call of duty - world at war\cod5sp.exe] => (Allow) C:\users\oscar\downloads\call of duty world at war full game mp - sp  -=aviara=-\call of duty - world at war\cod5sp.exe
FirewallRules: [{173FF123-21B1-423F-B81E-305915E8A41F}] => (Block) C:\users\oscar\downloads\call of duty world at war full game mp - sp  -=aviara=-\call of duty - world at war\cod5sp.exe
FirewallRules: [{C6B6E615-8037-44FF-9908-B89755CAFFE6}] => (Block) C:\users\oscar\downloads\call of duty world at war full game mp - sp  -=aviara=-\call of duty - world at war\cod5sp.exe
FirewallRules: [TCP Query User{3383BBCB-D64A-47DA-8343-B89F7C6FBEB9}C:\users\oscar\downloads\call of duty world at war full game mp - sp  -=aviara=-\call of duty - world at war\cod5mp.exe] => (Allow) C:\users\oscar\downloads\call of duty world at war full game mp - sp  -=aviara=-\call of duty - world at war\cod5mp.exe
FirewallRules: [UDP Query User{E4B8631F-8BBB-4728-9AAA-937D0A817566}C:\users\oscar\downloads\call of duty world at war full game mp - sp  -=aviara=-\call of duty - world at war\cod5mp.exe] => (Allow) C:\users\oscar\downloads\call of duty world at war full game mp - sp  -=aviara=-\call of duty - world at war\cod5mp.exe
FirewallRules: [{876A2AD3-BF5F-4F06-968A-CE5B32E7068C}] => (Block) C:\users\oscar\downloads\call of duty world at war full game mp - sp  -=aviara=-\call of duty - world at war\cod5mp.exe
FirewallRules: [{8D23C39A-7222-4259-9425-C58F346A18E3}] => (Block) C:\users\oscar\downloads\call of duty world at war full game mp - sp  -=aviara=-\call of duty - world at war\cod5mp.exe
FirewallRules: [TCP Query User{33D034F4-2D36-4240-B292-24008641946C}C:\program files (x86)\black_box\batman arkham city\binaries\win32\batmanac.exe] => (Block) C:\program files (x86)\black_box\batman arkham city\binaries\win32\batmanac.exe
FirewallRules: [UDP Query User{01725935-B270-4A26-A762-D1D51AB403EF}C:\program files (x86)\black_box\batman arkham city\binaries\win32\batmanac.exe] => (Block) C:\program files (x86)\black_box\batman arkham city\binaries\win32\batmanac.exe
FirewallRules: [TCP Query User{B0DDBD0A-6CDE-458E-A57A-613E4475A2C8}C:\users\oscar\desktop\games\call of duty modern warfare 2\installation files\mw2 alterrev (wethehackerzz)\modern warfare 2 aiw pre-final\iw4mp.dat] => (Allow) C:\users\oscar\desktop\games\call of duty modern warfare 2\installation files\mw2 alterrev (wethehackerzz)\modern warfare 2 aiw pre-final\iw4mp.dat
FirewallRules: [UDP Query User{9AD58B02-2824-4AA1-995A-593C02188564}C:\users\oscar\desktop\games\call of duty modern warfare 2\installation files\mw2 alterrev (wethehackerzz)\modern warfare 2 aiw pre-final\iw4mp.dat] => (Allow) C:\users\oscar\desktop\games\call of duty modern warfare 2\installation files\mw2 alterrev (wethehackerzz)\modern warfare 2 aiw pre-final\iw4mp.dat
FirewallRules: [{BABA4A4F-2072-4A1B-97E4-A06D4AA2EEFE}] => (Block) C:\users\oscar\desktop\games\call of duty modern warfare 2\installation files\mw2 alterrev (wethehackerzz)\modern warfare 2 aiw pre-final\iw4mp.dat
FirewallRules: [{02661631-C5E4-4269-AB56-F30CEC2AE1C1}] => (Block) C:\users\oscar\desktop\games\call of duty modern warfare 2\installation files\mw2 alterrev (wethehackerzz)\modern warfare 2 aiw pre-final\iw4mp.dat
FirewallRules: [{46A37288-7B80-4631-8AF2-8E550536707D}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{A4A284B4-3FD9-484B-BEF5-86C42DCEB527}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [TCP Query User{4DDB9B50-2E1B-487C-9602-94D89A1310AE}C:\users\oscar\desktop\games\call of duty modern warfare 2\installation files\mw2 alterrev (wethehackerzz)\modern warfare 2 aiw pre-final\iw4mp.exe] => (Block) C:\users\oscar\desktop\games\call of duty modern warfare 2\installation files\mw2 alterrev (wethehackerzz)\modern warfare 2 aiw pre-final\iw4mp.exe
FirewallRules: [UDP Query User{7C7255E1-8062-49C1-B404-5A9465854F58}C:\users\oscar\desktop\games\call of duty modern warfare 2\installation files\mw2 alterrev (wethehackerzz)\modern warfare 2 aiw pre-final\iw4mp.exe] => (Block) C:\users\oscar\desktop\games\call of duty modern warfare 2\installation files\mw2 alterrev (wethehackerzz)\modern warfare 2 aiw pre-final\iw4mp.exe
FirewallRules: [{2B5F3AFF-2A4F-44FD-B250-0AAA63723596}] => (Allow) C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe
FirewallRules: [{3116A7A3-9B35-44A7-8D59-6D8CE516DD18}] => (Allow) C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe
FirewallRules: [{3DF32723-720E-45B3-9DFD-63D382BF9CCD}] => (Allow) C:\Program Files (x86)\ExpressFiles\ExpressDL.exe
FirewallRules: [{1BE3078B-CAC0-4099-B8A7-67048CC5E2DC}] => (Allow) C:\Program Files (x86)\ExpressFiles\ExpressDL.exe
FirewallRules: [{748CAB00-A07B-4ACE-96D9-3660C4FD402E}] => (Allow) C:\Program Files (x86)\Rockstar Games\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [{69B93F0D-B066-4BEF-B620-557D36E4293C}] => (Allow) C:\Program Files (x86)\Rockstar Games\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [TCP Query User{2312FB30-DFA2-4C71-9F12-9228E49DC037}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe] => (Allow) C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{8C332068-5F30-4A55-AFF7-22840CCECB24}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe] => (Allow) C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [{9B125FF4-D917-4BFB-B051-FB92452B8621}] => (Block) C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [{AA94D68C-A7D4-49AB-B75B-54A1C5936980}] => (Block) C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [{7F4AA423-0A09-40E2-B4E1-CE6FCDFC132D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B2A6D61B-A77A-41D4-AA11-1AFFD5DAE83C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{57F26DD5-9A2B-4EFE-9BA4-43D64B5C84C6}C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe
FirewallRules: [UDP Query User{FCCC27A2-D7F3-4A6C-9253-6958D1C6D023}C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe
FirewallRules: [{F83D8F0E-5515-44B5-A2D0-183D2C8CB9C0}] => (Block) C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe
FirewallRules: [{BB4D2FF9-29F0-4B9E-A183-FDAE945C0877}] => (Block) C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe
FirewallRules: [TCP Query User{2C8F8513-AB06-4979-AF63-DB6425263923}C:\left 4 dead 2\left4dead2.exe] => (Allow) C:\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{764AC306-CC7F-4D7B-9678-13A63E920927}C:\left 4 dead 2\left4dead2.exe] => (Allow) C:\left 4 dead 2\left4dead2.exe
FirewallRules: [{AEF7D471-D7AE-427F-9CB3-7C9C672D4903}] => (Block) C:\left 4 dead 2\left4dead2.exe
FirewallRules: [{D4C613AB-DF56-4F52-A999-99C630BFDFD2}] => (Block) C:\left 4 dead 2\left4dead2.exe
FirewallRules: [TCP Query User{D98E2981-CFCA-4D02-852F-0960068C6B65}C:\program files (x86)\1clickdownload\1clickdownloader.exe] => (Allow) C:\program files (x86)\1clickdownload\1clickdownloader.exe
FirewallRules: [UDP Query User{53E74C5F-3A18-4BDD-A8BC-2B39CD9D3889}C:\program files (x86)\1clickdownload\1clickdownloader.exe] => (Allow) C:\program files (x86)\1clickdownload\1clickdownloader.exe
FirewallRules: [{F476AC42-8797-465E-8D5E-E804BB55B26F}] => (Block) C:\program files (x86)\1clickdownload\1clickdownloader.exe
FirewallRules: [{1DD0D18B-E48B-4795-8FB9-8F29ABCFDF23}] => (Block) C:\program files (x86)\1clickdownload\1clickdownloader.exe
FirewallRules: [{05785282-1C5B-4617-BB5F-EC03D59E66BE}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe
FirewallRules: [{EBB84FC7-BCEF-49F2-8059-42AAF1962118}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe
FirewallRules: [{099DA4F1-C00B-40DB-9F54-66688162A075}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Ghost Recon Future Soldier\gu.exe
FirewallRules: [{09010EC8-FCB3-4341-A32E-547184A1FD4A}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Ghost Recon Future Soldier\gu.exe
FirewallRules: [{C7C549DE-6C44-4FB4-9854-20DD7C3CD2F1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{9D79B4A0-666F-4F78-8E56-FC107F2838A2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{2EB0585F-EC7D-43BC-9432-6B89BE14EFFD}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{2E816046-63EA-4590-A87C-54C71F5BC138}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [{35A6E06D-678A-45D2-B32A-FDE11B8A4AB5}] => (Block) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [{FD6A4597-D008-419F-A4E7-5C4EBEC7E443}] => (Block) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [{A88FD998-22F2-4066-9EF9-60D7D0E1D265}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe
FirewallRules: [{C02D2CEB-D947-4B94-B32A-722396682DCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe
FirewallRules: [{69FEF653-D39D-4381-A6F1-D48820DDB5C4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{99F58A58-397C-438A-8F8B-1F8C74BD9EB7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{9ADE6DED-73FD-4992-B542-C98809327C1E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{75C7BFFA-7A51-4319-B057-6EAC2F7BB797}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [TCP Query User{0E2B20BA-A8B3-4F13-8E8A-463F5F61A277}C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{9D94980B-BB95-41CE-8ECB-A695087B5CC3}C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{FEA0E076-6449-4AEE-8F92-5DD4F8AB286D}] => (Block) C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{539FC3EA-BAE7-45F8-ACA3-F025B9783AD2}] => (Block) C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{14450704-1353-47C0-BD72-2B9B7E6DE18F}] => (Allow) C:\Program Files (x86)\Ubisoft\Driver San Francisco\Driver.exe
FirewallRules: [{D1D17815-E10E-491B-AC26-09230A221A49}] => (Allow) C:\Program Files (x86)\Ubisoft\Driver San Francisco\Driver.exe
FirewallRules: [TCP Query User{D32C6012-EDDB-4947-8305-AA216AFA8806}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{54F79A84-CA96-42AA-A235-BB6C820EA0FB}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{1A03B07B-9A92-4900-916D-AB1E41C25BE1}] => (Block) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{2C021E62-1B52-4D3D-B023-686CBFC9BA76}] => (Block) C:\program files\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{61D5B9D8-4B25-49BE-B510-CF3BBA7849AF}C:\program files (x86)\farcry 3\bin\farcry3.exe] => (Allow) C:\program files (x86)\farcry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{D27DFF21-3DE5-450D-B292-E6B9ECB25A89}C:\program files (x86)\farcry 3\bin\farcry3.exe] => (Allow) C:\program files (x86)\farcry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{B3BE97E8-71AE-497F-838A-70F34BF13740}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe] => (Block) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe
FirewallRules: [UDP Query User{E3954216-C5A3-44EB-A47A-10700F6B4FEC}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe] => (Block) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe
FirewallRules: [{F426683E-D9F8-4F4F-B712-BFCD2EB68B46}] => (Allow) C:\Program Files (x86)\War Thunder\launcher.exe
FirewallRules: [{C57B6A2D-3D67-4EC3-B01F-DA35AE30797E}] => (Allow) C:\Program Files (x86)\War Thunder\launcher.exe
FirewallRules: [{958E42F1-9C24-40AB-8354-343DAC56C1F8}] => (Allow) LPort=80
FirewallRules: [{3D2DA30E-06FC-4E76-B8DF-A80CDE02F856}] => (Allow) LPort=443
FirewallRules: [{D9E533B7-0550-4C91-8E1B-2EEFEBD9B0B3}] => (Allow) LPort=20010
FirewallRules: [{477902F8-5307-4837-838B-AD572601690F}] => (Allow) LPort=3478
FirewallRules: [{3D73F0E0-EFB3-435A-9294-B44EEC5DAAC0}] => (Allow) LPort=7850
FirewallRules: [{178CCE66-1B04-475B-9A57-10363682D370}] => (Allow) LPort=27022
FirewallRules: [{37A6903F-846D-4BEC-98B9-4DBDDC25EFE8}] => (Allow) LPort=6881
FirewallRules: [{B3AA549C-F6B0-4E2B-8B28-F2F1B39DDC7F}] => (Allow) LPort=33333
FirewallRules: [{601962A1-FFA4-4113-BEF9-B94729DCCA3B}] => (Allow) LPort=20443
FirewallRules: [{03D52027-D896-42A5-838B-3469879E0B3D}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{7A9BAABD-D4F5-4486-BFDC-DE5B04421E13}C:\program files (x86)\war thunder\aces.exe] => (Allow) C:\program files (x86)\war thunder\aces.exe
FirewallRules: [UDP Query User{5CB7F2AD-5A53-46C9-B070-0B0D960347DD}C:\program files (x86)\war thunder\aces.exe] => (Allow) C:\program files (x86)\war thunder\aces.exe
FirewallRules: [{12222F39-0F45-4DEA-AD6F-A78B62A3B8A1}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{17308F4D-CCD2-4C94-9728-E07F3B1FF2E3}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{0BD632A5-1571-40D9-8506-A37A96A39906}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{AE9547D2-39A1-4B78-ABDA-6F7E14D0C764}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{D8EA7803-5D29-467A-A825-FA6D53C2D798}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
FirewallRules: [{AC80AC32-1970-4001-8D32-72B068CF1689}] => (Allow) C:\Users\Oscar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E57487EE-EFC9-4075-99A1-DFC6B10D9726}] => (Allow) C:\Users\Oscar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{23CD4E28-54D0-4A61-8403-9229DC7565C2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BCBBAD02-87CA-4CB7-BEC2-5082A449ADB5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6C98F008-D4B2-4559-B46D-069BC362D3B7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2E99CB29-5650-42DB-AB79-19C027D8864A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4E87612F-7C0D-48C5-9A3B-AB3B1E689C3D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{8C8C6254-D26B-4274-A905-DD95D3AB60F9}C:\users\oscar\desktop\home\call of duty 4\files\call of duty modern warfare\iw3mp.exe] => (Allow) C:\users\oscar\desktop\home\call of duty 4\files\call of duty modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{02542219-656D-43D0-BC2D-A2DB28B8D68D}C:\users\oscar\desktop\home\call of duty 4\files\call of duty modern warfare\iw3mp.exe] => (Allow) C:\users\oscar\desktop\home\call of duty 4\files\call of duty modern warfare\iw3mp.exe
FirewallRules: [{DDD8A395-5189-4567-AF4E-7C04B405DC3A}] => (Block) C:\users\oscar\desktop\home\call of duty 4\files\call of duty modern warfare\iw3mp.exe
FirewallRules: [{DA7C8D56-42BC-4D29-9F95-7990C815151D}] => (Block) C:\users\oscar\desktop\home\call of duty 4\files\call of duty modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{E755C2C2-D3FE-4397-9974-3F3EE5DC9B4F}C:\program files (x86)\greenfoot\greenfoot.exe] => (Allow) C:\program files (x86)\greenfoot\greenfoot.exe
FirewallRules: [UDP Query User{DC0CBBFA-78C3-4E4B-87EE-7FF26291480C}C:\program files (x86)\greenfoot\greenfoot.exe] => (Allow) C:\program files (x86)\greenfoot\greenfoot.exe
FirewallRules: [TCP Query User{429EBD54-C5D6-4EF8-A2E3-BC0A73D01AA0}C:\program files (x86)\greenfoot\jdk\jre\bin\java.exe] => (Allow) C:\program files (x86)\greenfoot\jdk\jre\bin\java.exe
FirewallRules: [UDP Query User{4321E2F8-CA96-48E4-B199-91F675EA1563}C:\program files (x86)\greenfoot\jdk\jre\bin\java.exe] => (Allow) C:\program files (x86)\greenfoot\jdk\jre\bin\java.exe
FirewallRules: [{18B16ED0-5349-4224-A21B-999E0AD3F9B1}] => (Block) C:\program files (x86)\greenfoot\jdk\jre\bin\java.exe
FirewallRules: [{0D0A128A-8093-4817-96EC-74B541644AC2}] => (Block) C:\program files (x86)\greenfoot\jdk\jre\bin\java.exe
FirewallRules: [{1E28603D-FAC8-4440-ACBF-BED1A93303B6}] => (Block) C:\program files (x86)\greenfoot\greenfoot.exe
FirewallRules: [{2D70601F-2566-4F2C-BC4A-864F4E8CC5EF}] => (Block) C:\program files (x86)\greenfoot\greenfoot.exe
FirewallRules: [TCP Query User{F30C12EF-C701-4004-BC07-DF0B4CE0BD0A}C:\r.g. catalyst\portal 2\portal2.exe] => (Block) C:\r.g. catalyst\portal 2\portal2.exe
FirewallRules: [UDP Query User{6CB74D1A-02D7-4907-8721-FC99AB5673D6}C:\r.g. catalyst\portal 2\portal2.exe] => (Block) C:\r.g. catalyst\portal 2\portal2.exe
FirewallRules: [TCP Query User{37225DC0-925F-4A1B-981A-36F1130080A7}C:\users\oscar\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\oscar\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{F1F8B20E-EA30-46AB-9B29-47476DB83A87}C:\users\oscar\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\oscar\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{99D13CB7-B9F4-4497-9BFD-084895507A1A}] => (Block) C:\users\oscar\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{4F3ADDD9-91EA-4C8F-B876-96BAEABDA5D1}] => (Block) C:\users\oscar\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [TCP Query User{DAA9EC00-F2C4-4309-AB62-50C30FC45780}C:\users\oscar\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\oscar\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{68FE602D-92F5-48E5-AD64-8FD5EAEF2DE5}C:\users\oscar\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\oscar\appdata\local\popcorn time\nw.exe
FirewallRules: [{141BE3F9-CBDA-48FB-A707-2D5999670357}] => (Block) C:\users\oscar\appdata\local\popcorn time\nw.exe
FirewallRules: [{D6D24702-B7C7-44A7-B68D-8850A5E313E9}] => (Block) C:\users\oscar\appdata\local\popcorn time\nw.exe
FirewallRules: [{D76248B7-4EF0-486D-A89E-4214AF0D4B78}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6B1B9C07-D46D-4885-BCD9-7DC4F464EBF5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FE35E21A-3970-4FAB-A574-CF7AE62F50FC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C90C85FD-900B-43D2-8110-427D6D5D7769}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{4291765E-47E5-4DFF-8F89-C57909DD6D82}C:\users\oscar\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\oscar\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4A1839C2-3416-49F3-98EF-7E2EF1388FA9}C:\users\oscar\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\oscar\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FF2FC60F-9E56-4FF3-8F04-760F7CDA0A1E}] => (Block) C:\users\oscar\appdata\roaming\spotify\spotify.exe
FirewallRules: [{1A3119B2-A192-4D0E-99CB-6EFE1F5CC01F}] => (Block) C:\users\oscar\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D5F1CE27-D183-4F73-BC7B-BB13E265EF9B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{87211C02-A103-40CC-8E4A-CF36E01AEF14}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{E8BEE251-06FF-41F9-812C-41058A9B2B92}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{E0716C12-6F07-4D1D-ADA1-F48E16D7F40E}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{3C02DFFC-D09B-4695-BA05-129669AEF026}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{C13DE171-D45B-4266-B2A9-52C957749DFB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
20-01-2016 03:00:12 Windows Update
21-01-2016 03:00:27 Windows Update
22-01-2016 03:00:11 Windows Update
23-01-2016 03:00:12 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/23/2016 12:12:17 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (01/23/2016 12:12:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (01/23/2016 11:23:26 AM) (Source: Google Update) (EventID: 20) (User: Oscar-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
 
Error: (01/23/2016 10:23:27 AM) (Source: Google Update) (EventID: 20) (User: Oscar-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
 
Error: (01/23/2016 09:23:29 AM) (Source: Google Update) (EventID: 20) (User: Oscar-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
 
Error: (01/23/2016 08:23:29 AM) (Source: Google Update) (EventID: 20) (User: Oscar-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
 
Error: (01/23/2016 07:23:30 AM) (Source: Google Update) (EventID: 20) (User: Oscar-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
 
Error: (01/23/2016 06:23:28 AM) (Source: Google Update) (EventID: 20) (User: Oscar-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
 
Error: (01/23/2016 05:23:29 AM) (Source: Google Update) (EventID: 20) (User: Oscar-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
 
Error: (01/23/2016 04:23:20 AM) (Source: Google Update) (EventID: 20) (User: Oscar-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
 
 
System errors:
=============
Error: (01/23/2016 09:21:27 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 for x64-based Systems (KB2973201).
 
Error: (01/23/2016 05:15:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 for x64-based Systems (KB3075249).
 
Error: (01/22/2016 07:43:45 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 for x64-based Systems (KB2973201).
 
Error: (01/22/2016 04:59:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 for x64-based Systems (KB3075249).
 
Error: (01/21/2016 07:51:52 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 for x64-based Systems (KB2973201).
 
Error: (01/21/2016 05:06:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 for x64-based Systems (KB3075249).
 
Error: (01/20/2016 07:31:59 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
%%1058
 
Error: (01/20/2016 07:39:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 for x64-based Systems (KB2973201).
 
Error: (01/20/2016 04:59:39 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 for x64-based Systems (KB3075249).
 
Error: (01/19/2016 07:30:50 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 for x64-based Systems (KB2973201).
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 93%
Total physical RAM: 4079.3 MB
Available physical RAM: 256.39 MB
Total Virtual: 11582.86 MB
Available Virtual: 4206.37 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.66 GB) (Free:57.26 GB) NTFS
Drive l: (EXTERNAL) (Fixed) (Total:298.02 GB) (Free:119.59 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 56786520)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 298.1 GB) (Disk ID: CD0506E4)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=0C)
 
==================== End of Addition.txt ============================


#8 olgun52

olgun52

  • Malware Response Team
  • 3,782 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 23 January 2016 - 09:16 AM

Chrome browser ==> CHR Extension: (SavePages) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfcamfllailmlhibpelbdcpehpegbbjk

How to uninstall Hicosmea from Google Chrome

Remove add-on:
Customize and Control Google Chrome - Tools - Extensions - Remove SavePages
======================================================================

Uninstall/remove all entries related to 10Bit  that program has dubious history..

Personally I would not trust installing any software from a company that resorts to stealing someone's technology to sell their product. Please see the following links and make up your own mind if you want to keep this on your system. If needed I can help you remove it.

IOBit Steals Malwarebytes' Intellectual Property
IOBit's Denial of Theft Unconvincing
IOBit Theft Conclusion
IObit: Trusting Your Antivirus Vendor
Malwarebytes: IObit Stole Our Signatures Database
IObit accused of stealing from Malwarebytes
http://shanegowland....-sucky-company/
 
-----------------------------------------------------------------
 
Going over your logs I noticed that you have µTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

 

After please read AVG Web TuneUp

http://miekiemoes.blogspot.com.tr/2008/02/registry-cleaners-and-system-tweaking_13.html

 

My suggestions;  Please do the following,

 

Uninstall some programs:
We need to uninstall some unwanted/unneeded programs.

  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search there for each entry mentioned below, right-click the entry and click Uninstall one at a time

The list of programs to uninstall:

Advanced SystemCare Ultimate
IObit Malware Fighter
Driver Booster
IObit Uninstaller
Smart Defrag
Surfing Protection
µTorrent
AVG Web TuneUp
Premiumplay Codec-C
Lyrics-Pal
C:\Program Files (x86)\AVG Web TuneUp
C:\Program Files \IOBit

After completing uninstalls, please manually reboot your machine!

:step1:    If you get the message like: An error occurred while trying to uninstall, just press Yes.
:step2:    If you are unable to uninstall all programs, please inform me, but continue with other steps.

===============================================================================================

 

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista / 7 / 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

====================================================================================

Java update:
Updating Java and Clearing Cache:

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to update.

Please go to Start > Control Panel > Programs and Features > uninstall all the Java Programs you see, now download the latest Java from the following link and install it:
Java 7 Update 71
Java 8 Update 40

Now system reboot.

  • Download the latest version of Java Runtime Environment (JRE) 8
  • Recommended Version is 8 Update 71
  • Read the License Agreement then select Accept License Agreement
  • Click on the link to download Windows Offline (64-bit)  and save the file.
  • Close any programs you may have running - especially your web browser.

java-1.jpg
See this page for instructions on how to clear java's cache.

Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)

  • Under Temporary Internet Files, click the Delete Files button.
  • There are three options in the window to clear the cache - Leave ALL 3 Checked
    • Downloaded Applets
      Downloaded Applications
      Installed Applications and Applets
  • Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
  • Click OK to leave the Java Control Panel.

 


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#9 Oscar19Ross

Oscar19Ross
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:37 PM

Posted 23 January 2016 - 12:34 PM

Ill uninstall all of them thanks, however i think I will keep Utorrent but i will just more more cautious when downloading torrents.
About savepages I cant physically delete the extension as it is "Installed by enterprise policy."
And for Java do i just have to uninstall all java linked applications from control panel then install java run-time environment, is that it?
Thanks



#10 Oscar19Ross

Oscar19Ross
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:37 PM

Posted 23 January 2016 - 01:07 PM

Okay I have done all of that and a bit more but obviously I still have this SavePages extension, any other ideas? Thanks



#11 olgun52

olgun52

  • Malware Response Team
  • 3,782 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 23 January 2016 - 02:01 PM

About savepages I cant physically delete the extension as it is "Installed by enterprise policy."

Can you send me screenshot ?

 

For Java do i just have to uninstall all java linked applications from control panel then install java run-time environment, is that it?

If you want, you can install directly.

 

 


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#12 Oscar19Ross

Oscar19Ross
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:37 PM

Posted 24 January 2016 - 06:57 AM

How do I send an image to you?



#13 olgun52

olgun52

  • Malware Response Team
  • 3,782 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 24 January 2016 - 12:51 PM

How do I send an image to you?

About savepages I cant physically delete the extension as it is "Installed by enterprise policy."

''savepages'' related the extension screenshot.

 

Why do not delete the extension ''savepages'' ?


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#14 Oscar19Ross

Oscar19Ross
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:37 PM

Posted 25 January 2016 - 07:08 AM

Ohh Sorry i just saw the bit at the top of your reply you put on how to delete it
Thank you so much managed to get rid of it !!



#15 olgun52

olgun52

  • Malware Response Team
  • 3,782 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 25 January 2016 - 02:25 PM

Namely, Is the "Save Pages"  the problem solved?

 

 

Step 1:
FRST Script:
Please download this attached Attached File  Fixlist.txt   7.16KB   3 downloads  and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

NOT : It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
and fixlist.txt are in the same location or the fix will not work.

Step 2:

Scan with Malwarebytes Antimalware:

Please download Malwarebytes Anti-Malware to your desktop.

  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply

Step 3:
Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.
    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users