calypso9

I didn't find any C:/rkill.log. Instead it saved a file to the desktop "Rkill.txt" so I'm attaching that. Thank you for the help! FRST.txt Addition.txt Rkill.txt mbam scan log.txt

is there something more i should do in order to get some help?

bump

I have a premium licensed version and these issues. CheckResults.txt FRST.txt Addition.txt

Thanks! One thing I noticed is that MBAM doesn't run at startup despite having the option checked. I don't see it in the services or startup lists in msconfig either. FRST.txt Addition.txt CheckResults.txt

I'm having an issue where I cannot get rid of the "Your system is not fully protected" message. Clicking "Fix Now" does nothing. My License information says "Malwarebytes Anit-Malware Preimum" State: Licensed Duration: Lifetime However on the Dashboard under "Real-Time Protection" it says "Available with Malwarebytes Anti-Malware Premium" The program seems to indicate I both do and do not have a premium license so I have no idea what to do. I've already done the clean and re-install process described here: https://forums.malwarebytes.org/index.php?/topic/146017-mbam-clean-removal-process-2x/ How do I enable Real-Time Protection? This happened after I installed the most recent MBAM update.

Real-time protection is now enabled! Thank you!

attached zoek-results.log

Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Dizzle on Sat 07/18/2015 at 10:16:55.01. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: B:\Downloads\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 7/18/2015 10:18:09 AM Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\Steam deleted successfully C:\Users\Dizzle\AppData\Roaming\mpv deleted successfully C:\Users\Dizzle\AppData\Local\calibre-cache deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default user.js not found ---- Lines Customized removed from prefs.js ---- user_pref("extensions.testpilot.alreadyCustomizedToolbar", true); ---- FireFox user.js and prefs.js backups ---- prefs_20150718_1048_.backup ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Steam not found C:\Users\Dizzle\AppData\Roaming\calibre deleted C:\Users\Dizzle\AppData\Roaming\livestreamer deleted C:\Users\Dizzle\AppData\Roaming\transmission deleted C:\Users\Dizzle\.android deleted C:\PROGRA~3\Package Cache deleted C:\Users\Dizzle\AppData\Local\CrashRpt deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\SysWow64\AI_RecycleBin deleted C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\extensions\firefox@mega.co.nz.xpi deleted C:\Users\Dizzle\Desktop\Continue Media Player Classic Installation.lnk deleted C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\extensions\shumway@research.mozilla.org deleted "C:\Windows\Installer\24a8ff.msi" deleted "C:\Users\Dizzle\AppData\Local\{00E698F6-1CDC-4623-863D-8908F2D6149C}" deleted "C:\Users\Dizzle\AppData\Local\{5666E3A9-7AA4-4B28-8896-22E2EEFB3BD6}" deleted "C:\Users\Dizzle\AppData\Local\{9834506B-3318-454E-B080-613FEB23F057}" deleted "C:\Users\Dizzle\AppData\Local\{E894F7C8-5041-4DCD-8A84-EBE44E37AAF3}" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default user_pref("browser.search.defaultenginename.US", "Google"); user_pref("browser.search.selectedEngine", "Ixquick HTTPS"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default - DoNotTrackMe: Online Privacy Protection - %ProfilePath%\extensions\donottrackplus@abine.com - Firefogg - %ProfilePath%\extensions\firefogg@firefogg.org - MaskMe - %ProfilePath%\extensions\idme@abine.com - FT DeepDark - %ProfilePath%\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} - Disconnect - %ProfilePath%\extensions\2.0@disconnect.me.xpi - Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi - Instrument Test - %ProfilePath%\extensions\testpilot@labs.mozilla.com.xpi - NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi - Abduction - %ProfilePath%\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default 4C07B5286D129DFD25C24B4A31B9B888 - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll - Happy Cloud Plugin ==== Deleted Firefox Extensions ====================== C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\extensions\donottrackplus@abine.com deleted ==== Chromium Look ====================== Chrome Hotword Shared Module - Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg ==== Chromium Startpages ====================== C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Preferences ooglesyndication.com:443":{"alternative_service":[{"port":443,"probability":0.02,"protocol_str":"quic"}],"network_stats":{"srtt":46727},"supports_spdy":true},"tpc.googlesyndication.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":47908}},"translate.google.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}]},"translate.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"triggeredmail.appspot.com:80":{"alternative_service":[{"port":80,"probability":0.02,"protocol_str":"quic"}]},"twitter.com:443":{"supports_spdy":true},"video-ad-stats.googlesyndication.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"video-ad-stats.googlesyndication.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"whatistheexcel.com:443":{"supports_spdy":true},"www.facebook.com:443":{"supports_spdy":true},"www.google-analytics.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":65419},"supports_spdy":true},"www.google-analytics.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":62271}},"www.google.co.in:443":{"alternative_service":[{"port":443,"probability":0.01,"protocol_str":"quic"}],"supports_spdy":true},"www.google.co.in:80":{"alternative_service":[{"port":80,"probability":0.01,"protocol_str":"quic"}]},"www.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":60550},"supports_spdy":true},"www.google.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":55907}},"www.googleadservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":64139},"supports_spdy":true},"www.googleadservices.com:80":{"alternative_service":[{"port":80,"probability":0.5,"protocol_str":"quic"}],"network_stats":{"srtt":62624}},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":54440},"supports_spdy":true},"www.googletagmanager.com:443":{"alternative_service":[{"port":443,"probability":0.08,"protocol_str":"quic"}],"supports_spdy":true},"www.googletagmanager.com:80":{"alternative_service":[{"port":80,"probability":0.5,"protocol_str":"quic"}],"network_stats":{"srtt":40557}},"www.googletagservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":95628},"supports_spdy":true},"www.googletagservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":45215}},"www.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":50465},"supports_spdy":true},"www.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.01,"protocol_str":"quic"}]},"www.youtube-nocookie.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":50872},"supports_spdy":true},"www.youtube-nocookie.com:80":{"alternative_service":[{"port":80,"probability":0.01,"protocol_str":"quic"}]},"www.youtube.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":45076},"supports_spdy":true},"www.youtube.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":56027}},"youtu.be:443":{"alternative_service":[{"port":443,"probability":0.5,"protocol_str":"quic"}],"supports_spdy":true},"yt3.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":51328},"supports_spdy":true},"yt3.ggpht.com:80":{"alternative_service":[{"port":80,"probability":0.01,"protocol_str":"quic"}]}},"supports_quic":{"address":"::ffff:2602:306","used_quic":true},"version":3}},"plugins":{"last_internal_directory":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.134","migrated_to_pepper_flash":true,"plugins_list":[{"enabled":true,"name":"Widevine Content Decryption Module","path":"C:\\Users\\Dizzle\\AppData\\Local\\Google\\Chrome\\User Data\\WidevineCDM\\1.4.8.823\\_platform_specific\\win_x86\\widevinecdmadapter.dll","version":"1.4.8.823"},{"enabled":true,"name":"Chrome PDF Viewer","path":"chrome-extension://mhjfbmdgcfjbbpaeojofohoefgiehjai/","version":""},{"enabled":true,"name":"Shockwave Flash","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.134\\PepperFlash\\pepflashplayer.dll","version":"18.0.0.209"},{"enabled":true,"name":"Chrome Remote Desktop Viewer","path":"internal-remoting-viewer","version":""},{"enabled":true,"name":"Native Client","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.134\\internal-nacl-plugin","version":""},{"enabled":true,"name":"Chrome PDF Viewer","path":"internal-pdf-viewer","version":""},{"enabled":true,"name":"Adobe Flash Player"},{"enabled":true,"name":"Chrome PDF Viewer"},{"enabled":true,"name":"Chrome Remote Desktop Viewer"},{"enabled":true,"name":"Native Client"},{"enabled":true,"name":"Widevine Content Decryption Module"}],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"":{"setting":1},"https://www.youtube.com:443,https://www.youtube.com:443":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{"[*.]uverse.com,*":{"setting":1}},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]uverse.com,*":{"plugins":1},"https://www.yofla.com:443,https://www.yofla.com:443":{"fullscreen":1},"https://www.youtube.com:443,https://www.youtube.com:443":{"fullscreen":1}},"pref_version":1},"created_by_version":"35.0.1916.153","exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"First user","per_host_zoom_levels":{}},"protection":{"macs":{}},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13048384711832788"},"settings":{"privacy":{"drm_salt":"39A6173C4733B8736C084E90B333926C237DE718D4E2D01A460B715D49761E69"}},"sync_promo":{"startup_count":10},"translate_accepted_count":{"fr":0},"translate_blocked_languages":["en"],"translate_denied_count":{"fr":2},"translate_last_denied_time":1413584425365.611,"translate_too_often_denied":true,"translate_whitelists":{}} ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9C8928403D4AB094F99FBA20A329833F deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{048298C9-A4D3-490B-9FF9-AB023A9238F3} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\9C8928403D4AB094F99FBA20A329833F deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Dizzle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Dizzle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Dizzle\AppData\Local\Mozilla\Firefox\Profiles\ozyymxpn.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=806 folders=478 1203688933 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Dizzle\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Dizzle\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on Sat 07/18/2015 at 11:03:38.09 ======================

Forgot the attachment, sorry MGADiagReport.txt

Thanks for your help

It always just persists whenever MBAM is running. Please see the link to the previous thread. Real-time protection is unable to be activated. (Second half off Addition.txt) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{71E24ADE-6F5D-45DC-96ED-FDEAB020B2F2}] => (Allow) B:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{D944C32F-C416-45B4-BBD0-22CA48AC4886}] => (Allow) B:\Program Files (x86)\Steam\Steam.exeFirewallRules: [TCP Query User{8F9742CB-955B-4ED6-8BA0-632D6C4BE44E}C:\program files (x86)\transmission-qt\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission-qt\transmission-qt.exeFirewallRules: [uDP Query User{B3B7D072-68CC-4D1C-A21C-777BD5E01710}C:\program files (x86)\transmission-qt\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission-qt\transmission-qt.exeFirewallRules: [TCP Query User{59A620D0-D260-451A-96EC-53A8A4B8A3EA}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exeFirewallRules: [uDP Query User{CF3A78B3-8857-4189-9A31-79C026830864}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exeFirewallRules: [{7F13FCD3-8B96-479F-AFE8-31743346F8CE}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\The Secret World\ClientPatcher.exeFirewallRules: [{5AF6C339-9E84-495C-B01F-13ABD7A5313A}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\The Secret World\ClientPatcher.exeFirewallRules: [TCP Query User{60003254-D722-45BD-8C83-D6D60F29D603}C:\program files (x86)\squareenix\final fantasy xiv - a realm reborn (beta version)\game\ffxiv.exe] => (Allow) C:\program files (x86)\squareenix\final fantasy xiv - a realm reborn (beta version)\game\ffxiv.exeFirewallRules: [uDP Query User{8903C65C-2754-4D87-B9AF-BCB313EFB5E5}C:\program files (x86)\squareenix\final fantasy xiv - a realm reborn (beta version)\game\ffxiv.exe] => (Allow) C:\program files (x86)\squareenix\final fantasy xiv - a realm reborn (beta version)\game\ffxiv.exeFirewallRules: [TCP Query User{1E2D9B54-293F-4957-8C79-3AB443278956}C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe] => (Block) C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exeFirewallRules: [uDP Query User{63289276-C741-4E66-ACA9-B07841DE132D}C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe] => (Block) C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exeFirewallRules: [{01079CA5-4967-4F4A-9555-E0645A54C935}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Addon.exeFirewallRules: [{717CA712-DFC8-4E7F-9F23-2A451EDDA777}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Addon.exeFirewallRules: [{76F32080-1CA7-4B54-88EB-3DA5FEE471A1}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exeFirewallRules: [{1EC65DA7-0DF2-4367-BD89-D6AA19E41505}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exeFirewallRules: [{5A9C25E6-B547-42C1-B43B-40E7C5C8C2F5}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dead Island\DeadIslandGame.exeFirewallRules: [{1DC2EA88-EAE1-469A-9825-E9CBB22B5165}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dead Island\DeadIslandGame.exeFirewallRules: [{770EB2AA-0137-40CD-99D3-34FD296A3538}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\FINAL FANTASY XI\polboot.exeFirewallRules: [{38AE48F6-3912-4A28-9596-8D31E6D191EB}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\FINAL FANTASY XI\polboot.exeFirewallRules: [{AD169DE3-FBCD-4B92-93B9-70852727642C}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\PlayOnlineViewer\polcfg\polcfg.exeFirewallRules: [{9862D61D-1714-4038-B84B-A74A4FE74FD5}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\PlayOnlineViewer\polcfg\polcfg.exeFirewallRules: [{6679A643-B0B5-485C-A5B9-658BAF8C01A5}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\FINAL FANTASY XI\ToolsUS\FINAL FANTASY XI Config.exeFirewallRules: [{1F2A398D-6EFF-4216-9301-F4966DEFF3BA}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\FINAL FANTASY XI\ToolsUS\FINAL FANTASY XI Config.exeFirewallRules: [{75646070-3858-4AD9-873E-BD1986FAE6A4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 5\Launcher.exeFirewallRules: [{26E013A2-DECF-46F7-95C9-A5A577FD61ED}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 5\Launcher.exeFirewallRules: [TCP Query User{365718C6-535B-42AF-97BC-E7AAB5CD65E9}B:\program files (x86)\steam\steamapps\common\ffxi\squareenix\playonlineviewer\pol.exe] => (Allow) B:\program files (x86)\steam\steamapps\common\ffxi\squareenix\playonlineviewer\pol.exeFirewallRules: [uDP Query User{68F78B55-22D9-405C-9871-4C4B621D443A}B:\program files (x86)\steam\steamapps\common\ffxi\squareenix\playonlineviewer\pol.exe] => (Allow) B:\program files (x86)\steam\steamapps\common\ffxi\squareenix\playonlineviewer\pol.exeFirewallRules: [{C456438E-204C-4378-9A3B-9F68E9BFDC6F}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exeFirewallRules: [{195F3DDD-971D-439E-B06C-8691B12BA731}] => (Block) D:\Program Files (x86)\Dragon Age 2\DragonAge2Launcher.exeFirewallRules: [{4A5D9913-367D-49BC-B3A2-1F64492752F8}] => (Block) D:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exeFirewallRules: [{9EC8B1CA-41FD-49DE-865A-8C8037B809D8}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exeFirewallRules: [{79D321E0-4814-4F43-9A4A-7B3A409B0F5E}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exeFirewallRules: [{539B84C4-4B12-419F-B191-1E8CA8566DB3}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Hitman Blood Money\HitmanBloodMoney.exeFirewallRules: [{A420BE28-DAAD-4B61-BBAC-A6BE953F316F}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Hitman Blood Money\HitmanBloodMoney.exeFirewallRules: [{40B3350E-65C9-4530-A9F8-E96A9C9A5E9F}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Hitman Blood Money\configure.exeFirewallRules: [{EC1B6336-DCDF-4464-8B37-7E86A7BB0AF5}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Hitman Blood Money\configure.exeFirewallRules: [TCP Query User{044543CB-E13B-4347-9491-90F55B3F310E}B:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) B:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exeFirewallRules: [uDP Query User{3C7642B3-6F67-47D3-B86C-D070276FD6D5}B:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) B:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exeFirewallRules: [{EFC9FE44-7D06-4BE6-8384-1BA34F13F6B1}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLClient.exeFirewallRules: [{8FDAF587-73DD-4A05-AC49-7B9C33854DA6}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLClient.exeFirewallRules: [{D61D8745-6203-45A8-8E82-51A8532BB5B4}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLClient.exeFirewallRules: [{8B2CFF0C-6066-4EAE-ABA9-E28F2EA1B46C}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLClient.exeFirewallRules: [{C8394A87-186C-4CFA-8B84-0E03BAC707A9}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exeFirewallRules: [{A23D0D5C-FD68-460D-937C-FD10616AFF39}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exeFirewallRules: [{1D0C3275-1406-4953-8EEF-A348203A4F3C}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exeFirewallRules: [{30A20519-6F08-4C9F-A83F-0FA0F82B815F}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exeFirewallRules: [{C83DE87A-259A-4879-BA8E-798A94BC475C}] => (Allow) LPort=3074FirewallRules: [{3FED296F-5794-4DAE-81D0-9DE273DA503B}] => (Allow) LPort=3074FirewallRules: [{22F63F75-3D02-4371-977E-8395C3DE8899}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\FUEL\GameSetup.exeFirewallRules: [{A5E9EA2F-677E-46CB-B3EF-73E391DCA9FB}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\FUEL\GameSetup.exeFirewallRules: [{82DC3AB2-6C54-4EB1-9546-2C981127598E}] => (Allow) C:\UDK\UDK-2013-07\Binaries\Win32\UDK.exeFirewallRules: [{9AEEEF37-EEEF-4E3B-90C0-E01C067FD138}] => (Allow) C:\UDK\UDK-2013-07\Binaries\Win32\UDK.exeFirewallRules: [{8D5D5214-590E-4D44-8BA8-BDD23D334FD2}] => (Allow) C:\UDK\UDK-2013-07\Binaries\Win64\UDK.exeFirewallRules: [{5F9FCB3D-AA41-4A47-8374-FB5113C65CD8}] => (Allow) C:\UDK\UDK-2013-07\Binaries\Win64\UDK.exeFirewallRules: [{04C357F6-25FA-4A46-ADC9-07A9A9C5EEEE}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\game_launcher.exeFirewallRules: [{6B134FD3-8562-4D52-9E0A-A9E88957EE81}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\game_launcher.exeFirewallRules: [{1ED0F717-5D4F-4A5A-ADD9-8439D8106D97}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exeFirewallRules: [{FC1BCF9D-F018-44CB-802B-9586A1C2C01B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exeFirewallRules: [{F2503AF5-08FF-426F-8EEE-13B522C9F508}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exeFirewallRules: [{C6B883B8-3695-4729-B8D0-4F367F3123C4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exeFirewallRules: [{1CE37F95-E946-4F44-9E24-EB970ECB9E33}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exeFirewallRules: [{727E61AE-68BF-47E9-9BD5-54B3CED8F96B}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exeFirewallRules: [{99FD66D9-DB0F-4455-B57C-E19CAFE11EB5}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exeFirewallRules: [{7C754A78-8FBC-4413-B14B-BCFE766E62E7}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exeFirewallRules: [{BBF7939F-8B33-43EB-A3E0-69E830ADC048}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exeFirewallRules: [{E891273A-6D31-45EA-A8F0-8C894ACEB4E7}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exeFirewallRules: [{3C487239-C168-4305-89CB-34CCE4A121B1}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exeFirewallRules: [{E4C2F5B9-C426-4297-807E-178F09865C21}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exeFirewallRules: [{C351DF30-4C0D-4A25-B189-58BFAB2DE9B4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exeFirewallRules: [{0C925FBC-1AC8-4EE2-AFB9-74ACE7180637}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exeFirewallRules: [{43DA3AA5-57D4-4E98-B0AD-F35C58AE850E}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exeFirewallRules: [{6D8C2515-C693-4EDC-85AC-A11A2DC96854}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exeFirewallRules: [{D75BD60F-624E-4ED5-A298-BC9F12988230}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exeFirewallRules: [{0D3018DB-60D5-4ADA-B0B1-B2D912EBA8E4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exeFirewallRules: [{4AAECCF7-7D68-4A93-B1DA-2C74C180CEAE}] => (Allow) B:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exeFirewallRules: [{658D1431-3C41-4211-9EB1-9653E36BAC2D}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exeFirewallRules: [{131A19C6-7A7C-4B2D-B86C-A41C29AE7C58}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exeFirewallRules: [{E3F84527-A229-487E-9271-30310A39EF38}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exeFirewallRules: [{E075DD9C-78BB-434A-94B0-DBE25ADF905B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exeFirewallRules: [{74559A37-F4CD-4976-9B55-26F915C86109}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Wanderlust Rebirth\Wanderlust.exeFirewallRules: [{EDCCB2B1-E076-4CCC-8410-20FD7FF6E5AC}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Wanderlust Rebirth\Wanderlust.exeFirewallRules: [{8A423AA5-A291-4666-AFAC-951CA390510B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exeFirewallRules: [{FBEED69C-1F0B-4FAB-AC1C-81CA0B5450F7}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exeFirewallRules: [{8EFC64E1-378B-4F5B-8E01-769A29A0EDBF}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exeFirewallRules: [{6E50C40E-8CC9-435C-B0E6-28CFEE23DC88}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exeFirewallRules: [{0C3CB4F8-AFB0-444A-871E-6F0C2733D667}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exeFirewallRules: [{D6F8712E-F3C3-4C09-9901-25463136BD0E}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exeFirewallRules: [{05222B9C-A19F-4658-9313-5CBB199714E7}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exeFirewallRules: [{935856F5-5856-42C6-B448-DB13671CE6C2}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exeFirewallRules: [{EAEB1C89-3C60-4715-A069-8D8EBE68A5B2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exeFirewallRules: [{B5AD338B-F147-4324-9552-F4074B43C994}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exeFirewallRules: [{4A052965-CEAA-4BAF-918A-FFE5C240245D}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exeFirewallRules: [{D995E0CC-F254-4AA0-9E2C-79E57BC6E790}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exeFirewallRules: [{7E59BF8C-17F4-487E-B59B-E2AC8ED62B8E}] => (Allow) B:\HappyCloud\Cache\TERA\TERA-Launcher.exeFirewallRules: [{C6C29A7A-09B6-48E6-8CB6-3CDEFAC64EF4}] => (Allow) B:\HappyCloud\Cache\TERA\TERA-Launcher.exeFirewallRules: [{017A6432-A059-4FC3-8217-DBC2729486E6}] => (Allow) B:\HappyCloud\Cache\TERA\Client\TL.exeFirewallRules: [{3753C25B-96E7-4E59-90F6-86D2AFCD8CC5}] => (Allow) B:\HappyCloud\Cache\TERA\Client\TL.exeFirewallRules: [{85821350-0116-45F6-92C2-513EE3115A0D}] => (Allow) B:\HappyCloud\Cache\TERA\Client\Binaries\TERA.exeFirewallRules: [{9CD6B736-A0DD-428F-ABF2-704FFAE07296}] => (Allow) B:\HappyCloud\Cache\TERA\Client\Binaries\TERA.exeFirewallRules: [{44FDFDB4-64FC-4C1B-AFC7-315EBEB845CC}] => (Allow) B:\Program Files (x86)\Tunngle\TnglCtrl.exeFirewallRules: [{647C1A99-754E-4C10-A4A6-949F1040FC17}] => (Allow) B:\Program Files (x86)\Tunngle\TnglCtrl.exeFirewallRules: [{8FCAFDBF-491C-434D-98E9-65244F7E5ABA}] => (Allow) B:\Program Files (x86)\Tunngle\Tunngle.exeFirewallRules: [{C923BFC2-BCF8-459C-92F6-C16917AF1FB0}] => (Allow) B:\Program Files (x86)\Tunngle\Tunngle.exeFirewallRules: [{D35D0206-36A6-4C88-BDB1-75AFC1B336E1}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Fable The Lost Chapters\Fable.exeFirewallRules: [{AAB65210-7A80-4694-8C52-7B4DEA1D9495}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Fable The Lost Chapters\Fable.exeFirewallRules: [{1858156E-22F3-45AD-A609-D6BB69200EEA}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exeFirewallRules: [{28E6E63E-9422-46AA-9512-BF9D3DCF4598}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exeFirewallRules: [{258A12F5-F848-4CA7-98B2-63FDF27C58D8}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicatorCom.exeFirewallRules: [{1E2F32A0-85F2-4988-8E61-86355A7D871B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exeFirewallRules: [{DDDA60AB-61ED-47B9-A1A4-1CD4E7CAFE74}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exeFirewallRules: [{146245B5-9E34-40F9-9EC3-38048C65924B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Wanderlust Rebirth\Wanderlust.exeFirewallRules: [{8A6EFE67-756A-4B80-9EE6-FB7BA73EF4DA}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Wanderlust Rebirth\Wanderlust.exeFirewallRules: [{FA135EB2-A519-4129-A65C-28A7A8A2A2F4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exeFirewallRules: [{B583E63B-BF93-407C-9E1F-52F5D44B1823}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exeFirewallRules: [{4CD6C8F2-DFBA-45D8-B5D6-7675528FE1CF}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exeFirewallRules: [{53F53383-7FF4-4E9E-801F-972042E24906}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exeFirewallRules: [{6AEFAE89-656B-477B-89BC-4291BA65E50E}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dungeons & Dragons HD\ManaGame.exeFirewallRules: [{CC7DC063-0F61-4CF5-A4EB-0AD7D3022AD4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dungeons & Dragons HD\ManaGame.exeFirewallRules: [{DA7A6BD1-F2C6-4AFF-B476-119C5E29E9CD}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exeFirewallRules: [{0992FFE1-8A4D-4D0E-9BC9-42709BBE7FF2}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exeFirewallRules: [{AD42EC6C-4F91-4DC5-8F27-981EBBEEC52C}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Outlast\OutlastLauncher.exeFirewallRules: [{A17BA2C8-A158-4C2A-94A6-3CD1B1A77E89}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Outlast\OutlastLauncher.exeFirewallRules: [{3982DF06-4928-4214-A48B-D199803EA44C}] => (Allow) B:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exeFirewallRules: [{C2906127-0048-4299-A39B-47E79F1C8FDA}] => (Allow) B:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exeFirewallRules: [{CAE4F26B-D994-497E-BC29-FB8E18017A52}] => (Allow) B:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exeFirewallRules: [{1E67896C-E930-4B1B-B6A3-6BC45F84F94C}] => (Allow) B:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exeFirewallRules: [{BEA4A2A4-F972-4437-BC84-ED42AABAC4FB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exeFirewallRules: [{BA19124F-F3E1-4609-A87C-7CBE9C3675DF}] => (Allow) B:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{58309F3D-E5D6-417F-8440-16A16839BC03}] => (Allow) B:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{8269DA63-AA42-4706-97E1-C52B7B734A4B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\FEAR Ultimate Shooter Edition\FEAR.exeFirewallRules: [{DFD0F6D5-7A7F-4088-A5F8-2DF8A62B2431}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\FEAR Ultimate Shooter Edition\FEAR.exeFirewallRules: [{58A11594-50C2-4268-95FB-4CD9864FB6DC}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exeFirewallRules: [{EC2927D9-F733-4643-AEDE-52BADF15B0B3}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exeFirewallRules: [{FE2A9504-A586-49E0-BBD5-66BFEDA10F7D}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exeFirewallRules: [{C7D9D0FD-88A6-4C17-B806-A098AD6FE3E1}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exeFirewallRules: [{5E7768E5-891C-4A9F-BF4F-310690D3256E}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dreamfall Chapters\Dreamfall Chapters.exeFirewallRules: [{985558EB-ED43-44A9-BED7-A4627578B9AA}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dreamfall Chapters\Dreamfall Chapters.exeFirewallRules: [{1A96ECAE-997C-4901-B9D6-4173EAE3EB1B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\mercenary_kings\MercenaryKings.exeFirewallRules: [{00C4CFB5-62D2-4770-8E22-105B6428A1CC}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\mercenary_kings\MercenaryKings.exeFirewallRules: [{B3D9347A-273B-49C0-843E-E2CFCCE81393}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\LEGO Harry Potter\LEGOHarryPotter.exeFirewallRules: [{4948E85C-11B7-49CD-ABDF-5E8787FA7224}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\LEGO Harry Potter\LEGOHarryPotter.exeFirewallRules: [{DB450417-B882-4BF6-A495-C8DF64008001}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exeFirewallRules: [{5B5DC907-A617-4313-B4E0-EEB9341E54E3}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exeFirewallRules: [{888C81B9-FFB2-49DA-B179-21A9A82D9077}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Five Nights at Freddy's 2\FiveNightsatFreddys2.exeFirewallRules: [{4C54B453-7F81-4E92-A550-1B418D004DF7}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Five Nights at Freddy's 2\FiveNightsatFreddys2.exeFirewallRules: [{FD520DFD-C895-4082-AC79-653A2836299F}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ToyboxTurbos\ToyboxTurbos.exeFirewallRules: [{1A557CE4-BF45-4031-B8AB-07A862BEDA6B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ToyboxTurbos\ToyboxTurbos.exeFirewallRules: [{F1BDDCB2-F2CF-4B06-8724-8F927CD8BB4A}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Alien Isolation\AI.exeFirewallRules: [{1CFAEFB4-AA0F-4EE5-9566-B1232C4F21DA}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Alien Isolation\AI.exeFirewallRules: [{8534D05D-159C-4D03-93B6-011F813730E2}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Passing Pineview Forest\.autorun\autorun.exeFirewallRules: [{1F4377DF-F880-461F-A5BE-C47F75E2CDFE}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Passing Pineview Forest\.autorun\autorun.exeFirewallRules: [{A498BF04-672C-429A-981A-2EDD75C08A5A}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\SplitSecond\SplitSecond.exeFirewallRules: [{AE699747-22E8-497C-AD8A-6D9DCE597A15}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\SplitSecond\SplitSecond.exeFirewallRules: [{A0F35B38-2E51-48B6-B6CF-2E7A41357EA0}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Distance\Distance.exeFirewallRules: [{75C6CB5F-398E-417A-AFF9-7B60C4216449}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Distance\Distance.exeFirewallRules: [{5C80401F-F576-4103-9D1C-553F35F53FB0}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\swkotor\swkotor.exeFirewallRules: [{DBFA32B0-3F07-46D2-B525-06D6D3B77560}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\swkotor\swkotor.exeFirewallRules: [{049B6EAE-6575-441A-A2CB-A15DB194BDED}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exeFirewallRules: [{37C2099A-7654-4185-9CFD-69F7414DAF6B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exeFirewallRules: [{01253A71-C2CA-4B8E-B17A-11885E219927}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Addon.exeFirewallRules: [{3E88BDA0-6620-46E5-BAEB-A80DE47744CA}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Addon.exeFirewallRules: [{A49ECEB6-D69B-4246-B9CF-CE2FAD35D1D8}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Anno4.exeFirewallRules: [{27069769-7FE5-4002-A802-EC28AE33FC32}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Anno4.exeFirewallRules: [{49B78589-16E2-48CF-9A0C-0E4198BBE0D5}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Black Mirror\agds.exeFirewallRules: [{4046F9ED-3871-4635-B6A0-C723F045457F}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Black Mirror\agds.exeFirewallRules: [{C0400064-F8E2-45AF-9EC9-1B575F1840C3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exeFirewallRules: [{ECE018F0-BD53-4C9F-92CB-F4A2D5336855}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exeFirewallRules: [{915A8720-6333-49AF-A31D-513626E040F3}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exeFirewallRules: [{B1DAD169-BBDD-4A98-9AC9-5758908067E9}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exeFirewallRules: [{17D81F1C-2E97-4D10-B46B-6514E12E4E28}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 5\Launcher.exeFirewallRules: [{592AFAC1-8563-4BE3-A06F-15554A7E8E32}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 5\Launcher.exeFirewallRules: [{D30AF40C-0BEE-4289-B1E0-791173C21035}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exeFirewallRules: [{4D4EF1E5-A4AC-4CEC-B359-DE70EE03FA44}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exeFirewallRules: [{25A3FBC2-CF47-41AB-97B9-5E007BA74929}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exeFirewallRules: [{BC11BF69-CFF8-4445-8275-083AC80AADD3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exeFirewallRules: [{0B7DD490-225B-448F-B6DB-7B707CBC6FBD}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exeFirewallRules: [{298A7D7D-9536-4163-9EF3-E4F218DE37E5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exeFirewallRules: [{36FED665-59D1-4418-93BC-1CD9CF4A7BB6}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exeFirewallRules: [{F54212C1-8CE5-4B5D-BD8C-8F75A1F62588}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exeFirewallRules: [{9AF1DF27-4143-49C5-9916-8B6C5779C846}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeFirewallRules: [{5E22BB6A-95C1-4C13-A554-4B50DD2F52CA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeFirewallRules: [{859F9458-5EFE-47AB-ACFC-E32C23B348CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeFirewallRules: [{222D5C78-6DD5-4EC1-9275-3F8AB742AC94}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeFirewallRules: [{4FEFC68E-B309-44C1-AB03-25199CF2FE93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exeFirewallRules: [{135192FF-9A50-4B1C-9571-F789D69FD6B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exeFirewallRules: [{9D5CC43B-0EC9-4EA9-8D32-ADF4B8CBCDEB}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\D4 Dark Dreams Don't Die\D4.exeFirewallRules: [{031A476B-CFF1-407E-BA28-36CBC3549E75}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\D4 Dark Dreams Don't Die\D4.exeFirewallRules: [{BD01E4A9-111D-4684-AE8A-048BDC18042A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exeFirewallRules: [{151CA7D8-612A-4E79-9B6E-8BF7F35AC958}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exeFirewallRules: [{6D6533A3-DA0C-4DC1-A80C-AA85E3CBBC02}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exeFirewallRules: [{8B4C85A9-BD15-430A-BC78-6B5FF7E1E6A8}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exeFirewallRules: [{5154A152-6989-4AC6-A297-7FE24B0D849B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (07/17/2015 08:36:29 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: CorsairLINK_HardwareMonitor.exe, version: 2.4.5110.41697, time stamp: 0x520168cfFaulting module name: UsbClink.dll, version: 0.0.0.0, time stamp: 0x532b0b2eException code: 0xc0000005Fault offset: 0x00001874Faulting process id: 0x2494Faulting application start time: 0xCorsairLINK_HardwareMonitor.exe0Faulting application path: CorsairLINK_HardwareMonitor.exe1Faulting module path: CorsairLINK_HardwareMonitor.exe2Report Id: CorsairLINK_HardwareMonitor.exe3 Error: (07/17/2015 08:36:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (07/17/2015 08:30:21 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: CorsairLINK_HardwareMonitor.exe, version: 2.4.5110.41697, time stamp: 0x520168cfFaulting module name: UsbClink.dll, version: 0.0.0.0, time stamp: 0x532b0b2eException code: 0xc0000005Fault offset: 0x00001874Faulting process id: 0x1f7cFaulting application start time: 0xCorsairLINK_HardwareMonitor.exe0Faulting application path: CorsairLINK_HardwareMonitor.exe1Faulting module path: CorsairLINK_HardwareMonitor.exe2Report Id: CorsairLINK_HardwareMonitor.exe3 Error: (07/17/2015 08:30:20 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (07/17/2015 01:27:56 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: CorsairLINK_HardwareMonitor.exe, version: 2.4.5110.41697, time stamp: 0x520168cfFaulting module name: UsbClink.dll, version: 0.0.0.0, time stamp: 0x532b0b2eException code: 0xc0000005Fault offset: 0x00001874Faulting process id: 0xae4Faulting application start time: 0xCorsairLINK_HardwareMonitor.exe0Faulting application path: CorsairLINK_HardwareMonitor.exe1Faulting module path: CorsairLINK_HardwareMonitor.exe2Report Id: CorsairLINK_HardwareMonitor.exe3 Error: (07/17/2015 01:27:55 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (07/17/2015 01:21:36 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: CorsairLINK_HardwareMonitor.exe, version: 2.4.5110.41697, time stamp: 0x520168cfFaulting module name: UsbClink.dll, version: 0.0.0.0, time stamp: 0x532b0b2eException code: 0xc0000005Fault offset: 0x00001874Faulting process id: 0x18bcFaulting application start time: 0xCorsairLINK_HardwareMonitor.exe0Faulting application path: CorsairLINK_HardwareMonitor.exe1Faulting module path: CorsairLINK_HardwareMonitor.exe2Report Id: CorsairLINK_HardwareMonitor.exe3 Error: (07/17/2015 01:21:35 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (07/17/2015 01:15:18 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: CorsairLINK_HardwareMonitor.exe, version: 2.4.5110.41697, time stamp: 0x520168cfFaulting module name: UsbClink.dll, version: 0.0.0.0, time stamp: 0x532b0b2eException code: 0xc0000005Fault offset: 0x00001874Faulting process id: 0x10bcFaulting application start time: 0xCorsairLINK_HardwareMonitor.exe0Faulting application path: CorsairLINK_HardwareMonitor.exe1Faulting module path: CorsairLINK_HardwareMonitor.exe2Report Id: CorsairLINK_HardwareMonitor.exe3 Error: (07/17/2015 01:15:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() System errors:=============Error: (07/17/2015 12:33:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Perforce service terminated unexpectedly. It has done this 1 time(s). Error: (07/17/2015 12:32:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The COMODO LPS Launcher service terminated unexpectedly. It has done this 1 time(s). Error: (07/17/2015 12:32:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The GeekBuddyRSP Server service failed to start due to the following error: %%2 Error: (07/17/2015 12:32:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )Description: The GeekBuddyRSP Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error: (07/17/2015 12:32:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )Description: The GeekBuddyRSP Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error: (07/17/2015 12:31:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )Description: The GeekBuddyRSP Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error: (07/17/2015 12:31:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/17/2015 12:31:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The COMODO Dragon Update Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/17/2015 12:30:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The DAZ Content Management Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/16/2015 11:38:46 PM) (Source: BROWSER) (EventID: 8032) (User: )Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{7080868E-95F9-4F1F-B94D-C56E65B7BC23}.The backup browser is stopping. Microsoft Office:=========================Error: (07/17/2015 08:36:29 AM) (Source: Application Error) (EventID: 1000) (User: )Description: CorsairLINK_HardwareMonitor.exe2.4.5110.41697520168cfUsbClink.dll0.0.0.0532b0b2ec000000500001874249401d0c08d314651bcC:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exeC:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll71e905df-2c80-11e5-b44c-3085a999135a Error: (07/17/2015 08:36:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (07/17/2015 08:30:21 AM) (Source: Application Error) (EventID: 1000) (User: )Description: CorsairLINK_HardwareMonitor.exe2.4.5110.41697520168cfUsbClink.dll0.0.0.0532b0b2ec0000005000018741f7c01d0c08c57a37670C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exeC:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll968c8d3b-2c7f-11e5-b44c-3085a999135a Error: (07/17/2015 08:30:20 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (07/17/2015 01:27:56 AM) (Source: Application Error) (EventID: 1000) (User: )Description: CorsairLINK_HardwareMonitor.exe2.4.5110.41697520168cfUsbClink.dll0.0.0.0532b0b2ec000000500001874ae401d0c05155855367C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exeC:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll93bf62f2-2c44-11e5-b44c-3085a999135a Error: (07/17/2015 01:27:55 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (07/17/2015 01:21:36 AM) (Source: Application Error) (EventID: 1000) (User: )Description: CorsairLINK_HardwareMonitor.exe2.4.5110.41697520168cfUsbClink.dll0.0.0.0532b0b2ec00000050000187418bc01d0c05073149dfaC:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exeC:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dllb13f921d-2c43-11e5-b44c-3085a999135a Error: (07/17/2015 01:21:35 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (07/17/2015 01:15:18 AM) (Source: Application Error) (EventID: 1000) (User: )Description: CorsairLINK_HardwareMonitor.exe2.4.5110.41697520168cfUsbClink.dll0.0.0.0532b0b2ec00000050000187410bc01d0c04f91ca1d5cC:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exeC:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dllcff1b613-2c42-11e5-b44c-3085a999135a Error: (07/17/2015 01:15:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )Description: Application: CorsairLINK_HardwareMonitor.exeFramework Version: v4.0.30319Description: The process was terminated due to an unhandled exception.Exception Info: System.AccessViolationExceptionStack: at Sierra2.Backend.HidPinvoke.hid_size() at Sierra2.Backend.Hid.get_First() at Sierra2.Backend.Usb.<InitModule>b__e() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() CodeIntegrity Errors:=================================== Date: 2014-08-02 23:45:41.913 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\tcpip.sys\538490D2274000\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-02 23:45:41.884 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\tcpip.sys\538490D2274000\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-02 23:45:41.861 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\tcpip.sys\538490D2274000\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-02 23:45:41.358 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\dumpfve.sys\530894B816000\dumpfve.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-02 23:45:41.357 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\dumpfve.sys\530894B816000\dumpfve.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-02 23:45:41.356 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\dumpfve.sys\530894B816000\dumpfve.sys because the set of per-page image hashes could not be found on the system. Date: 2013-06-04 22:21:03.782 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system. Date: 2013-06-04 22:21:03.742 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system. Date: 2013-06-04 22:21:03.703 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system. Date: 2013-06-04 22:20:22.912 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_54ffd942dc23dbc0\bcrypt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel® Core i5-2500K CPU @ 3.30GHzPercentage of memory in use: 37%Total physical RAM: 8137.53 MBAvailable physical RAM: 5108.58 MBTotal Virtual: 16273.27 MBAvailable Virtual: 11836.43 MB==================== Drives ================================Drive b: (Data) (Fixed) (Total:931.51 GB) (Free:103.2 GB) NTFSDrive c: () (Fixed) (Total:111.69 GB) (Free:3.12 GB) NTFSDrive d: (Old Data) (Fixed) (Total:465.76 GB) (Free:17.72 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive e: (Dragon.Age.Inqui) (CDROM) (Total:0.38 GB) (Free:0 GB) CDFSDrive f: (LaptopOS) (Fixed) (Total:186.3 GB) (Free:1.05 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive g: (LaptopDATA) (Fixed) (Total:254.46 GB) (Free:19.88 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: A4A94588)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS) ========================================================Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 496B9619)Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)Partition 2: (Active) - (Size=186.3 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=254.5 GB) - (Type=07 NTFS) ========================================================Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 80BAE060)Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS) ========================================================Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 39358499)Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015 Running from B:\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-831873670-1328612798-2367821417-500 - Administrator - Disabled) Dizzle (S-1-5-21-831873670-1328612798-2367821417-1000 - Administrator - Enabled) => C:\Users\Dizzle Guest (S-1-5-21-831873670-1328612798-2367821417-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-831873670-1328612798-2367821417-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Comodo Defense+ (Disabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC} FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Advanced Combat Tracker (remove only) (HKLM-x32\...\Advanced Combat Tracker) (Version: - ) Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version: - Creative Assembly) American McGee presents Scrapland (HKLM-x32\...\{20D9C678-A895-4F76-8AC2-22EDFF5F9C91}) (Version: - ) ANNO 1404 - Venice (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.01.5010 - Ubisoft) ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.03.0000 - Ubisoft) Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden Anno 1404: Venice (HKLM-x32\...\Steam App 33350) (Version: - Blue Byte) Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology) AVer MediaCenter 3D (HKLM-x32\...\InstallShield_{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}) (Version: 1.7.9 - AVerMedia Technologies, Inc.) AVer MediaCenter 3D (x32 Version: 1.7.9 - AVerMedia Technologies, Inc.) Hidden AVerMedia C027 PCIe HD Capture Device 1.52.64.37 (HKLM-x32\...\AVerMedia C027 PCIe HD Capture Device) (Version: 1.52.64.37 - AVerMedia TECHNOLOGIES, Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios) Black Mirror (HKLM-x32\...\Steam App 292930) (Version: - Future Games) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) calibre (HKLM-x32\...\{ABCDCEDE-BB81-4169-8A5B-3776D7DBCDC5}) (Version: 1.42.0 - Kovid Goyal) CameraHelperMsi (x32 Version: 13.40.836.0 - Logitech) Hidden Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo) COMODO Firewall (HKLM\...\{A0BABADE-E154-4F08-97A1-2903CD110E88}) (Version: 6.2.20728.2847 - COMODO Security Solutions Inc.) Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.6.5214 - Corsair) Corsair Link USB Dongle (Driver Removal) (HKLM-x32\...\CMIUSB&1B1C&1C00) (Version: - Corsair Memory, Inc.) D4: Dark Dreams Don't Die (HKLM-x32\...\Steam App 358090) (Version: - Access Games) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd) Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware) DAZ Content Management Service (HKLM-x32\...\DAZ Content Management Service 4.8.1.7) (Version: 4.8.1.7 - DAZ 3D) DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.0.1.115) (Version: 1.0.1.115 - DAZ 3D) Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland) Disney Toontown Online (HKLM-x32\...\Disney Toontown Online) (Version: - Walt Disney Internet Group) Distance (HKLM-x32\...\Steam App 233610) (Version: - Refract) Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden Dragon Age Inquisition (HKLM-x32\...\Dragon Age Inquisition_is1) (Version: 1.0.0.0 - Релиз от R.G. Steamgames) Dreamfall Chapters (HKLM-x32\...\Steam App 237850) (Version: - Red Thread Games) Dungeons & Dragons: Chronicles of Mystara (HKLM-x32\...\Steam App 229480) (Version: - Iron Galaxy Studios) Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation) Epic Games Launcher (HKLM\...\{8727C279-A122-40B8-8ACA-271E1809DAA5}) (Version: 1.1.23.0 - Epic Games, Inc.) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden F.E.A.R. (HKLM-x32\...\Steam App 21090) (Version: - Monolith Productions, Inc.) Fable - The Lost Chapters (HKLM-x32\...\Steam App 204030) (Version: - Lionhead Studios) Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment) FINAL FANTASY XI (HKLM-x32\...\Steam App 23390) (Version: - SQUARE ENIX, INC.) FINAL FANTASY XI Seekers of Adoulin (x32 Version: 1.50.0 - SQUARE ENIX CO., LTD.) Hidden FINAL FANTASY XI: Seekers of Adoulin (HKLM-x32\...\InstallShield_{E86A33A7-6C77-48F3-9D72-2D8F4C1AD5AC}) (Version: 1.50.0 - SQUARE ENIX CO., LTD.) FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.) Five Nights at Freddy's 2 (HKLM-x32\...\Steam App 332800) (Version: - Scott Cawthon) FUEL (HKLM-x32\...\Steam App 12800) (Version: - Asobo Studio SARL) Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games) GeekBuddy (HKLM-x32\...\{8402D61C-609B-4FA3-B86D-21868D850821}) (Version: 4.19.137 - Comodo Security Solutions Inc) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) GUILTY GEAR X2 #RELOAD (HKLM-x32\...\{6984297D-54B4-47F2-B160-D40C305756AF}) (Version: 01.00.0001 - Arc System Works Co., Ltd.) Happy Cloud Client (HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.) Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version: - IO Interactive) HP Photosmart Plus B210 series Basic Device Software (HKLM\...\{5B17980C-5C44-45D0-80A5-665FD9E776A9}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.2.0.001 - HTC Corporation) HTC Sync Manager (HKLM-x32\...\{5002C5B1-B688-474A-AB3A-9B65DBD38FF9}) (Version: 2.0.60.0 - HTC) IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - ) Intel® Network Connections 17.1.55.0 (HKLM\...\PROSetDX) (Version: 17.1.55.0 - Intel) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation) Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden Lego Harry Potter (HKLM-x32\...\Steam App 21130) (Version: - TT Games) LEGO® Worlds (HKLM-x32\...\Steam App 332310) (Version: - TT Games) Livestream Procaster (HKLM-x32\...\{68E4C751-272B-44E1-94C7-4E1FDC40F7DA}) (Version: 20.3.25 - Procaster) Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version: - ) LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.40 - Logitech Inc.) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.236 - LogMeIn, Inc.) Hidden LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Mercenary Kings (HKLM-x32\...\Steam App 218820) (Version: - Tribute Games Inc.) METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version: - Kojima Productions) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation) Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio Premium 2012 (HKLM-x32\...\{ddf0bb95-e254-447e-8472-3470057d9c7e}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation) Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation) Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig) Mumble 1.3.0 (HKLM\...\{C1F5A0BB-2117-4609-90A0-D42DD66A3AE3}) (Version: 1.3.0 - The Mumble team) NiGHTS into Dreams... (HKLM-x32\...\Steam App 219950) (Version: - SEGA) Nosgoth (HKLM-x32\...\Steam App 200110) (Version: - Psyonix) NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation) NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation) NVIDIA Graphics Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Outlast (HKLM-x32\...\Steam App 238320) (Version: - Red Barrels) Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - ) PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version: - Mine Loader Software Co., Ltd.) Passing Pineview Forest (HKLM-x32\...\Steam App 331120) (Version: - VIS - Visual Imagination Software) PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - ) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Perforce Server Components (HKLM\...\{E320C837-5868-411C-B0B6-BDB74BFD628D}) (Version: 122.55.1823 - Perforce Software) Perforce Visual Components (HKLM\...\{C9C04584-E48A-41D9-A069-85E4C309DA9B}) (Version: 122.52.8133 - Perforce Software) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.) Resident Evil 5 (HKLM-x32\...\Steam App 21690) (Version: - Capcom) Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) <==== ATTENTION! Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition) SDK Debuggers (x32 Version: 8.59.29746 - Microsoft Corporation) Hidden SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version: - ) SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) Sniper Ghost Warrior 2 (HKLM-x32\...\Steam App 34870) (Version: - City Interactive) Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital) Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform) Split/Second (HKLM-x32\...\Steam App 297860) (Version: - Black Rock Studio) Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version: - BioWare) Starbound (HKLM-x32\...\Steam App 211820) (Version: - ) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) TeamSpeak 3 Client (HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH) TERA (HKLM-x32\...\{A2S166A0-F031-4E27-A057-C69733219434}_is1) (Version: 19.04.02.03.hf3 - Gameforge Productions GmbH) TERA (HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\teraenmasse) (Version: - ) The Secret World (HKLM-x32\...\Steam App 215280) (Version: - Funcom) Toybox Turbos (HKLM-x32\...\Steam App 287260) (Version: - Codemasters) Transmission-Qt (HKLM-x32\...\8538E49A-6FE5-4FDB-8649-922BB839F21F) (Version: 2.77 - transmissionbt.com) Trillian (HKLM-x32\...\Trillian) (Version: - Cerulean Studios, LLC) Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) Unreal Development Kit: 2013-07 (HKLM\...\UDK-8b67ad02-5d78-45bc-aee2-6ffdf9a24bf1) (Version: - Epic Games, Inc.) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Valkyria Chronicles™ (HKLM-x32\...\Steam App 294860) (Version: - SEGA) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Wanderlust: Rebirth (HKLM-x32\...\Steam App 211580) (Version: - Yeti Trunk) WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation) WildStar (HKLM-x32\...\WildStar) (Version: - NCSOFT) Windower (HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Windower) (Version: 4.0.0.0 - Windower Team) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) XSplit Broadcaster (HKLM-x32\...\{6459F338-FE52-4034-BCA7-74772DA0F24D}) (Version: 1.3.1403.1202 - SplitMediaLabs) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 08-07-2015 08:27:09 Windows Update 11-07-2015 12:07:16 Windows Update 15-07-2015 03:00:27 Windows Update 16-07-2015 03:00:21 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {170BA68F-54E9-4049-AF4A-C9A013F8A127} - System32\Tasks\{6711B8B4-95FB-4B77-BE0E-1C90BA227CE4} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/en/go/help.faq.installer?source=lightinstaller&LastError=1603 Task: {472A178E-B0F2-4AD0-8B2B-4F34A823FFED} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe Task: {5016A974-3F87-4AAD-A48C-648048F180D1} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe [2014-04-11] () Task: {534305C1-87EE-4E1B-8D1C-65492FB4CD2E} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-01-30] (COMODO) Task: {5F804C1E-284F-495E-811B-0F9FF8C8EA16} - System32\Tasks\{8B04A503-2D21-45AE-90F6-B43A22640F80} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/en/go/help.faq.installer?source=lightinstaller&LastError=1603 Task: {658BD800-814B-45A1-BF7E-72EA6EEDB3A6} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-01-30] (COMODO) Task: {7534948D-3533-43DF-AC0F-21A8A20816F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-27] (Google Inc.) Task: {7DDE16C2-A988-44C4-BB64-E8AC9558C811} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe Task: {82756ACE-B82E-4380-9DCB-1A9592BDF8B4} - System32\Tasks\{7FDC376D-4F77-4A5F-BF0A-89231E4AE9B2} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/en/go/help.faq.installer?source=lightinstaller&LastError=1603 Task: {8752F403-B560-495D-8C8B-FBDFFB12F8FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-15] (Adobe Systems Incorporated) Task: {88379660-06F8-4707-8CBB-6B4569EDE367} - System32\Tasks\Start CorsairLINK Hardware Monitor => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exe [2013-08-06] (Corsair Components, Inc.) Task: {8D88D503-AA77-47C6-BBCD-3C1F0723DACD} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe Task: {9BB86C39-FFC5-489E-8562-2A37099B29F1} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-01-30] (COMODO) Task: {A4377106-E965-4191-89B7-63049738C85E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated) Task: {A9A11509-8221-49FE-AB2F-94FD54BEE7C0} - System32\Tasks\AdobeAAMUpdater-1.0-Bubuputer-Dizzle => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {A9C5F716-8977-478A-B2E0-086C5E6E8AF5} - System32\Tasks\{D3D7B18F-963D-4FB0-B551-AEFFCE08815F} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/en/go/help.faq.installer?source=lightinstaller&LastError=1603 Task: {C23E9A0B-1F30-4DEC-8557-70916DBC0572} - System32\Tasks\{FA51CEC3-541C-4125-B535-1D5906172B0C} => Firefox.exe http://ui.skype.com/ui/0/6.6.60.106/en/abandoninstall?page=tsMain Task: {D2019788-B40D-4D9C-8D88-289CE5D7C4D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-27] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-07-02 16:12 - 2015-06-17 02:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-03-10 15:20 - 2011-04-01 22:52 - 00403456 _____ () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe 2013-03-10 15:20 - 2010-01-06 03:43 - 00155648 _____ () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe 2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2013-03-10 15:20 - 2012-06-10 02:33 - 00053248 _____ () C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL 2015-07-02 16:13 - 2015-06-17 05:10 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2013-03-12 17:10 - 2015-04-16 13:40 - 00776192 _____ () B:\Program Files (x86)\Steam\SDL2.dll 2015-01-31 12:44 - 2015-04-22 22:16 - 04962816 _____ () B:\Program Files (x86)\Steam\v8.dll 2015-01-31 12:44 - 2015-04-22 22:16 - 01556992 _____ () B:\Program Files (x86)\Steam\icui18n.dll 2015-01-31 12:44 - 2015-04-22 22:16 - 01187840 _____ () B:\Program Files (x86)\Steam\icuuc.dll 2014-05-24 18:32 - 2015-06-04 14:56 - 02407104 _____ () B:\Program Files (x86)\Steam\video.dll 2014-08-29 18:09 - 2014-12-01 17:31 - 02396672 _____ () B:\Program Files (x86)\Steam\libavcodec-56.dll 2014-08-29 18:09 - 2014-12-01 17:31 - 00442880 _____ () B:\Program Files (x86)\Steam\libavutil-54.dll 2014-08-29 18:09 - 2014-12-01 17:31 - 00479744 _____ () B:\Program Files (x86)\Steam\libavformat-56.dll 2014-08-29 18:09 - 2014-12-01 17:31 - 00332800 _____ () B:\Program Files (x86)\Steam\libavresample-2.dll 2014-08-29 18:09 - 2014-12-01 17:31 - 00485888 _____ () B:\Program Files (x86)\Steam\libswscale-3.dll 2013-02-25 08:39 - 2015-06-04 14:56 - 00703168 _____ () B:\Program Files (x86)\Steam\bin\chromehtml.DLL 2011-11-11 15:08 - 2011-11-11 15:08 - 02145304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll 2011-11-11 15:08 - 2011-11-11 15:08 - 07956504 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll 2011-11-11 15:08 - 2011-11-11 15:08 - 00342552 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll 2011-11-11 15:08 - 2011-11-11 15:08 - 00029208 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll 2011-11-11 15:08 - 2011-11-11 15:08 - 00128536 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll 2013-02-19 12:48 - 2015-05-11 15:01 - 36302728 _____ () B:\Program Files (x86)\Steam\bin\libcef.dll 2013-05-17 12:22 - 2013-05-17 12:22 - 00030056 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll 2013-05-17 12:22 - 2013-05-17 12:22 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll 2013-05-17 12:22 - 2013-05-17 12:22 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll 2013-05-17 12:22 - 2013-05-17 12:22 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll 2013-05-17 12:23 - 2013-05-17 12:23 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll 2013-05-17 12:27 - 2013-05-17 12:27 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll 2014-10-18 05:19 - 2014-10-18 05:19 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll 2013-03-06 02:15 - 2012-02-01 17:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvapi64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvaudcap64v.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvcuda.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvcuvid.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvd3dumx.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvdispco6435330.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvdispgenco6435330.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvEncodeAPI64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\NvFBC64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvhdagenco6420103.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvhdap64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\NvIFR64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\NvIFROpenGL.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvinitx.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvoglshim64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvoglv64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvopencl.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvumdshimx.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvvsvc.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvwgf2umx.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\OpenCL.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdvidcrl.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wksprt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvaudcap32v.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvcompiler.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvcuda.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvcuvid.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvd3dum.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvEncodeAPI.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\NvFBC.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\NvIFR.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\NvIFROpenGL.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvinit.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvoglshim32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvoglv32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvopencl.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvStreaming.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvumdshim.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nvwgf2um.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rdvidcrl.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\amdkmpfd.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\MpFilter.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\NisDrvWFP.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\nvhda64v.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\nvlddmkm.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\nvvad64v.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\033115wo.mp3:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150610_100525.png:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150614_031108(1).png:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150614_031108(1).png:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150614_031108.png:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150614_031108.png:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150615_175619.png:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150615_175619.png:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150618_162440.png:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150619_183529.png:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\20150619_183529.png:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Adoption Application.fb:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\EpicGamesLauncherInstaller-2.0.0-2465596.msi:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\EpicGamesLauncherInstaller-2.0.0-2465596.msi:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\fceux-2.2.2-win32.zip:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Gw2Setup.exe:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\Gw2Setup.exe:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0098.jpg:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0105(1).jpg:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0105(1).jpg:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0105.jpg:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0105.jpg:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0130.jpg:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0130.jpg:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\photo_1431877536842.jpg:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Screenshot_2015-04-27-15-43-28.png:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Screenshot_2015-06-19-09-27-15.png:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\Screenshot_2015-06-19-09-27-15.png:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\SkypeSetup(1).exe:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\SkypeSetup(1).exe:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Stone Cold Mania 31 Unused Entrance (360p).mp4:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\Stone Cold Mania 31 Unused Entrance (360p).mp4:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Takeshi's Challenge.nes:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Takeshi's Challenge.nes.part:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\Untitled.webm:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\Untitled.webm:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\vine.mp4:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Warcraft Movie Trailer from Comic-Con (Leaked) (360p).mp4:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\watching a shitposter.gif:$CmdZnID AlternateDataStreams: C:\Users\Dizzle\Downloads\Zodiac.Glass.exe:$CmdTcID AlternateDataStreams: C:\Users\Dizzle\Downloads\Zodiac.Glass.exe:$CmdZnID ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-831873670-1328612798-2367821417-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dizzle\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.254 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

Hello, I was referred to this forum from here: https://forums.malwarebytes.org/index.php?/topic/170594-your-system-is-not-fully-protected-with-premium-license/ Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015Running from B:\DownloadsPlatform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: FF)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe(Valve Corporation) B:\Program Files (x86)\Steam\Steam.exe(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe(Microsoft Corporation) C:\Windows\System32\StikyNot.exe(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Microsoft Corporation) C:\Windows\System32\cmd.exe(Valve Corporation) B:\Program Files (x86)\Steam\bin\steamwebhelper.exe(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.201.1937.0.exe(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297624 2015-01-30] (COMODO)HKLM\...\Run: [intelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-07-02] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => "B:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-startHKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)HKLM-x32\...\Run: [tvncontrol] => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slaveHKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-07-14] (Oracle Corporation)HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [steam] => "B:\Program Files (x86)\Steam\steam.exe" -silentHKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [AdobeBridge] => [X]HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [HP Photosmart Plus B210 series (NET)] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [speccy] => C:\Program Files\Speccy\Speccy64.exe [6903064 2014-04-11] (Piriform Ltd)HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-29] (Skype Technologies S.A.)HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\MountPoints2: H - H:\HTC_Sync_Manager_PC.exeHKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\MountPoints2: {7bb8d282-d110-11e2-862f-3085a999135a} - G:\HTC_Sync_Manager_PC.exeHKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\MountPoints2: {d41bb265-16a5-11e4-a8eb-3085a999135a} - H:\HTC_Sync_Manager_PC.exeHKU\S-1-5-21-831873670-1328612798-2367821417-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2013-03-10]ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2013-03-10]ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2013-07-19]ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)ShellIconOverlayIdentifiers: [P4EXPCheckoutOverlay] -> {80E008A4-EAE7-4867-AEB0-1A245F070F25} => B:\Program Files\Perforce\p4exp64.dll [2012-09-24] (Perforce Software Inc.)ShellIconOverlayIdentifiers: [P4EXPSyncdOverlay] -> {ADF262C1-E8FE-49BE-AD63-F77CD4A6CCD9} => B:\Program Files\Perforce\p4exp64.dll [2012-09-24] (Perforce Software Inc.)ShellIconOverlayIdentifiers: [P4EXPUpdateOverlay] -> {C550CDA2-37D7-4838-A9D7-65ECB1EB5AB2} => B:\Program Files\Perforce\p4exp64.dll [2012-09-24] (Perforce Software Inc.)ShellIconOverlayIdentifiers-x32: [P4EXPCheckoutOverlay] -> {80E008A4-EAE7-4867-AEB0-1A245F070F25} => B:\Program Files\Perforce\p4exp.dll [2012-09-24] (Perforce Software Inc.)ShellIconOverlayIdentifiers-x32: [P4EXPSyncdOverlay] -> {ADF262C1-E8FE-49BE-AD63-F77CD4A6CCD9} => B:\Program Files\Perforce\p4exp.dll [2012-09-24] (Perforce Software Inc.)ShellIconOverlayIdentifiers-x32: [P4EXPUpdateOverlay] -> {C550CDA2-37D7-4838-A9D7-65ECB1EB5AB2} => B:\Program Files\Perforce\p4exp.dll [2012-09-24] (Perforce Software Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-831873670-1328612798-2367821417-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehpBHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-14] (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-14] (Oracle Corporation)Tcpip\Parameters: [DhcpNameServer] 192.168.1.254Tcpip\..\Interfaces\{4CFF9ACD-4148-48D2-8608-1C80DEEAAA3A}: [NameServer] 156.154.70.22,156.154.71.22Tcpip\..\Interfaces\{7080868E-95F9-4F1F-B94D-C56E65B7BC23}: [DhcpNameServer] 192.168.1.254Tcpip\..\Interfaces\{BAFDD336-E8D6-4706-98F8-D40E24003D6B}: [DhcpNameServer] 7.254.254.254 FireFox:========FF ProfilePath: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.defaultFF DefaultSearchEngine.US: GoogleFF SelectedSearchEngine: Ixquick HTTPSFF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-14] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-14] (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-02] (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-02] (NVIDIA Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)FF Plugin HKU\S-1-5-21-831873670-1328612798-2367821417-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)FF Plugin HKU\S-1-5-21-831873670-1328612798-2367821417-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-12-28] ()FF SearchPlugin: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\searchplugins\ixquick-https.xml [2015-07-16]FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\donottrackplus@abine.com [2014-01-23]FF Extension: Firefogg - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\firefogg@firefogg.org [2015-02-06]FF Extension: MaskMe - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\idme@abine.com [2015-06-06]FF Extension: Shumway - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\shumway@research.mozilla.org [2015-07-15]FF Extension: FT DeepDark - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-06-28]FF Extension: Disconnect - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\2.0@disconnect.me.xpi [2014-04-27]FF Extension: Firebug - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\firebug@software.joehewitt.com.xpi [2013-06-19]FF Extension: MEGA - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\firefox@mega.co.nz.xpi [2015-02-12]FF Extension: Test Pilot - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-05-01]FF Extension: NoScript - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-09-25]FF Extension: Abduction! - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi [2014-06-24]FF Extension: Adblock Plus - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-07] Chrome: =======CHR Profile: C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-27]CHR Extension: (Google Drive) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-27]CHR Extension: (YouTube) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-27]CHR Extension: (Adblock Plus) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-06]CHR Extension: (Google Search) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-27]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-06]CHR Extension: (Google Wallet) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-27]CHR Extension: (Gmail) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-27] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [348160 2011-01-29] (AVerMedia) [File not signed]R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2015-01-30] (COMODO)S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2015-01-30] (COMODO)S2 DAZContentManagementService; B:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [22528 2011-05-05] () [File not signed]S2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-07-02] (NVIDIA Corporation)R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-07-16] (Malwarebytes Corporation)S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-07-16] (Malwarebytes Corporation)R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-07-02] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-07-02] (NVIDIA Corporation)R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]S2 Perforce; B:\Program Files\Perforce\Server\p4s.exe [3455104 2012-11-09] (Perforce Software Inc.)S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]S3 TunngleService; B:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)S2 CLPSLauncher; "C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe" [X]S2 GeekBuddyRSP; "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service [X]S2 Hamachi2Svc; "B:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2015-04-23] (Advanced Micro Devices, Inc.)R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-03-09] ()R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2015-01-30] (COMODO)R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [792648 2015-01-30] (COMODO)R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45880 2015-01-30] (COMODO)R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-09] (DT Soft Ltd)R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [104608 2015-01-30] (COMODO)R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-03-09] ()S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-07-16] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-17] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-07-16] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-05-14] (Microsoft Corporation)R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-05-14] (Microsoft Corporation)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-07-02] (NVIDIA Corporation)R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)R3 TRIDCap; C:\Windows\System32\DRIVERS\AVerTM62_x64.sys [1074048 2012-11-22] (AVerMedia TECHNOLOGIES, Inc. )S3 VSPerfDrv110; \??\B:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] ()R3 WinRing0_1_2_0; C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.sys [14544 2015-07-16] (OpenLibSys.org)R3 cpuz136; \??\C:\Users\Dizzle\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]S3 SysInfo; \??\C:\Windows\system32\drivers\SysInfo.sys [X]S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-17 08:40 - 2015-07-17 08:40 - 00000000 ____D C:\FRST2015-07-16 22:49 - 2015-07-17 08:29 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-07-16 22:49 - 2015-07-16 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-07-16 22:48 - 2015-07-16 22:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware2015-07-16 22:48 - 2015-07-16 22:48 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2015-07-16 22:48 - 2015-07-16 22:48 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2015-07-16 22:48 - 2015-07-16 22:48 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2015-07-16 22:48 - 2015-07-16 22:48 - 00000000 ____D C:\ProgramData\Malwarebytes2015-07-16 22:22 - 2015-07-16 22:22 - 00000000 ____D C:\Users\Dizzle\Desktop\Configuration2015-07-16 00:31 - 2015-07-16 00:31 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\NVIDIA2015-07-16 00:31 - 2015-07-16 00:31 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\mpv2015-07-15 23:59 - 2015-07-15 23:59 - 00000196 _____ C:\Users\Dizzle\.swfinfo2015-07-15 23:55 - 2015-07-15 23:56 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\livestreamer2015-07-15 21:03 - 2015-07-15 21:03 - 00000000 ____D C:\Users\Dizzle\AppData\Local\CEF2015-07-15 19:51 - 2015-07-15 19:52 - 13245712 _____ C:\Users\Dizzle\Downloads\Warcraft Movie Trailer from Comic-Con (Leaked) (360p).mp42015-07-14 21:18 - 2015-07-14 21:18 - 00000000 _____ C:\Windows\system32\RENF046.tmp2015-07-14 18:52 - 2015-07-14 18:52 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-07-14 18:52 - 2015-07-14 18:52 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2015-07-14 18:52 - 2015-07-14 18:52 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2015-07-14 18:52 - 2015-07-14 18:52 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2015-07-14 18:52 - 2015-07-14 18:52 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll2015-07-14 18:52 - 2015-07-14 18:52 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe2015-07-14 18:52 - 2015-07-14 18:52 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe2015-07-14 18:52 - 2015-07-14 18:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe2015-07-14 18:52 - 2015-07-14 18:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll2015-07-14 18:52 - 2015-07-14 18:52 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll2015-07-14 18:51 - 2015-07-14 18:51 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-07-14 18:51 - 2015-07-14 18:51 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-07-14 18:51 - 2015-07-14 18:51 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-07-14 18:51 - 2015-07-14 18:51 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-07-14 18:51 - 2015-07-14 18:51 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-07-14 18:51 - 2015-07-14 18:51 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-07-14 18:51 - 2015-07-14 18:51 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-07-14 18:51 - 2015-07-14 18:51 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-07-14 18:51 - 2015-07-14 18:51 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2015-07-14 18:51 - 2015-07-14 18:51 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2015-07-14 18:51 - 2015-07-02 17:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2015-07-14 18:51 - 2015-07-02 16:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2015-07-14 18:49 - 2015-07-14 18:49 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-07-14 18:49 - 2015-07-14 18:49 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2015-07-14 18:49 - 2015-07-14 18:49 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2015-07-14 18:49 - 2015-07-14 18:49 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2015-07-14 18:49 - 2015-07-14 18:49 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2015-07-14 18:49 - 2015-07-14 18:49 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2015-07-14 18:49 - 2015-07-14 18:49 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2015-07-14 18:49 - 2015-07-14 18:49 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2015-07-14 18:49 - 2015-07-14 18:49 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2015-07-14 18:49 - 2015-07-14 18:49 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2015-07-14 18:49 - 2015-07-14 18:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2015-07-14 18:49 - 2015-07-14 18:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2015-07-14 18:49 - 2015-06-20 15:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2015-07-14 18:49 - 2015-06-19 14:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2015-07-14 18:47 - 2015-07-14 18:47 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2015-07-14 18:47 - 2015-07-14 18:47 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll2015-07-14 18:47 - 2015-07-14 18:47 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll2015-07-14 18:47 - 2015-07-14 18:47 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll2015-07-14 18:47 - 2015-07-14 18:47 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe2015-07-14 18:47 - 2015-07-14 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll2015-07-14 18:47 - 2015-07-14 18:47 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll2015-07-14 18:46 - 2015-07-14 18:46 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll2015-07-14 18:46 - 2015-07-14 18:46 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll2015-07-14 18:46 - 2015-07-14 18:46 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2015-07-14 18:46 - 2015-07-14 18:46 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys2015-07-14 18:46 - 2015-07-14 18:46 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys2015-07-14 18:46 - 2015-07-14 18:46 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2015-07-14 18:46 - 2015-07-14 18:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys2015-07-14 18:46 - 2015-07-14 18:46 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe2015-07-14 18:46 - 2015-07-14 18:46 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe2015-07-14 18:46 - 2015-07-14 18:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2015-07-14 18:46 - 2015-07-14 18:46 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe2015-07-14 18:46 - 2015-07-14 18:46 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe2015-07-14 18:46 - 2015-07-14 18:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe2015-07-14 18:46 - 2015-07-14 18:46 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2015-07-14 18:46 - 2015-07-14 18:46 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe2015-07-14 18:46 - 2015-07-14 18:46 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll2015-07-14 18:46 - 2015-07-14 18:46 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll2015-07-05 02:03 - 2015-07-05 11:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2015-07-02 16:20 - 2015-07-02 16:20 - 00000000 ____D C:\Users\Dizzle\AppData\Local\NVIDIA Corporation2015-07-02 16:13 - 2015-07-02 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation2015-07-02 16:13 - 2015-07-02 16:13 - 00001377 _____ C:\Users\Public\Desktop\GeForce Experience.lnk2015-07-02 16:13 - 2015-07-02 16:13 - 00000000 ____D C:\Users\Dizzle\AppData\Local\NVIDIA2015-07-02 16:13 - 2015-06-17 05:10 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll2015-07-02 16:13 - 2015-06-17 05:10 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll2015-07-02 16:13 - 2015-06-17 05:10 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll2015-07-02 16:13 - 2015-06-17 05:10 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll2015-07-02 16:12 - 2015-07-02 16:13 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation2015-07-02 16:12 - 2015-07-02 16:12 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe2015-07-02 16:12 - 2015-07-02 16:12 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe2015-07-02 16:12 - 2015-07-02 16:12 - 00112784 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll2015-07-02 16:12 - 2015-07-02 16:12 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll2015-07-02 16:12 - 2015-06-17 02:48 - 06873232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll2015-07-02 16:12 - 2015-06-17 02:48 - 03492168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll2015-07-02 16:12 - 2015-06-17 02:48 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll2015-07-02 16:12 - 2015-06-17 02:48 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll2015-07-02 16:12 - 2015-06-17 02:48 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll2015-07-02 16:12 - 2015-06-02 10:11 - 04421614 _____ C:\Windows\system32\nvcoproc.bin2015-07-02 16:11 - 2015-07-02 16:20 - 00000000 ____D C:\ProgramData\NVIDIA Corporation2015-07-02 16:11 - 2015-07-02 16:12 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll2015-07-02 16:11 - 2015-07-02 16:12 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2015-07-02 16:11 - 2015-07-02 16:12 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2015-07-02 16:11 - 2015-07-02 16:12 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll2015-07-02 16:11 - 2015-07-02 16:12 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2015-07-02 16:11 - 2015-07-02 16:12 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2015-07-02 16:11 - 2015-07-02 16:12 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2015-07-02 16:11 - 2015-07-02 16:12 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2015-07-02 16:11 - 2015-07-02 16:12 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2015-07-02 16:11 - 2015-07-02 16:12 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll2015-07-02 16:11 - 2015-07-02 16:12 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2015-07-02 16:11 - 2015-07-02 16:12 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2015-07-02 16:11 - 2015-07-02 16:12 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll2015-07-02 16:11 - 2015-07-02 16:12 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll2015-07-02 16:11 - 2015-07-02 16:12 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2015-07-02 16:11 - 2015-07-02 16:12 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2015-07-02 16:11 - 2015-07-02 16:12 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll2015-07-02 16:11 - 2015-07-02 16:12 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll2015-07-02 16:11 - 2015-07-02 16:12 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll2015-07-02 16:11 - 2015-07-02 16:12 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll2015-07-02 16:11 - 2015-07-02 16:12 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2015-07-02 16:11 - 2015-07-02 16:12 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00408392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys2015-07-02 16:11 - 2015-07-02 16:12 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00061616 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll2015-07-02 16:11 - 2015-07-02 16:12 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys2015-07-02 16:11 - 2015-07-02 16:12 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll2015-07-02 16:11 - 2015-07-02 16:11 - 00000000 ____D C:\ProgramData\boost_interprocess2015-07-02 16:11 - 2015-06-17 05:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll2015-07-02 16:11 - 2015-06-17 05:10 - 00030966 _____ C:\Windows\system32\nvinfo.pb2015-07-02 16:10 - 2015-07-02 16:13 - 00000000 ____D C:\Program Files\NVIDIA Corporation2015-07-02 16:10 - 2015-07-02 16:10 - 00000000 ____D C:\NVIDIA2015-07-02 16:05 - 2015-07-16 22:47 - 00000000 ____D C:\ProgramData\NVIDIA2015-06-28 10:02 - 2015-07-15 18:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk2015-06-28 10:02 - 2015-07-15 18:03 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task2015-06-28 10:02 - 2015-06-28 10:02 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk2015-06-25 00:50 - 2015-06-25 00:50 - 00005690 _____ C:\Users\Dizzle\Documents\my letter.txt2015-06-23 20:53 - 2015-06-23 20:53 - 00273224 _____ C:\Windows\Minidump\062315-30685-01.dmp2015-06-22 21:02 - 2015-07-02 15:31 - 00207872 _____ (Power Admin LLC) C:\Windows\PAExec.exe2015-06-22 21:00 - 2015-06-22 21:00 - 00000000 ____D C:\Windows\pss2015-06-17 09:02 - 2015-06-17 09:02 - 00277352 _____ C:\Windows\Minidump\061715-23088-01.dmp ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-17 08:40 - 2013-03-06 11:52 - 01178966 _____ C:\Windows\WindowsUpdate.log2015-07-17 08:36 - 2013-12-19 08:31 - 00000021 _____ C:\Users\Dizzle\AppData\Roaming\config_data.dat2015-07-17 08:36 - 2013-04-24 17:58 - 00000000 ____D C:\Users\Dizzle\AppData\Local\CrashDumps2015-07-17 08:34 - 2009-07-14 00:45 - 00027360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-07-17 08:34 - 2009-07-14 00:45 - 00027360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-07-17 08:29 - 2014-11-12 09:23 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2015-07-17 08:29 - 2014-06-27 19:17 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-07-17 08:29 - 2013-03-06 08:58 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\Skype2015-07-16 23:45 - 2014-06-27 19:17 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-07-16 22:53 - 2009-07-14 01:13 - 00925702 _____ C:\Windows\system32\PerfStringBackup.INI2015-07-16 22:50 - 2013-03-10 15:48 - 00000000 ____D C:\Users\Dizzle\AppData\Local\LogMeIn Hamachi2015-07-16 22:48 - 2013-06-09 12:49 - 00000000 ____D C:\Users\Dizzle\AppData\Local\HTC MediaHub2015-07-16 22:48 - 2009-07-14 00:51 - 00139377 _____ C:\Windows\setupact.log2015-07-16 22:47 - 2010-11-20 23:47 - 00220104 _____ C:\Windows\PFRO.log2015-07-16 22:47 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2015-07-16 22:25 - 2014-10-05 03:31 - 00000000 ___RD C:\Program Files (x86)\Skype2015-07-16 22:25 - 2013-03-06 08:57 - 00000000 ____D C:\ProgramData\Skype2015-07-16 22:24 - 2014-06-13 02:00 - 00000000 ____D C:\Users\Dizzle\AppData\Local\Adobe2015-07-16 03:00 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX2015-07-16 03:00 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\system32\GWX2015-07-16 00:31 - 2013-03-10 15:12 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\vlc2015-07-15 23:59 - 2013-03-06 19:54 - 00000000 ____D C:\Users\Dizzle2015-07-15 23:40 - 2014-06-27 19:17 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-07-15 23:40 - 2014-06-27 19:17 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-07-15 23:29 - 2014-10-28 22:24 - 00000000 ____D C:\Users\Dizzle\AppData\Local\Battle.net2015-07-15 18:31 - 2013-03-06 20:38 - 00000000 ____D C:\Users\Dizzle\Documents\My Games2015-07-15 06:07 - 2014-08-14 04:00 - 00000000 ____D C:\Windows\rescache2015-07-15 03:24 - 2009-07-14 00:45 - 00276624 _____ C:\Windows\system32\FNTCACHE.DAT2015-07-15 03:23 - 2014-12-11 04:15 - 00000000 ____D C:\Windows\system32\appraiser2015-07-15 03:23 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel2015-07-15 03:23 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions2015-07-15 03:04 - 2013-07-29 03:00 - 00000000 ____D C:\Windows\system32\MRT2015-07-15 03:00 - 2013-03-05 22:05 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2015-07-14 21:18 - 2014-10-26 10:53 - 00000000 ____D C:\Program Files (x86)\Java2015-07-14 21:18 - 2014-06-29 19:46 - 00000000 ____D C:\ProgramData\Oracle2015-07-14 20:29 - 2014-10-26 10:53 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2015-07-14 20:28 - 2014-11-12 09:23 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater2015-07-14 20:28 - 2013-03-08 19:39 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2015-07-14 20:28 - 2013-03-08 19:39 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2015-07-14 18:29 - 2014-06-27 19:18 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk2015-07-12 11:42 - 2013-11-16 15:58 - 00024576 ___SH C:\Users\Dizzle\Documents\Thumbs.db2015-07-06 08:41 - 2010-11-20 23:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2015-07-05 11:01 - 2013-03-08 19:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service2015-07-02 16:19 - 2013-03-06 19:54 - 00000000 ____D C:\Users\Dizzle\AppData\Local\VirtualStore2015-07-02 16:12 - 2013-06-09 12:47 - 00000000 ____D C:\Temp2015-07-02 16:12 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Help2015-06-28 10:01 - 2013-03-31 15:12 - 00000000 ____D C:\Program Files (x86)\Adobe2015-06-28 10:01 - 2013-03-08 19:39 - 00000000 ____D C:\ProgramData\Adobe2015-06-28 00:54 - 2014-08-17 21:40 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\OBS2015-06-23 20:53 - 2013-03-06 19:54 - 00000000 ____D C:\Windows\Minidump2015-06-23 19:09 - 2015-06-09 18:08 - 00006656 _____ C:\Windows\system32\lpcio.dll2015-06-23 08:48 - 2014-05-28 23:17 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\Raptr2015-06-23 08:48 - 2014-05-28 23:17 - 00000000 ____D C:\Program Files (x86)\Raptr2015-06-22 21:43 - 2013-03-06 20:14 - 00000000 ____D C:\ProgramData\Package Cache2015-06-22 20:07 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD ==================== Files in the root of some directories ======= 2015-02-27 19:12 - 2015-02-27 19:13 - 56568640 _____ () C:\Users\Dizzle\AppData\Roaming\Advanced Combat Tracker.zip2013-12-19 08:31 - 2015-07-17 08:36 - 0000021 _____ () C:\Users\Dizzle\AppData\Roaming\config_data.dat2013-03-05 20:08 - 2013-03-05 20:08 - 0000017 _____ () C:\Users\Dizzle\AppData\Local\resmon.resmoncfg2008-02-05 15:28 - 2008-02-05 15:28 - 0000051 _____ () C:\Users\Dizzle\AppData\Local\setup.txt2015-03-16 08:07 - 2015-03-16 08:07 - 0000000 _____ () C:\Users\Dizzle\AppData\Local\{00E698F6-1CDC-4623-863D-8908F2D6149C}2015-03-25 08:38 - 2015-03-25 08:38 - 0000000 _____ () C:\Users\Dizzle\AppData\Local\{5666E3A9-7AA4-4B28-8896-22E2EEFB3BD6}2015-05-03 09:59 - 2015-05-03 09:59 - 0000000 _____ () C:\Users\Dizzle\AppData\Local\{9834506B-3318-454E-B080-613FEB23F057}2015-03-27 08:40 - 2015-03-27 08:40 - 0000000 _____ () C:\Users\Dizzle\AppData\Local\{E894F7C8-5041-4DCD-8A84-EBE44E37AAF3}2014-03-27 15:01 - 2014-03-27 15:01 - 0000057 _____ () C:\ProgramData\Ament.ini Some files in TEMP:====================C:\Users\Dizzle\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exeC:\Users\Dizzle\AppData\Local\Temp\AutoDetectUtilApp.exeC:\Users\Dizzle\AppData\Local\Temp\Gw2.exeC:\Users\Dizzle\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exeC:\Users\Dizzle\AppData\Local\Temp\jre-8u40-windows-au.exeC:\Users\Dizzle\AppData\Local\Temp\jre-8u45-windows-au.exeC:\Users\Dizzle\AppData\Local\Temp\qc_e3f0f3ef_27e6_4ca8_8a7c_a3d761aa54bb_64.exeC:\Users\Dizzle\AppData\Local\Temp\raptrpatch.exeC:\Users\Dizzle\AppData\Local\Temp\raptr_stub.exeC:\Users\Dizzle\AppData\Local\Temp\speccycpuid.dllC:\Users\Dizzle\AppData\Local\Temp\vlc-2.2.1-win32.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-13 03:15 ==================== End of log ============================ FRST.txt Addition.txt

Thanks for your reply. The logs are attached. FRST.txt Addition.txt CheckResults.txt

So I am have the issue where I cannot get rid of the "Your system is not fully protected" message. Clicking "Fix Now" does nothing. My License information says "Malwarebytes Anit-Malware Preimum" State: Licensed Duration: Lifetime However on the Dashboard under "Real-Time Protection" it says "Available with Malwarebytes Anti-Malware Premium" The program seems to indicate I both do and do not have a premium license so I have no idea what to do. I've already done the clean and re-install process described here: https://forums.malwarebytes.org/index.php?/topic/146017-mbam-clean-removal-process-2x/ How do I enable Real-Time Protection? Here is what I see: