calypso9
Members-
Posts
16 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by calypso9
-
I'm having an issue where I cannot get rid of the "Your system is not fully protected" message. Clicking "Fix Now" does nothing. My License information says "Malwarebytes Anit-Malware Preimum" State: Licensed Duration: Lifetime However on the Dashboard under "Real-Time Protection" it says "Available with Malwarebytes Anti-Malware Premium" The program seems to indicate I both do and do not have a premium license so I have no idea what to do. I've already done the clean and re-install process described here: https://forums.malwarebytes.org/index.php?/topic/146017-mbam-clean-removal-process-2x/ How do I enable Real-Time Protection? This happened after I installed the most recent MBAM update.
-
"Your system is not fully protected" possibly infected
calypso9 replied to calypso9's topic in Resolved Malware Removal Logs
Real-time protection is now enabled! Thank you! -
"Your system is not fully protected" possibly infected
calypso9 replied to calypso9's topic in Resolved Malware Removal Logs
attached zoek-results.log -
"Your system is not fully protected" possibly infected
calypso9 replied to calypso9's topic in Resolved Malware Removal Logs
Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Dizzle on Sat 07/18/2015 at 10:16:55.01. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: B:\Downloads\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 7/18/2015 10:18:09 AM Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\Steam deleted successfully C:\Users\Dizzle\AppData\Roaming\mpv deleted successfully C:\Users\Dizzle\AppData\Local\calibre-cache deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default user.js not found ---- Lines Customized removed from prefs.js ---- user_pref("extensions.testpilot.alreadyCustomizedToolbar", true); ---- FireFox user.js and prefs.js backups ---- prefs_20150718_1048_.backup ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Steam not found C:\Users\Dizzle\AppData\Roaming\calibre deleted C:\Users\Dizzle\AppData\Roaming\livestreamer deleted C:\Users\Dizzle\AppData\Roaming\transmission deleted C:\Users\Dizzle\.android deleted C:\PROGRA~3\Package Cache deleted C:\Users\Dizzle\AppData\Local\CrashRpt deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\SysWow64\AI_RecycleBin deleted C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\extensions\firefox@mega.co.nz.xpi deleted C:\Users\Dizzle\Desktop\Continue Media Player Classic Installation.lnk deleted C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\extensions\shumway@research.mozilla.org deleted "C:\Windows\Installer\24a8ff.msi" deleted "C:\Users\Dizzle\AppData\Local\{00E698F6-1CDC-4623-863D-8908F2D6149C}" deleted "C:\Users\Dizzle\AppData\Local\{5666E3A9-7AA4-4B28-8896-22E2EEFB3BD6}" deleted "C:\Users\Dizzle\AppData\Local\{9834506B-3318-454E-B080-613FEB23F057}" deleted "C:\Users\Dizzle\AppData\Local\{E894F7C8-5041-4DCD-8A84-EBE44E37AAF3}" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default user_pref("browser.search.defaultenginename.US", "Google"); user_pref("browser.search.selectedEngine", "Ixquick HTTPS"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default - DoNotTrackMe: Online Privacy Protection - %ProfilePath%\extensions\donottrackplus@abine.com - Firefogg - %ProfilePath%\extensions\firefogg@firefogg.org - MaskMe - %ProfilePath%\extensions\idme@abine.com - FT DeepDark - %ProfilePath%\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} - Disconnect - %ProfilePath%\extensions\2.0@disconnect.me.xpi - Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi - Instrument Test - %ProfilePath%\extensions\testpilot@labs.mozilla.com.xpi - NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi - Abduction - %ProfilePath%\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default 4C07B5286D129DFD25C24B4A31B9B888 - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll - Happy Cloud Plugin ==== Deleted Firefox Extensions ====================== C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\extensions\donottrackplus@abine.com deleted ==== Chromium Look ====================== Chrome Hotword Shared Module - Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg ==== Chromium Startpages ====================== C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Preferences ooglesyndication.com:443":{"alternative_service":[{"port":443,"probability":0.02,"protocol_str":"quic"}],"network_stats":{"srtt":46727},"supports_spdy":true},"tpc.googlesyndication.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":47908}},"translate.google.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}]},"translate.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"triggeredmail.appspot.com:80":{"alternative_service":[{"port":80,"probability":0.02,"protocol_str":"quic"}]},"twitter.com:443":{"supports_spdy":true},"video-ad-stats.googlesyndication.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"video-ad-stats.googlesyndication.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"whatistheexcel.com:443":{"supports_spdy":true},"www.facebook.com:443":{"supports_spdy":true},"www.google-analytics.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":65419},"supports_spdy":true},"www.google-analytics.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":62271}},"www.google.co.in:443":{"alternative_service":[{"port":443,"probability":0.01,"protocol_str":"quic"}],"supports_spdy":true},"www.google.co.in:80":{"alternative_service":[{"port":80,"probability":0.01,"protocol_str":"quic"}]},"www.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":60550},"supports_spdy":true},"www.google.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":55907}},"www.googleadservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":64139},"supports_spdy":true},"www.googleadservices.com:80":{"alternative_service":[{"port":80,"probability":0.5,"protocol_str":"quic"}],"network_stats":{"srtt":62624}},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":54440},"supports_spdy":true},"www.googletagmanager.com:443":{"alternative_service":[{"port":443,"probability":0.08,"protocol_str":"quic"}],"supports_spdy":true},"www.googletagmanager.com:80":{"alternative_service":[{"port":80,"probability":0.5,"protocol_str":"quic"}],"network_stats":{"srtt":40557}},"www.googletagservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":95628},"supports_spdy":true},"www.googletagservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":45215}},"www.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":50465},"supports_spdy":true},"www.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.01,"protocol_str":"quic"}]},"www.youtube-nocookie.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":50872},"supports_spdy":true},"www.youtube-nocookie.com:80":{"alternative_service":[{"port":80,"probability":0.01,"protocol_str":"quic"}]},"www.youtube.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":45076},"supports_spdy":true},"www.youtube.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":56027}},"youtu.be:443":{"alternative_service":[{"port":443,"probability":0.5,"protocol_str":"quic"}],"supports_spdy":true},"yt3.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":51328},"supports_spdy":true},"yt3.ggpht.com:80":{"alternative_service":[{"port":80,"probability":0.01,"protocol_str":"quic"}]}},"supports_quic":{"address":"::ffff:2602:306","used_quic":true},"version":3}},"plugins":{"last_internal_directory":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.134","migrated_to_pepper_flash":true,"plugins_list":[{"enabled":true,"name":"Widevine Content Decryption Module","path":"C:\\Users\\Dizzle\\AppData\\Local\\Google\\Chrome\\User Data\\WidevineCDM\\1.4.8.823\\_platform_specific\\win_x86\\widevinecdmadapter.dll","version":"1.4.8.823"},{"enabled":true,"name":"Chrome PDF Viewer","path":"chrome-extension://mhjfbmdgcfjbbpaeojofohoefgiehjai/","version":""},{"enabled":true,"name":"Shockwave Flash","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.134\\PepperFlash\\pepflashplayer.dll","version":"18.0.0.209"},{"enabled":true,"name":"Chrome Remote Desktop Viewer","path":"internal-remoting-viewer","version":""},{"enabled":true,"name":"Native Client","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.134\\internal-nacl-plugin","version":""},{"enabled":true,"name":"Chrome PDF Viewer","path":"internal-pdf-viewer","version":""},{"enabled":true,"name":"Adobe Flash Player"},{"enabled":true,"name":"Chrome PDF Viewer"},{"enabled":true,"name":"Chrome Remote Desktop Viewer"},{"enabled":true,"name":"Native Client"},{"enabled":true,"name":"Widevine Content Decryption Module"}],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"":{"setting":1},"https://www.youtube.com:443,https://www.youtube.com:443":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{"[*.]uverse.com,*":{"setting":1}},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]uverse.com,*":{"plugins":1},"https://www.yofla.com:443,https://www.yofla.com:443":{"fullscreen":1},"https://www.youtube.com:443,https://www.youtube.com:443":{"fullscreen":1}},"pref_version":1},"created_by_version":"35.0.1916.153","exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"First user","per_host_zoom_levels":{}},"protection":{"macs":{}},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13048384711832788"},"settings":{"privacy":{"drm_salt":"39A6173C4733B8736C084E90B333926C237DE718D4E2D01A460B715D49761E69"}},"sync_promo":{"startup_count":10},"translate_accepted_count":{"fr":0},"translate_blocked_languages":["en"],"translate_denied_count":{"fr":2},"translate_last_denied_time":1413584425365.611,"translate_too_often_denied":true,"translate_whitelists":{}} ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9C8928403D4AB094F99FBA20A329833F deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{048298C9-A4D3-490B-9FF9-AB023A9238F3} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\9C8928403D4AB094F99FBA20A329833F deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Dizzle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Dizzle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Dizzle\AppData\Local\Mozilla\Firefox\Profiles\ozyymxpn.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=806 folders=478 1203688933 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Dizzle\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Dizzle\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on Sat 07/18/2015 at 11:03:38.09 ====================== -
"Your system is not fully protected" possibly infected
calypso9 replied to calypso9's topic in Resolved Malware Removal Logs
Forgot the attachment, sorry MGADiagReport.txt -
"Your system is not fully protected" possibly infected
calypso9 replied to calypso9's topic in Resolved Malware Removal Logs
Thanks for your help -
"Your system is not fully protected" possibly infected
calypso9 replied to calypso9's topic in Resolved Malware Removal Logs
It always just persists whenever MBAM is running. Please see the link to the previous thread. Real-time protection is unable to be activated. (Second half off Addition.txt) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{71E24ADE-6F5D-45DC-96ED-FDEAB020B2F2}] => (Allow) B:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{D944C32F-C416-45B4-BBD0-22CA48AC4886}] => (Allow) B:\Program Files (x86)\Steam\Steam.exeFirewallRules: [TCP Query User{8F9742CB-955B-4ED6-8BA0-632D6C4BE44E}C:\program files (x86)\transmission-qt\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission-qt\transmission-qt.exeFirewallRules: [uDP Query User{B3B7D072-68CC-4D1C-A21C-777BD5E01710}C:\program files (x86)\transmission-qt\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission-qt\transmission-qt.exeFirewallRules: [TCP Query User{59A620D0-D260-451A-96EC-53A8A4B8A3EA}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exeFirewallRules: [uDP Query User{CF3A78B3-8857-4189-9A31-79C026830864}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exeFirewallRules: [{7F13FCD3-8B96-479F-AFE8-31743346F8CE}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\The Secret World\ClientPatcher.exeFirewallRules: [{5AF6C339-9E84-495C-B01F-13ABD7A5313A}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\The Secret World\ClientPatcher.exeFirewallRules: [TCP Query User{60003254-D722-45BD-8C83-D6D60F29D603}C:\program files (x86)\squareenix\final fantasy xiv - a realm reborn (beta version)\game\ffxiv.exe] => (Allow) C:\program files (x86)\squareenix\final fantasy xiv - a realm reborn (beta version)\game\ffxiv.exeFirewallRules: [uDP Query User{8903C65C-2754-4D87-B9AF-BCB313EFB5E5}C:\program files (x86)\squareenix\final fantasy xiv - a realm reborn (beta version)\game\ffxiv.exe] => (Allow) C:\program files (x86)\squareenix\final fantasy xiv - a realm reborn (beta version)\game\ffxiv.exeFirewallRules: [TCP Query User{1E2D9B54-293F-4957-8C79-3AB443278956}C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe] => (Block) C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exeFirewallRules: [uDP Query User{63289276-C741-4E66-ACA9-B07841DE132D}C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe] => (Block) C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exeFirewallRules: [{01079CA5-4967-4F4A-9555-E0645A54C935}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Addon.exeFirewallRules: [{717CA712-DFC8-4E7F-9F23-2A451EDDA777}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Addon.exeFirewallRules: [{76F32080-1CA7-4B54-88EB-3DA5FEE471A1}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exeFirewallRules: [{1EC65DA7-0DF2-4367-BD89-D6AA19E41505}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exeFirewallRules: [{5A9C25E6-B547-42C1-B43B-40E7C5C8C2F5}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dead Island\DeadIslandGame.exeFirewallRules: [{1DC2EA88-EAE1-469A-9825-E9CBB22B5165}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dead Island\DeadIslandGame.exeFirewallRules: [{770EB2AA-0137-40CD-99D3-34FD296A3538}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\FINAL FANTASY XI\polboot.exeFirewallRules: [{38AE48F6-3912-4A28-9596-8D31E6D191EB}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\FINAL FANTASY XI\polboot.exeFirewallRules: [{AD169DE3-FBCD-4B92-93B9-70852727642C}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\PlayOnlineViewer\polcfg\polcfg.exeFirewallRules: [{9862D61D-1714-4038-B84B-A74A4FE74FD5}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\PlayOnlineViewer\polcfg\polcfg.exeFirewallRules: [{6679A643-B0B5-485C-A5B9-658BAF8C01A5}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\FINAL FANTASY XI\ToolsUS\FINAL FANTASY XI Config.exeFirewallRules: [{1F2A398D-6EFF-4216-9301-F4966DEFF3BA}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\FINAL FANTASY XI\ToolsUS\FINAL FANTASY XI Config.exeFirewallRules: [{75646070-3858-4AD9-873E-BD1986FAE6A4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 5\Launcher.exeFirewallRules: [{26E013A2-DECF-46F7-95C9-A5A577FD61ED}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 5\Launcher.exeFirewallRules: [TCP Query User{365718C6-535B-42AF-97BC-E7AAB5CD65E9}B:\program files (x86)\steam\steamapps\common\ffxi\squareenix\playonlineviewer\pol.exe] => (Allow) B:\program files (x86)\steam\steamapps\common\ffxi\squareenix\playonlineviewer\pol.exeFirewallRules: [uDP Query User{68F78B55-22D9-405C-9871-4C4B621D443A}B:\program files (x86)\steam\steamapps\common\ffxi\squareenix\playonlineviewer\pol.exe] => (Allow) B:\program files (x86)\steam\steamapps\common\ffxi\squareenix\playonlineviewer\pol.exeFirewallRules: [{C456438E-204C-4378-9A3B-9F68E9BFDC6F}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exeFirewallRules: [{195F3DDD-971D-439E-B06C-8691B12BA731}] => (Block) D:\Program Files (x86)\Dragon Age 2\DragonAge2Launcher.exeFirewallRules: [{4A5D9913-367D-49BC-B3A2-1F64492752F8}] => (Block) D:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exeFirewallRules: [{9EC8B1CA-41FD-49DE-865A-8C8037B809D8}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exeFirewallRules: [{79D321E0-4814-4F43-9A4A-7B3A409B0F5E}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exeFirewallRules: [{539B84C4-4B12-419F-B191-1E8CA8566DB3}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Hitman Blood Money\HitmanBloodMoney.exeFirewallRules: [{A420BE28-DAAD-4B61-BBAC-A6BE953F316F}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Hitman Blood Money\HitmanBloodMoney.exeFirewallRules: [{40B3350E-65C9-4530-A9F8-E96A9C9A5E9F}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Hitman Blood Money\configure.exeFirewallRules: [{EC1B6336-DCDF-4464-8B37-7E86A7BB0AF5}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Hitman Blood Money\configure.exeFirewallRules: [TCP Query User{044543CB-E13B-4347-9491-90F55B3F310E}B:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) B:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exeFirewallRules: [uDP Query User{3C7642B3-6F67-47D3-B86C-D070276FD6D5}B:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) B:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exeFirewallRules: [{EFC9FE44-7D06-4BE6-8384-1BA34F13F6B1}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLClient.exeFirewallRules: [{8FDAF587-73DD-4A05-AC49-7B9C33854DA6}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLClient.exeFirewallRules: [{D61D8745-6203-45A8-8E82-51A8532BB5B4}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLClient.exeFirewallRules: [{8B2CFF0C-6066-4EAE-ABA9-E28F2EA1B46C}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLClient.exeFirewallRules: [{C8394A87-186C-4CFA-8B84-0E03BAC707A9}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exeFirewallRules: [{A23D0D5C-FD68-460D-937C-FD10616AFF39}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exeFirewallRules: [{1D0C3275-1406-4953-8EEF-A348203A4F3C}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exeFirewallRules: [{30A20519-6F08-4C9F-A83F-0FA0F82B815F}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exeFirewallRules: [{C83DE87A-259A-4879-BA8E-798A94BC475C}] => (Allow) LPort=3074FirewallRules: [{3FED296F-5794-4DAE-81D0-9DE273DA503B}] => (Allow) LPort=3074FirewallRules: [{22F63F75-3D02-4371-977E-8395C3DE8899}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\FUEL\GameSetup.exeFirewallRules: [{A5E9EA2F-677E-46CB-B3EF-73E391DCA9FB}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\FUEL\GameSetup.exeFirewallRules: [{82DC3AB2-6C54-4EB1-9546-2C981127598E}] => (Allow) C:\UDK\UDK-2013-07\Binaries\Win32\UDK.exeFirewallRules: [{9AEEEF37-EEEF-4E3B-90C0-E01C067FD138}] => (Allow) C:\UDK\UDK-2013-07\Binaries\Win32\UDK.exeFirewallRules: [{8D5D5214-590E-4D44-8BA8-BDD23D334FD2}] => (Allow) C:\UDK\UDK-2013-07\Binaries\Win64\UDK.exeFirewallRules: [{5F9FCB3D-AA41-4A47-8374-FB5113C65CD8}] => (Allow) C:\UDK\UDK-2013-07\Binaries\Win64\UDK.exeFirewallRules: [{04C357F6-25FA-4A46-ADC9-07A9A9C5EEEE}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\game_launcher.exeFirewallRules: [{6B134FD3-8562-4D52-9E0A-A9E88957EE81}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\game_launcher.exeFirewallRules: [{1ED0F717-5D4F-4A5A-ADD9-8439D8106D97}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exeFirewallRules: [{FC1BCF9D-F018-44CB-802B-9586A1C2C01B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exeFirewallRules: [{F2503AF5-08FF-426F-8EEE-13B522C9F508}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exeFirewallRules: [{C6B883B8-3695-4729-B8D0-4F367F3123C4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exeFirewallRules: [{1CE37F95-E946-4F44-9E24-EB970ECB9E33}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exeFirewallRules: [{727E61AE-68BF-47E9-9BD5-54B3CED8F96B}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exeFirewallRules: [{99FD66D9-DB0F-4455-B57C-E19CAFE11EB5}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exeFirewallRules: [{7C754A78-8FBC-4413-B14B-BCFE766E62E7}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exeFirewallRules: [{BBF7939F-8B33-43EB-A3E0-69E830ADC048}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exeFirewallRules: [{E891273A-6D31-45EA-A8F0-8C894ACEB4E7}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exeFirewallRules: [{3C487239-C168-4305-89CB-34CCE4A121B1}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exeFirewallRules: [{E4C2F5B9-C426-4297-807E-178F09865C21}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exeFirewallRules: [{C351DF30-4C0D-4A25-B189-58BFAB2DE9B4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exeFirewallRules: [{0C925FBC-1AC8-4EE2-AFB9-74ACE7180637}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exeFirewallRules: [{43DA3AA5-57D4-4E98-B0AD-F35C58AE850E}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exeFirewallRules: [{6D8C2515-C693-4EDC-85AC-A11A2DC96854}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exeFirewallRules: [{D75BD60F-624E-4ED5-A298-BC9F12988230}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exeFirewallRules: [{0D3018DB-60D5-4ADA-B0B1-B2D912EBA8E4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exeFirewallRules: [{4AAECCF7-7D68-4A93-B1DA-2C74C180CEAE}] => (Allow) B:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exeFirewallRules: [{658D1431-3C41-4211-9EB1-9653E36BAC2D}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exeFirewallRules: [{131A19C6-7A7C-4B2D-B86C-A41C29AE7C58}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exeFirewallRules: [{E3F84527-A229-487E-9271-30310A39EF38}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exeFirewallRules: [{E075DD9C-78BB-434A-94B0-DBE25ADF905B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exeFirewallRules: [{74559A37-F4CD-4976-9B55-26F915C86109}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Wanderlust Rebirth\Wanderlust.exeFirewallRules: [{EDCCB2B1-E076-4CCC-8410-20FD7FF6E5AC}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Wanderlust Rebirth\Wanderlust.exeFirewallRules: [{8A423AA5-A291-4666-AFAC-951CA390510B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exeFirewallRules: [{FBEED69C-1F0B-4FAB-AC1C-81CA0B5450F7}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exeFirewallRules: [{8EFC64E1-378B-4F5B-8E01-769A29A0EDBF}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exeFirewallRules: [{6E50C40E-8CC9-435C-B0E6-28CFEE23DC88}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exeFirewallRules: [{0C3CB4F8-AFB0-444A-871E-6F0C2733D667}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exeFirewallRules: [{D6F8712E-F3C3-4C09-9901-25463136BD0E}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exeFirewallRules: [{05222B9C-A19F-4658-9313-5CBB199714E7}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exeFirewallRules: [{935856F5-5856-42C6-B448-DB13671CE6C2}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exeFirewallRules: [{EAEB1C89-3C60-4715-A069-8D8EBE68A5B2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exeFirewallRules: [{B5AD338B-F147-4324-9552-F4074B43C994}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exeFirewallRules: [{4A052965-CEAA-4BAF-918A-FFE5C240245D}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exeFirewallRules: [{D995E0CC-F254-4AA0-9E2C-79E57BC6E790}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exeFirewallRules: [{7E59BF8C-17F4-487E-B59B-E2AC8ED62B8E}] => (Allow) B:\HappyCloud\Cache\TERA\TERA-Launcher.exeFirewallRules: [{C6C29A7A-09B6-48E6-8CB6-3CDEFAC64EF4}] => (Allow) B:\HappyCloud\Cache\TERA\TERA-Launcher.exeFirewallRules: [{017A6432-A059-4FC3-8217-DBC2729486E6}] => (Allow) B:\HappyCloud\Cache\TERA\Client\TL.exeFirewallRules: [{3753C25B-96E7-4E59-90F6-86D2AFCD8CC5}] => (Allow) B:\HappyCloud\Cache\TERA\Client\TL.exeFirewallRules: [{85821350-0116-45F6-92C2-513EE3115A0D}] => (Allow) B:\HappyCloud\Cache\TERA\Client\Binaries\TERA.exeFirewallRules: [{9CD6B736-A0DD-428F-ABF2-704FFAE07296}] => (Allow) B:\HappyCloud\Cache\TERA\Client\Binaries\TERA.exeFirewallRules: [{44FDFDB4-64FC-4C1B-AFC7-315EBEB845CC}] => (Allow) B:\Program Files (x86)\Tunngle\TnglCtrl.exeFirewallRules: [{647C1A99-754E-4C10-A4A6-949F1040FC17}] => (Allow) B:\Program Files (x86)\Tunngle\TnglCtrl.exeFirewallRules: [{8FCAFDBF-491C-434D-98E9-65244F7E5ABA}] => (Allow) B:\Program Files (x86)\Tunngle\Tunngle.exeFirewallRules: [{C923BFC2-BCF8-459C-92F6-C16917AF1FB0}] => (Allow) B:\Program Files (x86)\Tunngle\Tunngle.exeFirewallRules: [{D35D0206-36A6-4C88-BDB1-75AFC1B336E1}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Fable The Lost Chapters\Fable.exeFirewallRules: [{AAB65210-7A80-4694-8C52-7B4DEA1D9495}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Fable The Lost Chapters\Fable.exeFirewallRules: [{1858156E-22F3-45AD-A609-D6BB69200EEA}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exeFirewallRules: [{28E6E63E-9422-46AA-9512-BF9D3DCF4598}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exeFirewallRules: [{258A12F5-F848-4CA7-98B2-63FDF27C58D8}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicatorCom.exeFirewallRules: [{1E2F32A0-85F2-4988-8E61-86355A7D871B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exeFirewallRules: [{DDDA60AB-61ED-47B9-A1A4-1CD4E7CAFE74}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exeFirewallRules: [{146245B5-9E34-40F9-9EC3-38048C65924B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Wanderlust Rebirth\Wanderlust.exeFirewallRules: [{8A6EFE67-756A-4B80-9EE6-FB7BA73EF4DA}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Wanderlust Rebirth\Wanderlust.exeFirewallRules: [{FA135EB2-A519-4129-A65C-28A7A8A2A2F4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exeFirewallRules: [{B583E63B-BF93-407C-9E1F-52F5D44B1823}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exeFirewallRules: [{4CD6C8F2-DFBA-45D8-B5D6-7675528FE1CF}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exeFirewallRules: [{53F53383-7FF4-4E9E-801F-972042E24906}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exeFirewallRules: [{6AEFAE89-656B-477B-89BC-4291BA65E50E}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dungeons & Dragons HD\ManaGame.exeFirewallRules: [{CC7DC063-0F61-4CF5-A4EB-0AD7D3022AD4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dungeons & Dragons HD\ManaGame.exeFirewallRules: [{DA7A6BD1-F2C6-4AFF-B476-119C5E29E9CD}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exeFirewallRules: [{0992FFE1-8A4D-4D0E-9BC9-42709BBE7FF2}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exeFirewallRules: [{AD42EC6C-4F91-4DC5-8F27-981EBBEEC52C}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Outlast\OutlastLauncher.exeFirewallRules: [{A17BA2C8-A158-4C2A-94A6-3CD1B1A77E89}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Outlast\OutlastLauncher.exeFirewallRules: [{3982DF06-4928-4214-A48B-D199803EA44C}] => (Allow) B:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exeFirewallRules: [{C2906127-0048-4299-A39B-47E79F1C8FDA}] => (Allow) B:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exeFirewallRules: [{CAE4F26B-D994-497E-BC29-FB8E18017A52}] => (Allow) B:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exeFirewallRules: [{1E67896C-E930-4B1B-B6A3-6BC45F84F94C}] => (Allow) B:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exeFirewallRules: [{BEA4A2A4-F972-4437-BC84-ED42AABAC4FB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exeFirewallRules: [{BA19124F-F3E1-4609-A87C-7CBE9C3675DF}] => (Allow) B:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{58309F3D-E5D6-417F-8440-16A16839BC03}] => (Allow) B:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{8269DA63-AA42-4706-97E1-C52B7B734A4B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\FEAR Ultimate Shooter Edition\FEAR.exeFirewallRules: [{DFD0F6D5-7A7F-4088-A5F8-2DF8A62B2431}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\FEAR Ultimate Shooter Edition\FEAR.exeFirewallRules: [{58A11594-50C2-4268-95FB-4CD9864FB6DC}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exeFirewallRules: [{EC2927D9-F733-4643-AEDE-52BADF15B0B3}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exeFirewallRules: [{FE2A9504-A586-49E0-BBD5-66BFEDA10F7D}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exeFirewallRules: [{C7D9D0FD-88A6-4C17-B806-A098AD6FE3E1}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exeFirewallRules: [{5E7768E5-891C-4A9F-BF4F-310690D3256E}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dreamfall Chapters\Dreamfall Chapters.exeFirewallRules: [{985558EB-ED43-44A9-BED7-A4627578B9AA}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dreamfall Chapters\Dreamfall Chapters.exeFirewallRules: [{1A96ECAE-997C-4901-B9D6-4173EAE3EB1B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\mercenary_kings\MercenaryKings.exeFirewallRules: [{00C4CFB5-62D2-4770-8E22-105B6428A1CC}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\mercenary_kings\MercenaryKings.exeFirewallRules: [{B3D9347A-273B-49C0-843E-E2CFCCE81393}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\LEGO Harry Potter\LEGOHarryPotter.exeFirewallRules: [{4948E85C-11B7-49CD-ABDF-5E8787FA7224}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\LEGO Harry Potter\LEGOHarryPotter.exeFirewallRules: [{DB450417-B882-4BF6-A495-C8DF64008001}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exeFirewallRules: [{5B5DC907-A617-4313-B4E0-EEB9341E54E3}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exeFirewallRules: [{888C81B9-FFB2-49DA-B179-21A9A82D9077}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Five Nights at Freddy's 2\FiveNightsatFreddys2.exeFirewallRules: [{4C54B453-7F81-4E92-A550-1B418D004DF7}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Five Nights at Freddy's 2\FiveNightsatFreddys2.exeFirewallRules: [{FD520DFD-C895-4082-AC79-653A2836299F}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ToyboxTurbos\ToyboxTurbos.exeFirewallRules: [{1A557CE4-BF45-4031-B8AB-07A862BEDA6B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ToyboxTurbos\ToyboxTurbos.exeFirewallRules: [{F1BDDCB2-F2CF-4B06-8724-8F927CD8BB4A}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Alien Isolation\AI.exeFirewallRules: [{1CFAEFB4-AA0F-4EE5-9566-B1232C4F21DA}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Alien Isolation\AI.exeFirewallRules: [{8534D05D-159C-4D03-93B6-011F813730E2}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Passing Pineview Forest\.autorun\autorun.exeFirewallRules: [{1F4377DF-F880-461F-A5BE-C47F75E2CDFE}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Passing Pineview Forest\.autorun\autorun.exeFirewallRules: [{A498BF04-672C-429A-981A-2EDD75C08A5A}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\SplitSecond\SplitSecond.exeFirewallRules: [{AE699747-22E8-497C-AD8A-6D9DCE597A15}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\SplitSecond\SplitSecond.exeFirewallRules: [{A0F35B38-2E51-48B6-B6CF-2E7A41357EA0}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Distance\Distance.exeFirewallRules: [{75C6CB5F-398E-417A-AFF9-7B60C4216449}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Distance\Distance.exeFirewallRules: [{5C80401F-F576-4103-9D1C-553F35F53FB0}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\swkotor\swkotor.exeFirewallRules: [{DBFA32B0-3F07-46D2-B525-06D6D3B77560}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\swkotor\swkotor.exeFirewallRules: [{049B6EAE-6575-441A-A2CB-A15DB194BDED}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exeFirewallRules: [{37C2099A-7654-4185-9CFD-69F7414DAF6B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exeFirewallRules: [{01253A71-C2CA-4B8E-B17A-11885E219927}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Addon.exeFirewallRules: [{3E88BDA0-6620-46E5-BAEB-A80DE47744CA}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Addon.exeFirewallRules: [{A49ECEB6-D69B-4246-B9CF-CE2FAD35D1D8}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Anno4.exeFirewallRules: [{27069769-7FE5-4002-A802-EC28AE33FC32}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Anno4.exeFirewallRules: [{49B78589-16E2-48CF-9A0C-0E4198BBE0D5}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Black Mirror\agds.exeFirewallRules: [{4046F9ED-3871-4635-B6A0-C723F045457F}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Black Mirror\agds.exeFirewallRules: [{C0400064-F8E2-45AF-9EC9-1B575F1840C3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exeFirewallRules: [{ECE018F0-BD53-4C9F-92CB-F4A2D5336855}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exeFirewallRules: [{915A8720-6333-49AF-A31D-513626E040F3}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exeFirewallRules: [{B1DAD169-BBDD-4A98-9AC9-5758908067E9}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exeFirewallRules: [{17D81F1C-2E97-4D10-B46B-6514E12E4E28}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 5\Launcher.exeFirewallRules: [{592AFAC1-8563-4BE3-A06F-15554A7E8E32}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 5\Launcher.exeFirewallRules: [{D30AF40C-0BEE-4289-B1E0-791173C21035}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exeFirewallRules: [{4D4EF1E5-A4AC-4CEC-B359-DE70EE03FA44}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exeFirewallRules: [{25A3FBC2-CF47-41AB-97B9-5E007BA74929}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exeFirewallRules: [{BC11BF69-CFF8-4445-8275-083AC80AADD3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exeFirewallRules: [{0B7DD490-225B-448F-B6DB-7B707CBC6FBD}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exeFirewallRules: [{298A7D7D-9536-4163-9EF3-E4F218DE37E5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exeFirewallRules: [{36FED665-59D1-4418-93BC-1CD9CF4A7BB6}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exeFirewallRules: [{F54212C1-8CE5-4B5D-BD8C-8F75A1F62588}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exeFirewallRules: [{9AF1DF27-4143-49C5-9916-8B6C5779C846}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeFirewallRules: [{5E22BB6A-95C1-4C13-A554-4B50DD2F52CA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeFirewallRules: [{859F9458-5EFE-47AB-ACFC-E32C23B348CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeFirewallRules: [{222D5C78-6DD5-4EC1-9275-3F8AB742AC94}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeFirewallRules: [{4FEFC68E-B309-44C1-AB03-25199CF2FE93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exeFirewallRules: [{135192FF-9A50-4B1C-9571-F789D69FD6B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exeFirewallRules: [{9D5CC43B-0EC9-4EA9-8D32-ADF4B8CBCDEB}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\D4 Dark Dreams Don't Die\D4.exeFirewallRules: [{031A476B-CFF1-407E-BA28-36CBC3549E75}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\D4 Dark Dreams Don't Die\D4.exeFirewallRules: [{BD01E4A9-111D-4684-AE8A-048BDC18042A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exeFirewallRules: [{151CA7D8-612A-4E79-9B6E-8BF7F35AC958}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exeFirewallRules: [{6D6533A3-DA0C-4DC1-A80C-AA85E3CBBC02}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exeFirewallRules: [{8B4C85A9-BD15-430A-BC78-6B5FF7E1E6A8}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exeFirewallRules: [{5154A152-6989-4AC6-A297-7FE24B0D849B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (07/17/2015 08:36:29 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: CorsairLINK_HardwareMonitor.exe, version: 2.4.5110.41697, time stamp: 0x520168cfFaulting module name: UsbClink.dll, version: 0.0.0.0, time stamp: 0x532b0b2eException code: 0xc0000005Fault offset: 0x00001874Faulting process id: 0x2494Faulting application start time: 0xCorsairLINK_HardwareMonitor.exe0Faulting application path: CorsairLINK_HardwareMonitor.exe1Faulting module path: CorsairLINK_HardwareMonitor.exe2Report Id: CorsairLINK_HardwareMonitor.exe3 Error: (07/17/2015 08:36:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (07/17/2015 08:30:21 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: CorsairLINK_HardwareMonitor.exe, version: 2.4.5110.41697, time stamp: 0x520168cfFaulting module name: UsbClink.dll, version: 0.0.0.0, time stamp: 0x532b0b2eException code: 0xc0000005Fault offset: 0x00001874Faulting process id: 0x1f7cFaulting application start time: 0xCorsairLINK_HardwareMonitor.exe0Faulting application path: CorsairLINK_HardwareMonitor.exe1Faulting module path: CorsairLINK_HardwareMonitor.exe2Report Id: CorsairLINK_HardwareMonitor.exe3 Error: (07/17/2015 08:30:20 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (07/17/2015 01:27:56 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: CorsairLINK_HardwareMonitor.exe, version: 2.4.5110.41697, time stamp: 0x520168cfFaulting module name: UsbClink.dll, version: 0.0.0.0, time stamp: 0x532b0b2eException code: 0xc0000005Fault offset: 0x00001874Faulting process id: 0xae4Faulting application start time: 0xCorsairLINK_HardwareMonitor.exe0Faulting application path: CorsairLINK_HardwareMonitor.exe1Faulting module path: CorsairLINK_HardwareMonitor.exe2Report Id: CorsairLINK_HardwareMonitor.exe3 Error: (07/17/2015 01:27:55 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (07/17/2015 01:21:36 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: CorsairLINK_HardwareMonitor.exe, version: 2.4.5110.41697, time stamp: 0x520168cfFaulting module name: UsbClink.dll, version: 0.0.0.0, time stamp: 0x532b0b2eException code: 0xc0000005Fault offset: 0x00001874Faulting process id: 0x18bcFaulting application start time: 0xCorsairLINK_HardwareMonitor.exe0Faulting application path: CorsairLINK_HardwareMonitor.exe1Faulting module path: CorsairLINK_HardwareMonitor.exe2Report Id: CorsairLINK_HardwareMonitor.exe3 Error: (07/17/2015 01:21:35 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (07/17/2015 01:15:18 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: CorsairLINK_HardwareMonitor.exe, version: 2.4.5110.41697, time stamp: 0x520168cfFaulting module name: UsbClink.dll, version: 0.0.0.0, time stamp: 0x532b0b2eException code: 0xc0000005Fault offset: 0x00001874Faulting process id: 0x10bcFaulting application start time: 0xCorsairLINK_HardwareMonitor.exe0Faulting application path: CorsairLINK_HardwareMonitor.exe1Faulting module path: CorsairLINK_HardwareMonitor.exe2Report Id: CorsairLINK_HardwareMonitor.exe3 Error: (07/17/2015 01:15:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() System errors:=============Error: (07/17/2015 12:33:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Perforce service terminated unexpectedly. It has done this 1 time(s). Error: (07/17/2015 12:32:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The COMODO LPS Launcher service terminated unexpectedly. It has done this 1 time(s). Error: (07/17/2015 12:32:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The GeekBuddyRSP Server service failed to start due to the following error: %%2 Error: (07/17/2015 12:32:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )Description: The GeekBuddyRSP Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error: (07/17/2015 12:32:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )Description: The GeekBuddyRSP Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error: (07/17/2015 12:31:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )Description: The GeekBuddyRSP Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error: (07/17/2015 12:31:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/17/2015 12:31:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The COMODO Dragon Update Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/17/2015 12:30:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The DAZ Content Management Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/16/2015 11:38:46 PM) (Source: BROWSER) (EventID: 8032) (User: )Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{7080868E-95F9-4F1F-B94D-C56E65B7BC23}.The backup browser is stopping. Microsoft Office:=========================Error: (07/17/2015 08:36:29 AM) (Source: Application Error) (EventID: 1000) (User: )Description: CorsairLINK_HardwareMonitor.exe2.4.5110.41697520168cfUsbClink.dll0.0.0.0532b0b2ec000000500001874249401d0c08d314651bcC:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exeC:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll71e905df-2c80-11e5-b44c-3085a999135a Error: (07/17/2015 08:36:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (07/17/2015 08:30:21 AM) (Source: Application Error) (EventID: 1000) (User: )Description: CorsairLINK_HardwareMonitor.exe2.4.5110.41697520168cfUsbClink.dll0.0.0.0532b0b2ec0000005000018741f7c01d0c08c57a37670C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exeC:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll968c8d3b-2c7f-11e5-b44c-3085a999135a Error: (07/17/2015 08:30:20 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (07/17/2015 01:27:56 AM) (Source: Application Error) (EventID: 1000) (User: )Description: CorsairLINK_HardwareMonitor.exe2.4.5110.41697520168cfUsbClink.dll0.0.0.0532b0b2ec000000500001874ae401d0c05155855367C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exeC:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll93bf62f2-2c44-11e5-b44c-3085a999135a Error: (07/17/2015 01:27:55 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (07/17/2015 01:21:36 AM) (Source: Application Error) (EventID: 1000) (User: )Description: CorsairLINK_HardwareMonitor.exe2.4.5110.41697520168cfUsbClink.dll0.0.0.0532b0b2ec00000050000187418bc01d0c05073149dfaC:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exeC:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dllb13f921d-2c43-11e5-b44c-3085a999135a Error: (07/17/2015 01:21:35 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (07/17/2015 01:15:18 AM) (Source: Application Error) (EventID: 1000) (User: )Description: CorsairLINK_HardwareMonitor.exe2.4.5110.41697520168cfUsbClink.dll0.0.0.0532b0b2ec00000050000187410bc01d0c04f91ca1d5cC:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exeC:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dllcff1b613-2c42-11e5-b44c-3085a999135a Error: (07/17/2015 01:15:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() CodeIntegrity Errors:=================================== Date: 2014-08-02 23:45:41.913 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\tcpip.sys\538490D2274000\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-02 23:45:41.884 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\tcpip.sys\538490D2274000\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-02 23:45:41.861 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\tcpip.sys\538490D2274000\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-02 23:45:41.358 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\dumpfve.sys\530894B816000\dumpfve.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-02 23:45:41.357 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\dumpfve.sys\530894B816000\dumpfve.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-02 23:45:41.356 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\dumpfve.sys\530894B816000\dumpfve.sys because the set of per-page image hashes could not be found on the system. Date: 2013-06-04 22:21:03.782 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system. Date: 2013-06-04 22:21:03.742 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system. Date: 2013-06-04 22:21:03.703 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system. Date: 2013-06-04 22:20:22.912 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_54ffd942dc23dbc0\bcrypt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel® Core i5-2500K CPU @ 3.30GHzPercentage of memory in use: 37%Total physical RAM: 8137.53 MBAvailable physical RAM: 5108.58 MBTotal Virtual: 16273.27 MBAvailable Virtual: 11836.43 MB==================== Drives ================================Drive b: (Data) (Fixed) (Total:931.51 GB) (Free:103.2 GB) NTFSDrive c: () (Fixed) (Total:111.69 GB) (Free:3.12 GB) NTFSDrive d: (Old Data) (Fixed) (Total:465.76 GB) (Free:17.72 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive e: (Dragon.Age.Inqui) (CDROM) (Total:0.38 GB) (Free:0 GB) CDFSDrive f: (LaptopOS) (Fixed) (Total:186.3 GB) (Free:1.05 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive g: (LaptopDATA) (Fixed) (Total:254.46 GB) (Free:19.88 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: A4A94588)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS) ========================================================Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 496B9619)Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)Partition 2: (Active) - (Size=186.3 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=254.5 GB) - (Type=07 NTFS) ========================================================Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 80BAE060)Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS) ========================================================Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 39358499)Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)==================== End of log ============================ -
"Your system is not fully protected" possibly infected
calypso9 replied to calypso9's topic in Resolved Malware Removal Logs
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015 Running from B:\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-831873670-1328612798-2367821417-500 - Administrator - Disabled) Dizzle (S-1-5-21-831873670-1328612798-2367821417-1000 - Administrator - Enabled) => C:\Users\Dizzle Guest (S-1-5-21-831873670-1328612798-2367821417-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-831873670-1328612798-2367821417-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Comodo Defense+ (Disabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC} FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Advanced Combat Tracker (remove only) (HKLM-x32\...\Advanced Combat Tracker) (Version: - ) Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version: - Creative Assembly) American McGee presents Scrapland (HKLM-x32\...\{20D9C678-A895-4F76-8AC2-22EDFF5F9C91}) (Version: - ) ANNO 1404 - Venice (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.01.5010 - Ubisoft) ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.03.0000 - Ubisoft) Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden Anno 1404: Venice (HKLM-x32\...\Steam App 33350) (Version: - Blue Byte) Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology) AVer MediaCenter 3D (HKLM-x32\...\InstallShield_{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}) (Version: 1.7.9 - AVerMedia Technologies, Inc.) AVer MediaCenter 3D (x32 Version: 1.7.9 - AVerMedia Technologies, Inc.) Hidden AVerMedia C027 PCIe HD Capture Device 1.52.64.37 (HKLM-x32\...\AVerMedia C027 PCIe HD Capture Device) (Version: 1.52.64.37 - AVerMedia TECHNOLOGIES, Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios) Black Mirror (HKLM-x32\...\Steam App 292930) (Version: - Future Games) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) calibre (HKLM-x32\...\{ABCDCEDE-BB81-4169-8A5B-3776D7DBCDC5}) (Version: 1.42.0 - Kovid Goyal) CameraHelperMsi (x32 Version: 13.40.836.0 - Logitech) Hidden Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo) COMODO Firewall (HKLM\...\{A0BABADE-E154-4F08-97A1-2903CD110E88}) (Version: 6.2.20728.2847 - COMODO Security Solutions Inc.) Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.6.5214 - Corsair) Corsair Link USB Dongle (Driver Removal) (HKLM-x32\...\CMIUSB&1B1C&1C00) (Version: - Corsair Memory, Inc.) D4: Dark Dreams Don't Die (HKLM-x32\...\Steam App 358090) (Version: - Access Games) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd) Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware) DAZ Content Management Service (HKLM-x32\...\DAZ Content Management Service 4.8.1.7) (Version: 4.8.1.7 - DAZ 3D) DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.0.1.115) (Version: 1.0.1.115 - DAZ 3D) Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland) Disney Toontown Online (HKLM-x32\...\Disney Toontown Online) (Version: - Walt Disney Internet Group) Distance (HKLM-x32\...\Steam App 233610) (Version: - Refract) Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden Dragon Age Inquisition (HKLM-x32\...\Dragon Age Inquisition_is1) (Version: 1.0.0.0 - Релиз от R.G. Steamgames) Dreamfall Chapters (HKLM-x32\...\Steam App 237850) (Version: - Red Thread Games) Dungeons & Dragons: Chronicles of Mystara (HKLM-x32\...\Steam App 229480) (Version: - Iron Galaxy Studios) Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation) Epic Games Launcher (HKLM\...\{8727C279-A122-40B8-8ACA-271E1809DAA5}) (Version: 1.1.23.0 - Epic Games, Inc.) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden F.E.A.R. (HKLM-x32\...\Steam App 21090) (Version: - Monolith Productions, Inc.) Fable - The Lost Chapters (HKLM-x32\...\Steam App 204030) (Version: - Lionhead Studios) Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment) FINAL FANTASY XI (HKLM-x32\...\Steam App 23390) (Version: - SQUARE ENIX, INC.) FINAL FANTASY XI Seekers of Adoulin (x32 Version: 1.50.0 - SQUARE ENIX CO., LTD.) Hidden FINAL FANTASY XI: Seekers of Adoulin (HKLM-x32\...\InstallShield_{E86A33A7-6C77-48F3-9D72-2D8F4C1AD5AC}) (Version: 1.50.0 - SQUARE ENIX CO., LTD.) FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.) Five Nights at Freddy's 2 (HKLM-x32\...\Steam App 332800) (Version: - Scott Cawthon) FUEL (HKLM-x32\...\Steam App 12800) (Version: - Asobo Studio SARL) Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games) GeekBuddy (HKLM-x32\...\{8402D61C-609B-4FA3-B86D-21868D850821}) (Version: 4.19.137 - Comodo Security Solutions Inc) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) GUILTY GEAR X2 #RELOAD (HKLM-x32\...\{6984297D-54B4-47F2-B160-D40C305756AF}) (Version: 01.00.0001 - Arc System Works Co., Ltd.) Happy Cloud Client (HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.) Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version: - IO Interactive) HP Photosmart Plus B210 series Basic Device Software (HKLM\...\{5B17980C-5C44-45D0-80A5-665FD9E776A9}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.2.0.001 - HTC Corporation) HTC Sync Manager (HKLM-x32\...\{5002C5B1-B688-474A-AB3A-9B65DBD38FF9}) (Version: 2.0.60.0 - HTC) IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - ) Intel® Network Connections 17.1.55.0 (HKLM\...\PROSetDX) (Version: 17.1.55.0 - Intel) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation) Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden Lego Harry Potter (HKLM-x32\...\Steam App 21130) (Version: - TT Games) LEGO® Worlds (HKLM-x32\...\Steam App 332310) (Version: - TT Games) Livestream Procaster (HKLM-x32\...\{68E4C751-272B-44E1-94C7-4E1FDC40F7DA}) (Version: 20.3.25 - Procaster) Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version: - ) LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.40 - Logitech Inc.) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.236 - LogMeIn, Inc.) Hidden LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Mercenary Kings (HKLM-x32\...\Steam App 218820) (Version: - Tribute Games Inc.) METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version: - Kojima Productions) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation) Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio Premium 2012 (HKLM-x32\...\{ddf0bb95-e254-447e-8472-3470057d9c7e}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation) Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation) Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig) Mumble 1.3.0 (HKLM\...\{C1F5A0BB-2117-4609-90A0-D42DD66A3AE3}) (Version: 1.3.0 - The Mumble team) NiGHTS into Dreams... (HKLM-x32\...\Steam App 219950) (Version: - SEGA) Nosgoth (HKLM-x32\...\Steam App 200110) (Version: - Psyonix) NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation) NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation) NVIDIA Graphics Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Outlast (HKLM-x32\...\Steam App 238320) (Version: - Red Barrels) Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - ) PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version: - Mine Loader Software Co., Ltd.) Passing Pineview Forest (HKLM-x32\...\Steam App 331120) (Version: - VIS - Visual Imagination Software) PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - ) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Perforce Server Components (HKLM\...\{E320C837-5868-411C-B0B6-BDB74BFD628D}) (Version: 122.55.1823 - Perforce Software) Perforce Visual Components (HKLM\...\{C9C04584-E48A-41D9-A069-85E4C309DA9B}) (Version: 122.52.8133 - Perforce Software) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.) Resident Evil 5 (HKLM-x32\...\Steam App 21690) (Version: - Capcom) Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) <==== ATTENTION! Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition) SDK Debuggers (x32 Version: 8.59.29746 - Microsoft Corporation) Hidden SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version: - ) SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) Sniper Ghost Warrior 2 (HKLM-x32\...\Steam App 34870) (Version: - City Interactive) Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital) Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform) Split/Second (HKLM-x32\...\Steam App 297860) (Version: - Black Rock Studio) Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version: - BioWare) Starbound (HKLM-x32\...\Steam App 211820) (Version: - ) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) TeamSpeak 3 Client (HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH) TERA (HKLM-x32\...\{A2S166A0-F031-4E27-A057-C69733219434}_is1) (Version: 19.04.02.03.hf3 - Gameforge Productions GmbH) TERA (HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\teraenmasse) (Version: - ) The Secret World (HKLM-x32\...\Steam App 215280) (Version: - Funcom) Toybox Turbos (HKLM-x32\...\Steam App 287260) (Version: - Codemasters) Transmission-Qt (HKLM-x32\...\8538E49A-6FE5-4FDB-8649-922BB839F21F) (Version: 2.77 - transmissionbt.com) Trillian (HKLM-x32\...\Trillian) (Version: - Cerulean Studios, LLC) Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) Unreal Development Kit: 2013-07 (HKLM\...\UDK-8b67ad02-5d78-45bc-aee2-6ffdf9a24bf1) (Version: - Epic Games, Inc.) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Valkyria Chronicles™ (HKLM-x32\...\Steam App 294860) (Version: - SEGA) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Wanderlust: Rebirth (HKLM-x32\...\Steam App 211580) (Version: - Yeti Trunk) WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation) WildStar (HKLM-x32\...\WildStar) (Version: - NCSOFT) Windower (HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Windower) (Version: 4.0.0.0 - Windower Team) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) XSplit Broadcaster (HKLM-x32\...\{6459F338-FE52-4034-BCA7-74772DA0F24D}) (Version: 1.3.1403.1202 - SplitMediaLabs) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 08-07-2015 08:27:09 Windows Update 11-07-2015 12:07:16 Windows Update 15-07-2015 03:00:27 Windows Update 16-07-2015 03:00:21 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {170BA68F-54E9-4049-AF4A-C9A013F8A127} - System32\Tasks\{6711B8B4-95FB-4B77-BE0E-1C90BA227CE4} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/en/go/help.faq.installer?source=lightinstaller&LastError=1603 Task: {472A178E-B0F2-4AD0-8B2B-4F34A823FFED} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe Task: {5016A974-3F87-4AAD-A48C-648048F180D1} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe [2014-04-11] () Task: {534305C1-87EE-4E1B-8D1C-65492FB4CD2E} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-01-30] (COMODO) Task: {5F804C1E-284F-495E-811B-0F9FF8C8EA16} - System32\Tasks\{8B04A503-2D21-45AE-90F6-B43A22640F80} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/en/go/help.faq.installer?source=lightinstaller&LastError=1603 Task: {658BD800-814B-45A1-BF7E-72EA6EEDB3A6} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-01-30] (COMODO) Task: {7534948D-3533-43DF-AC0F-21A8A20816F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-27] (Google Inc.) Task: {7DDE16C2-A988-44C4-BB64-E8AC9558C811} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe Task: {82756ACE-B82E-4380-9DCB-1A9592BDF8B4} - System32\Tasks\{7FDC376D-4F77-4A5F-BF0A-89231E4AE9B2} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/en/go/help.faq.installer?source=lightinstaller&LastError=1603 Task: {8752F403-B560-495D-8C8B-FBDFFB12F8FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-15] (Adobe Systems Incorporated) Task: {88379660-06F8-4707-8CBB-6B4569EDE367} - System32\Tasks\Start CorsairLINK Hardware Monitor => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exe [2013-08-06] (Corsair Components, Inc.) Task: {8D88D503-AA77-47C6-BBCD-3C1F0723DACD} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe Task: {9BB86C39-FFC5-489E-8562-2A37099B29F1} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-01-30] (COMODO) Task: {A4377106-E965-4191-89B7-63049738C85E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated) Task: {A9A11509-8221-49FE-AB2F-94FD54BEE7C0} - System32\Tasks\AdobeAAMUpdater-1.0-Bubuputer-Dizzle => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {A9C5F716-8977-478A-B2E0-086C5E6E8AF5} - System32\Tasks\{D3D7B18F-963D-4FB0-B551-AEFFCE08815F} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/en/go/help.faq.installer?source=lightinstaller&LastError=1603 Task: {C23E9A0B-1F30-4DEC-8557-70916DBC0572} - System32\Tasks\{FA51CEC3-541C-4125-B535-1D5906172B0C} => Firefox.exe http://ui.skype.com/ui/0/6.6.60.106/en/abandoninstall?page=tsMain Task: {D2019788-B40D-4D9C-8D88-289CE5D7C4D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-27] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-07-02 16:12 - 2015-06-17 02:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-03-10 15:20 - 2011-04-01 22:52 - 00403456 _____ () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe 2013-03-10 15:20 - 2010-01-06 03:43 - 00155648 _____ () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe 2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2013-03-10 15:20 - 2012-06-10 02:33 - 00053248 _____ () C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL 2015-07-02 16:13 - 2015-06-17 05:10 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2013-03-12 17:10 - 2015-04-16 13:40 - 00776192 _____ () B:\Program Files (x86)\Steam\SDL2.dll 2015-01-31 12:44 - 2015-04-22 22:16 - 04962816 _____ () B:\Program Files (x86)\Steam\v8.dll 2015-01-31 12:44 - 2015-04-22 22:16 - 01556992 _____ () B:\Program Files (x86)\Steam\icui18n.dll 2015-01-31 12:44 - 2015-04-22 22:16 - 01187840 _____ () B:\Program Files (x86)\Steam\icuuc.dll 2014-05-24 18:32 - 2015-06-04 14:56 - 02407104 _____ () B:\Program Files (x86)\Steam\video.dll 2014-08-29 18:09 - 2014-12-01 17:31 - 02396672 _____ () B:\Program Files (x86)\Steam\libavcodec-56.dll 2014-08-29 18:09 - 2014-12-01 17:31 - 00442880 _____ () B:\Program Files (x86)\Steam\libavutil-54.dll 2014-08-29 18:09 - 2014-12-01 17:31 - 00479744 _____ () B:\Program Files (x86)\Steam\libavformat-56.dll 2014-08-29 18:09 - 2014-12-01 17:31 - 00332800 _____ () B:\Program Files (x86)\Steam\libavresample-2.dll 2014-08-29 18:09 - 2014-12-01 17:31 - 00485888 _____ () B:\Program Files (x86)\Steam\libswscale-3.dll 2013-02-25 08:39 - 2015-06-04 14:56 - 00703168 _____ () B:\Program Files (x86)\Steam\bin\chromehtml.DLL 2011-11-11 15:08 - 2011-11-11 15:08 - 02145304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll 2011-11-11 15:08 - 2011-11-11 15:08 - 07956504 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll 2011-11-11 15:08 - 2011-11-11 15:08 - 00342552 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll 2011-11-11 15:08 - 2011-11-11 15:08 - 00029208 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll 2011-11-11 15:08 - 2011-11-11 15:08 - 00128536 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll 2013-02-19 12:48 - 2015-05-11 15:01 - 36302728 _____ () B:\Program Files (x86)\Steam\bin\libcef.dll 2013-05-17 12:22 - 2013-05-17 12:22 - 00030056 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll 2013-05-17 12:22 - 2013-05-17 12:22 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll 2013-05-17 12:22 - 2013-05-17 12:22 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll 2013-05-17 12:22 - 2013-05-17 12:22 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll 2013-05-17 12:23 - 2013-05-17 12:23 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll 2013-05-17 12:27 - 2013-05-17 12:27 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll 2014-10-18 05:19 - 2014-10-18 05:19 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll 2013-03-06 02:15 - 2012-02-01 17:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvapi64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvaudcap64v.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvcuda.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvcuvid.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvd3dumx.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvdispco6435330.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvdispgenco6435330.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvEncodeAPI64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\NvFBC64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvhdagenco6420103.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvhdap64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\NvIFR64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\NvIFROpenGL.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvinitx.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvoglshim64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvoglv64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvopencl.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvumdshimx.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvvsvc.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvwgf2umx.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\OpenCL.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdvidcrl.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wksprt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvaudcap32v.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvcompiler.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvcuda.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvcuvid.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvd3dum.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvEncodeAPI.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\NvFBC.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\NvIFR.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\NvIFROpenGL.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvinit.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvoglshim32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvoglv32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvopencl.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvStreaming.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvumdshim.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvwgf2um.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rdvidcrl.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\amdkmpfd.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\MpFilter.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\NisDrvWFP.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\nvhda64v.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\nvlddmkm.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\nvvad64v.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\033115wo.mp3:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150610_100525.png:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150614_031108(1).png:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150614_031108(1).png:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150614_031108.png:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150614_031108.png:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150615_175619.png:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150615_175619.png:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150618_162440.png:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150619_183529.png:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150619_183529.png:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Adoption Application.fb:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\EpicGamesLauncherInstaller-2.0.0-2465596.msi:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\EpicGamesLauncherInstaller-2.0.0-2465596.msi:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\fceux-2.2.2-win32.zip:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Gw2Setup.exe:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\Gw2Setup.exe:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0098.jpg:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0105(1).jpg:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0105(1).jpg:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0105.jpg:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0105.jpg:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0130.jpg:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0130.jpg:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\photo_1431877536842.jpg:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Screenshot_2015-04-27-15-43-28.png:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Screenshot_2015-06-19-09-27-15.png:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\Screenshot_2015-06-19-09-27-15.png:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\SkypeSetup(1).exe:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\SkypeSetup(1).exe:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Stone Cold Mania 31 Unused Entrance (360p).mp4:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\Stone Cold Mania 31 Unused Entrance (360p).mp4:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Takeshi's Challenge.nes:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Takeshi's Challenge.nes.part:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\Untitled.webm:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\Untitled.webm:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\vine.mp4:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Warcraft Movie Trailer from Comic-Con (Leaked) (360p).mp4:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\watching a shitposter.gif:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Zodiac.Glass.exe:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\Zodiac.Glass.exe:$CmdZnID ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-831873670-1328612798-2367821417-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dizzle\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.254 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" -
Hello, I was referred to this forum from here: https://forums.malwarebytes.org/index.php?/topic/170594-your-system-is-not-fully-protected-with-premium-license/ Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015Running from B:\DownloadsPlatform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: FF)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe(Valve Corporation) B:\Program Files (x86)\Steam\Steam.exe(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe(Microsoft Corporation) C:\Windows\System32\StikyNot.exe(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Microsoft Corporation) C:\Windows\System32\cmd.exe(Valve Corporation) B:\Program Files (x86)\Steam\bin\steamwebhelper.exe(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.201.1937.0.exe(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297624 2015-01-30] (COMODO)HKLM\...\Run: [intelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-07-02] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => "B:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-startHKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)HKLM-x32\...\Run: [tvncontrol] => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slaveHKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-07-14] (Oracle Corporation)HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [steam] => "B:\Program Files (x86)\Steam\steam.exe" -silentHKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [AdobeBridge] => [X]HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [HP Photosmart Plus B210 series (NET)] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [speccy] => C:\Program Files\Speccy\Speccy64.exe [6903064 2014-04-11] (Piriform Ltd)HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-29] (Skype Technologies S.A.)HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\MountPoints2: H - H:\HTC_Sync_Manager_PC.exeHKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\MountPoints2: {7bb8d282-d110-11e2-862f-3085a999135a} - G:\HTC_Sync_Manager_PC.exeHKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\MountPoints2: {d41bb265-16a5-11e4-a8eb-3085a999135a} - H:\HTC_Sync_Manager_PC.exeHKU\S-1-5-21-831873670-1328612798-2367821417-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2013-03-10]ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2013-03-10]ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2013-07-19]ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)ShellIconOverlayIdentifiers: [P4EXPCheckoutOverlay] -> {80E008A4-EAE7-4867-AEB0-1A245F070F25} => B:\Program Files\Perforce\p4exp64.dll [2012-09-24] (Perforce Software Inc.)ShellIconOverlayIdentifiers: [P4EXPSyncdOverlay] -> {ADF262C1-E8FE-49BE-AD63-F77CD4A6CCD9} => B:\Program Files\Perforce\p4exp64.dll [2012-09-24] (Perforce Software Inc.)ShellIconOverlayIdentifiers: [P4EXPUpdateOverlay] -> {C550CDA2-37D7-4838-A9D7-65ECB1EB5AB2} => B:\Program Files\Perforce\p4exp64.dll [2012-09-24] (Perforce Software Inc.)ShellIconOverlayIdentifiers-x32: [P4EXPCheckoutOverlay] -> {80E008A4-EAE7-4867-AEB0-1A245F070F25} => B:\Program Files\Perforce\p4exp.dll [2012-09-24] (Perforce Software Inc.)ShellIconOverlayIdentifiers-x32: [P4EXPSyncdOverlay] -> {ADF262C1-E8FE-49BE-AD63-F77CD4A6CCD9} => B:\Program Files\Perforce\p4exp.dll [2012-09-24] (Perforce Software Inc.)ShellIconOverlayIdentifiers-x32: [P4EXPUpdateOverlay] -> {C550CDA2-37D7-4838-A9D7-65ECB1EB5AB2} => B:\Program Files\Perforce\p4exp.dll [2012-09-24] (Perforce Software Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-831873670-1328612798-2367821417-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehpBHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-14] (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-14] (Oracle Corporation)Tcpip\Parameters: [DhcpNameServer] 192.168.1.254Tcpip\..\Interfaces\{4CFF9ACD-4148-48D2-8608-1C80DEEAAA3A}: [NameServer] 156.154.70.22,156.154.71.22Tcpip\..\Interfaces\{7080868E-95F9-4F1F-B94D-C56E65B7BC23}: [DhcpNameServer] 192.168.1.254Tcpip\..\Interfaces\{BAFDD336-E8D6-4706-98F8-D40E24003D6B}: [DhcpNameServer] 7.254.254.254 FireFox:========FF ProfilePath: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.defaultFF DefaultSearchEngine.US: GoogleFF SelectedSearchEngine: Ixquick HTTPSFF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-14] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-14] (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-02] (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-02] (NVIDIA Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)FF Plugin HKU\S-1-5-21-831873670-1328612798-2367821417-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)FF Plugin HKU\S-1-5-21-831873670-1328612798-2367821417-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-12-28] ()FF SearchPlugin: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\searchplugins\ixquick-https.xml [2015-07-16]FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\donottrackplus@abine.com [2014-01-23]FF Extension: Firefogg - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\firefogg@firefogg.org [2015-02-06]FF Extension: MaskMe - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\idme@abine.com [2015-06-06]FF Extension: Shumway - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\shumway@research.mozilla.org [2015-07-15]FF Extension: FT DeepDark - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-06-28]FF Extension: Disconnect - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\2.0@disconnect.me.xpi [2014-04-27]FF Extension: Firebug - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\firebug@software.joehewitt.com.xpi [2013-06-19]FF Extension: MEGA - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\firefox@mega.co.nz.xpi [2015-02-12]FF Extension: Test Pilot - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-05-01]FF Extension: NoScript - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-09-25]FF Extension: Abduction! - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi [2014-06-24]FF Extension: Adblock Plus - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-07] Chrome: =======CHR Profile: C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-27]CHR Extension: (Google Drive) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-27]CHR Extension: (YouTube) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-27]CHR Extension: (Adblock Plus) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-06]CHR Extension: (Google Search) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-27]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-06]CHR Extension: (Google Wallet) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-27]CHR Extension: (Gmail) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-27] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [348160 2011-01-29] (AVerMedia) [File not signed]R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2015-01-30] (COMODO)S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2015-01-30] (COMODO)S2 DAZContentManagementService; B:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [22528 2011-05-05] () [File not signed]S2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-07-02] (NVIDIA Corporation)R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-07-16] (Malwarebytes Corporation)S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-07-16] (Malwarebytes Corporation)R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-07-02] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-07-02] (NVIDIA Corporation)R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]S2 Perforce; B:\Program Files\Perforce\Server\p4s.exe [3455104 2012-11-09] (Perforce Software Inc.)S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]S3 TunngleService; B:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)S2 CLPSLauncher; "C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe" [X]S2 GeekBuddyRSP; "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service [X]S2 Hamachi2Svc; "B:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2015-04-23] (Advanced Micro Devices, Inc.)R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-03-09] ()R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2015-01-30] (COMODO)R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [792648 2015-01-30] (COMODO)R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45880 2015-01-30] (COMODO)R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-09] (DT Soft Ltd)R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [104608 2015-01-30] (COMODO)R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-03-09] ()S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-07-16] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-17] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-07-16] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-05-14] (Microsoft Corporation)R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-05-14] (Microsoft Corporation)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-07-02] (NVIDIA Corporation)R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)R3 TRIDCap; C:\Windows\System32\DRIVERS\AVerTM62_x64.sys [1074048 2012-11-22] (AVerMedia TECHNOLOGIES, Inc. )S3 VSPerfDrv110; \??\B:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] ()R3 WinRing0_1_2_0; C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.sys [14544 2015-07-16] (OpenLibSys.org)R3 cpuz136; \??\C:\Users\Dizzle\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]S3 SysInfo; \??\C:\Windows\system32\drivers\SysInfo.sys [X]S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-17 08:40 - 2015-07-17 08:40 - 00000000 ____D C:\FRST2015-07-16 22:49 - 2015-07-17 08:29 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-07-16 22:49 - 2015-07-16 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-07-16 22:48 - 2015-07-16 22:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware2015-07-16 22:48 - 2015-07-16 22:48 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2015-07-16 22:48 - 2015-07-16 22:48 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2015-07-16 22:48 - 2015-07-16 22:48 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2015-07-16 22:48 - 2015-07-16 22:48 - 00000000 ____D C:\ProgramData\Malwarebytes2015-07-16 22:22 - 2015-07-16 22:22 - 00000000 ____D C:\Users\Dizzle\Desktop\Configuration2015-07-16 00:31 - 2015-07-16 00:31 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\NVIDIA2015-07-16 00:31 - 2015-07-16 00:31 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\mpv2015-07-15 23:59 - 2015-07-15 23:59 - 00000196 _____ C:\Users\Dizzle\.swfinfo2015-07-15 23:55 - 2015-07-15 23:56 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\livestreamer2015-07-15 21:03 - 2015-07-15 21:03 - 00000000 ____D C:\Users\Dizzle\AppData\Local\CEF2015-07-15 19:51 - 2015-07-15 19:52 - 13245712 _____ C:\Users\Dizzle\Downloads\Warcraft Movie Trailer from Comic-Con (Leaked) (360p).mp42015-07-14 21:18 - 2015-07-14 21:18 - 00000000 _____ C:\Windows\system32\RENF046.tmp2015-07-14 18:52 - 2015-07-14 18:52 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-07-14 18:52 - 2015-07-14 18:52 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2015-07-14 18:52 - 2015-07-14 18:52 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2015-07-14 18:52 - 2015-07-14 18:52 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2015-07-14 18:52 - 2015-07-14 18:52 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll2015-07-14 18:52 - 2015-07-14 18:52 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe2015-07-14 18:52 - 2015-07-14 18:52 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe2015-07-14 18:52 - 2015-07-14 18:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe2015-07-14 18:52 - 2015-07-14 18:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll2015-07-14 18:51 - 2015-07-14 18:51 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-07-14 18:51 - 2015-07-14 18:51 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-07-14 18:51 - 2015-07-14 18:51 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-07-14 18:51 - 2015-07-14 18:51 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-07-14 18:51 - 2015-07-14 18:51 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-07-14 18:51 - 2015-07-14 18:51 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-07-14 18:51 - 2015-07-14 18:51 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-07-14 18:51 - 2015-07-14 18:51 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-07-14 18:51 - 2015-07-14 18:51 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2015-07-14 18:51 - 2015-07-14 18:51 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2015-07-14 18:51 - 2015-07-02 17:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2015-07-14 18:51 - 2015-07-02 16:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2015-07-14 18:49 - 2015-07-14 18:49 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-07-14 18:49 - 2015-07-14 18:49 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2015-07-14 18:49 - 2015-07-14 18:49 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2015-07-14 18:49 - 2015-07-14 18:49 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2015-07-14 18:49 - 2015-07-14 18:49 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2015-07-14 18:49 - 2015-07-14 18:49 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2015-07-14 18:49 - 2015-07-14 18:49 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2015-07-14 18:49 - 2015-07-14 18:49 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2015-07-14 18:49 - 2015-07-14 18:49 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2015-07-14 18:49 - 2015-07-14 18:49 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2015-07-14 18:49 - 2015-07-14 18:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2015-07-14 18:49 - 2015-06-20 15:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2015-07-14 18:49 - 2015-06-19 14:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2015-07-14 18:47 - 2015-07-14 18:47 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2015-07-14 18:47 - 2015-07-14 18:47 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll2015-07-14 18:47 - 2015-07-14 18:47 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll2015-07-14 18:47 - 2015-07-14 18:47 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll2015-07-14 18:47 - 2015-07-14 18:47 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe2015-07-14 18:47 - 2015-07-14 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll2015-07-14 18:47 - 2015-07-14 18:47 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll2015-07-14 18:46 - 2015-07-14 18:46 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll2015-07-14 18:46 - 2015-07-14 18:46 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll2015-07-14 18:46 - 2015-07-14 18:46 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys2015-07-14 18:46 - 2015-07-14 18:46 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys2015-07-14 18:46 - 2015-07-14 18:46 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2015-07-14 18:46 - 2015-07-14 18:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys2015-07-14 18:46 - 2015-07-14 18:46 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe2015-07-14 18:46 - 2015-07-14 18:46 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe2015-07-14 18:46 - 2015-07-14 18:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2015-07-14 18:46 - 2015-07-14 18:46 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe2015-07-14 18:46 - 2015-07-14 18:46 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe2015-07-14 18:46 - 2015-07-14 18:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe2015-07-14 18:46 - 2015-07-14 18:46 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2015-07-14 18:46 - 2015-07-14 18:46 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe2015-07-14 18:46 - 2015-07-14 18:46 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll2015-07-05 02:03 - 2015-07-05 11:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2015-07-02 16:20 - 2015-07-02 16:20 - 00000000 ____D C:\Users\Dizzle\AppData\Local\NVIDIA Corporation2015-07-02 16:13 - 2015-07-02 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation2015-07-02 16:13 - 2015-07-02 16:13 - 00001377 _____ C:\Users\Public\Desktop\GeForce Experience.lnk2015-07-02 16:13 - 2015-07-02 16:13 - 00000000 ____D C:\Users\Dizzle\AppData\Local\NVIDIA2015-07-02 16:13 - 2015-06-17 05:10 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll2015-07-02 16:13 - 2015-06-17 05:10 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll2015-07-02 16:13 - 2015-06-17 05:10 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll2015-07-02 16:13 - 2015-06-17 05:10 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll2015-07-02 16:12 - 2015-07-02 16:13 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation2015-07-02 16:12 - 2015-07-02 16:12 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe2015-07-02 16:12 - 2015-07-02 16:12 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe2015-07-02 16:12 - 2015-07-02 16:12 - 00112784 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll2015-07-02 16:12 - 2015-07-02 16:12 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll2015-07-02 16:12 - 2015-06-17 02:48 - 06873232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll2015-07-02 16:12 - 2015-06-17 02:48 - 03492168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll2015-07-02 16:12 - 2015-06-17 02:48 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll2015-07-02 16:12 - 2015-06-17 02:48 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll2015-07-02 16:12 - 2015-06-17 02:48 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll2015-07-02 16:12 - 2015-06-02 10:11 - 04421614 _____ C:\Windows\system32\nvcoproc.bin2015-07-02 16:11 - 2015-07-02 16:20 - 00000000 ____D C:\ProgramData\NVIDIA Corporation2015-07-02 16:11 - 2015-07-02 16:12 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll2015-07-02 16:11 - 2015-07-02 16:12 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2015-07-02 16:11 - 2015-07-02 16:12 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2015-07-02 16:11 - 2015-07-02 16:12 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll2015-07-02 16:11 - 2015-07-02 16:12 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2015-07-02 16:11 - 2015-07-02 16:12 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2015-07-02 16:11 - 2015-07-02 16:12 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2015-07-02 16:11 - 2015-07-02 16:12 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2015-07-02 16:11 - 2015-07-02 16:12 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2015-07-02 16:11 - 2015-07-02 16:12 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll2015-07-02 16:11 - 2015-07-02 16:12 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2015-07-02 16:11 - 2015-07-02 16:12 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2015-07-02 16:11 - 2015-07-02 16:12 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll2015-07-02 16:11 - 2015-07-02 16:12 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll2015-07-02 16:11 - 2015-07-02 16:12 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2015-07-02 16:11 - 2015-07-02 16:12 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2015-07-02 16:11 - 2015-07-02 16:12 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll2015-07-02 16:11 - 2015-07-02 16:12 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll2015-07-02 16:11 - 2015-07-02 16:12 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll2015-07-02 16:11 - 2015-07-02 16:12 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll2015-07-02 16:11 - 2015-07-02 16:12 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2015-07-02 16:11 - 2015-07-02 16:12 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00408392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys2015-07-02 16:11 - 2015-07-02 16:12 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00061616 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys2015-07-02 16:11 - 2015-07-02 16:12 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll2015-07-02 16:11 - 2015-07-02 16:11 - 00000000 ____D C:\ProgramData\boost_interprocess2015-07-02 16:11 - 2015-06-17 05:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll2015-07-02 16:11 - 2015-06-17 05:10 - 00030966 _____ C:\Windows\system32\nvinfo.pb2015-07-02 16:10 - 2015-07-02 16:13 - 00000000 ____D C:\Program Files\NVIDIA Corporation2015-07-02 16:10 - 2015-07-02 16:10 - 00000000 ____D C:\NVIDIA2015-07-02 16:05 - 2015-07-16 22:47 - 00000000 ____D C:\ProgramData\NVIDIA2015-06-28 10:02 - 2015-07-15 18:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk2015-06-28 10:02 - 2015-07-15 18:03 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task2015-06-28 10:02 - 2015-06-28 10:02 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk2015-06-25 00:50 - 2015-06-25 00:50 - 00005690 _____ C:\Users\Dizzle\Documents\my letter.txt2015-06-23 20:53 - 2015-06-23 20:53 - 00273224 _____ C:\Windows\Minidump\062315-30685-01.dmp2015-06-22 21:02 - 2015-07-02 15:31 - 00207872 _____ (Power Admin LLC) C:\Windows\PAExec.exe2015-06-22 21:00 - 2015-06-22 21:00 - 00000000 ____D C:\Windows\pss2015-06-17 09:02 - 2015-06-17 09:02 - 00277352 _____ C:\Windows\Minidump\061715-23088-01.dmp ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-17 08:40 - 2013-03-06 11:52 - 01178966 _____ C:\Windows\WindowsUpdate.log2015-07-17 08:36 - 2013-12-19 08:31 - 00000021 _____ C:\Users\Dizzle\AppData\Roaming\config_data.dat2015-07-17 08:36 - 2013-04-24 17:58 - 00000000 ____D C:\Users\Dizzle\AppData\Local\CrashDumps2015-07-17 08:34 - 2009-07-14 00:45 - 00027360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-07-17 08:34 - 2009-07-14 00:45 - 00027360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-07-17 08:29 - 2014-11-12 09:23 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2015-07-17 08:29 - 2014-06-27 19:17 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-07-17 08:29 - 2013-03-06 08:58 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\Skype2015-07-16 23:45 - 2014-06-27 19:17 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-07-16 22:53 - 2009-07-14 01:13 - 00925702 _____ C:\Windows\system32\PerfStringBackup.INI2015-07-16 22:50 - 2013-03-10 15:48 - 00000000 ____D C:\Users\Dizzle\AppData\Local\LogMeIn Hamachi2015-07-16 22:48 - 2013-06-09 12:49 - 00000000 ____D C:\Users\Dizzle\AppData\Local\HTC MediaHub2015-07-16 22:48 - 2009-07-14 00:51 - 00139377 _____ C:\Windows\setupact.log2015-07-16 22:47 - 2010-11-20 23:47 - 00220104 _____ C:\Windows\PFRO.log2015-07-16 22:47 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2015-07-16 22:25 - 2014-10-05 03:31 - 00000000 ___RD C:\Program Files (x86)\Skype2015-07-16 22:25 - 2013-03-06 08:57 - 00000000 ____D C:\ProgramData\Skype2015-07-16 22:24 - 2014-06-13 02:00 - 00000000 ____D C:\Users\Dizzle\AppData\Local\Adobe2015-07-16 03:00 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX2015-07-16 03:00 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\system32\GWX2015-07-16 00:31 - 2013-03-10 15:12 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\vlc2015-07-15 23:59 - 2013-03-06 19:54 - 00000000 ____D C:\Users\Dizzle2015-07-15 23:40 - 2014-06-27 19:17 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-07-15 23:40 - 2014-06-27 19:17 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-07-15 23:29 - 2014-10-28 22:24 - 00000000 ____D C:\Users\Dizzle\AppData\Local\Battle.net2015-07-15 18:31 - 2013-03-06 20:38 - 00000000 ____D C:\Users\Dizzle\Documents\My Games2015-07-15 06:07 - 2014-08-14 04:00 - 00000000 ____D C:\Windows\rescache2015-07-15 03:24 - 2009-07-14 00:45 - 00276624 _____ C:\Windows\system32\FNTCACHE.DAT2015-07-15 03:23 - 2014-12-11 04:15 - 00000000 ____D C:\Windows\system32\appraiser2015-07-15 03:23 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel2015-07-15 03:23 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions2015-07-15 03:04 - 2013-07-29 03:00 - 00000000 ____D C:\Windows\system32\MRT2015-07-15 03:00 - 2013-03-05 22:05 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2015-07-14 21:18 - 2014-10-26 10:53 - 00000000 ____D C:\Program Files (x86)\Java2015-07-14 21:18 - 2014-06-29 19:46 - 00000000 ____D C:\ProgramData\Oracle2015-07-14 20:29 - 2014-10-26 10:53 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2015-07-14 20:28 - 2014-11-12 09:23 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater2015-07-14 20:28 - 2013-03-08 19:39 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2015-07-14 20:28 - 2013-03-08 19:39 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2015-07-14 18:29 - 2014-06-27 19:18 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk2015-07-12 11:42 - 2013-11-16 15:58 - 00024576 ___SH C:\Users\Dizzle\Documents\Thumbs.db2015-07-06 08:41 - 2010-11-20 23:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2015-07-05 11:01 - 2013-03-08 19:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service2015-07-02 16:19 - 2013-03-06 19:54 - 00000000 ____D C:\Users\Dizzle\AppData\Local\VirtualStore2015-07-02 16:12 - 2013-06-09 12:47 - 00000000 ____D C:\Temp2015-07-02 16:12 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Help2015-06-28 10:01 - 2013-03-31 15:12 - 00000000 ____D C:\Program Files (x86)\Adobe2015-06-28 10:01 - 2013-03-08 19:39 - 00000000 ____D C:\ProgramData\Adobe2015-06-28 00:54 - 2014-08-17 21:40 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\OBS2015-06-23 20:53 - 2013-03-06 19:54 - 00000000 ____D C:\Windows\Minidump2015-06-23 19:09 - 2015-06-09 18:08 - 00006656 _____ C:\Windows\system32\lpcio.dll2015-06-23 08:48 - 2014-05-28 23:17 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\Raptr2015-06-23 08:48 - 2014-05-28 23:17 - 00000000 ____D C:\Program Files (x86)\Raptr2015-06-22 21:43 - 2013-03-06 20:14 - 00000000 ____D C:\ProgramData\Package Cache2015-06-22 20:07 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD ==================== Files in the root of some directories ======= 2015-02-27 19:12 - 2015-02-27 19:13 - 56568640 _____ () C:\Users\Dizzle\AppData\Roaming\Advanced Combat Tracker.zip2013-12-19 08:31 - 2015-07-17 08:36 - 0000021 _____ () C:\Users\Dizzle\AppData\Roaming\config_data.dat2013-03-05 20:08 - 2013-03-05 20:08 - 0000017 _____ () C:\Users\Dizzle\AppData\Local\resmon.resmoncfg2008-02-05 15:28 - 2008-02-05 15:28 - 0000051 _____ () C:\Users\Dizzle\AppData\Local\setup.txt2015-03-16 08:07 - 2015-03-16 08:07 - 0000000 _____ () C:\Users\Dizzle\AppData\Local\{00E698F6-1CDC-4623-863D-8908F2D6149C}2015-03-25 08:38 - 2015-03-25 08:38 - 0000000 _____ () C:\Users\Dizzle\AppData\Local\{5666E3A9-7AA4-4B28-8896-22E2EEFB3BD6}2015-05-03 09:59 - 2015-05-03 09:59 - 0000000 _____ () C:\Users\Dizzle\AppData\Local\{9834506B-3318-454E-B080-613FEB23F057}2015-03-27 08:40 - 2015-03-27 08:40 - 0000000 _____ () C:\Users\Dizzle\AppData\Local\{E894F7C8-5041-4DCD-8A84-EBE44E37AAF3}2014-03-27 15:01 - 2014-03-27 15:01 - 0000057 _____ () C:\ProgramData\Ament.ini Some files in TEMP:====================C:\Users\Dizzle\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exeC:\Users\Dizzle\AppData\Local\Temp\AutoDetectUtilApp.exeC:\Users\Dizzle\AppData\Local\Temp\Gw2.exeC:\Users\Dizzle\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exeC:\Users\Dizzle\AppData\Local\Temp\jre-8u40-windows-au.exeC:\Users\Dizzle\AppData\Local\Temp\jre-8u45-windows-au.exeC:\Users\Dizzle\AppData\Local\Temp\qc_e3f0f3ef_27e6_4ca8_8a7c_a3d761aa54bb_64.exeC:\Users\Dizzle\AppData\Local\Temp\raptrpatch.exeC:\Users\Dizzle\AppData\Local\Temp\raptr_stub.exeC:\Users\Dizzle\AppData\Local\Temp\speccycpuid.dllC:\Users\Dizzle\AppData\Local\Temp\vlc-2.2.1-win32.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-13 03:15 ==================== End of log ============================ FRST.txt Addition.txt
-
So I am have the issue where I cannot get rid of the "Your system is not fully protected" message. Clicking "Fix Now" does nothing. My License information says "Malwarebytes Anit-Malware Preimum" State: Licensed Duration: Lifetime However on the Dashboard under "Real-Time Protection" it says "Available with Malwarebytes Anti-Malware Premium" The program seems to indicate I both do and do not have a premium license so I have no idea what to do. I've already done the clean and re-install process described here: https://forums.malwarebytes.org/index.php?/topic/146017-mbam-clean-removal-process-2x/ How do I enable Real-Time Protection? Here is what I see: