Jump to content

Recommended Posts

Hey MB,

I got this Virus? today and now I can't use google :(
I hope we(You guys) can find the problem

FRST.txt
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-01-2015
Ran by Brian (administrator) on ADMIN on 06-01-2015 20:10:59
Running from C:\Users\admin\Desktop
Loaded Profile: Brian (Available profiles: Brian)
Platform: Windows 8.1 Enterprise (X64) OS Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Users\admin\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
() C:\Windows\System32\PnkBstrA.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Windows\SysWOW64\PnkBstrB.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Razer, Inc.) C:\Users\admin\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Spotify Ltd) C:\Users\admin\AppData\Roaming\Spotify\spotify.exe
() C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe
() C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_encoder_server64-90652.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [updReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [sound Blaster Recon3D PCIe Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [KrakenLauncher] => C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe [1486128 2014-06-12] (Razer Inc)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [QuickTime Task] => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\Run: [EADM] => F:\Origin\Origin.exe [3618648 2014-12-18] (Electronic Arts)
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\Run: [spotify Web Helper] => C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-10] (Spotify Ltd)
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\Run: [DAEMON Tools Lite] => F:\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\Run: [spotify] => C:\Users\admin\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-10] (Spotify Ltd)
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\Run: [MediaFire Tray] => [X]
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\Run: [GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [915784 2014-12-06] (Google Inc.)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk
ShortcutTarget: GameRanger.lnk -> C:\Users\admin\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (No File)
ShellIconOverlayIdentifiers: [1MediaFireIconError] -> {5EE8C634-CDC0-453D-9731-DF0B19F4E807} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon3_2de3a.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconReadOnly] -> {7995D0FC-769B-4197-AEC0-991921CB99E1} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon5_2de3a.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSynched] -> {9A3B79CB-D899-40B5-8DBC-20447F1ADC8F} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon_2de3a.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSyncing] -> {C4D81971-6B13-4173-AB21-F83AD20CCC04} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon2_2de3a.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [MediaFireIconLock] -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon4_2de3a.dll (TODO: <Company name>)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2579176743-215364513-2509699589-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [s-1-5-21-2579176743-215364513-2509699589-1001] => 83.84.182.102:25565
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.nl.msn.com/
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 cap.cyberlink.com
Tcpip\..\Interfaces\{E1386B18-30FE-462A-A8EB-91CB78AC22FA}: [NameServer] 8.8.8.8,8.8.4.4,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @threeships.nl/TSHelper;version=2.0.0.4 -> C:\Program Files (x86)\Common Files\ThreeShips Shared\Dll\\npTSHelper.dll (Three Ships)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2579176743-215364513-2509699589-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Presentaties) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-12]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-10-12]
CHR Extension: (Beatlab) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\alnfdikmbdfgkcbdodjcbmedanjinmkk [2014-10-12]
CHR Extension: (Google Documenten) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-12]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-12]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-12]
CHR Extension: (Multiplayer Piano) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbadoggeokhliehfonkefnfcbgocojid [2014-10-12]
CHR Extension: (Spotify - Music for every moment) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2014-10-12]
CHR Extension: (Google Zoeken) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-12]
CHR Extension: (Google Spreadsheets) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-12]
CHR Extension: (AdBlock) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-15]
CHR Extension: (ButtonBass Dubstep Balls) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmjadonkmcblbkocpaaefjbceiijfdg [2014-10-12]
CHR Extension: (WGT Golfspel) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb [2014-10-12]
CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-12]
CHR Extension: (Click&Clean App) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-10-12]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S4 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-03-03] (Creative Labs) [File not signed]
S4 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-03-03] (Creative Labs) [File not signed]
S4 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103936 2013-07-30] (Creative Technology Ltd)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MF NTFS Monitor; C:\Users\admin\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe [456504 2014-12-05] ()
S4 Origin Client Service; F:\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-12-12] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-12-12] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [215416 2015-01-05] ()
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-10-31] ()
S4 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-06-09] (A-Volute) [File not signed]
S4 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-09-13] (Company) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1049880 2013-07-30] (Creative Technology Ltd)
R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [28440 2013-07-30] (Creative Technology Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-25] (Disc Soft Ltd)
S3 GPUZ; C:\Windows\TEMP\GPUZ.sys [27008 2014-12-04] ()
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-06] (REALiX)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-12-06] (Intel Corporation)
R2 mfmonitor; C:\Windows\System32\DRIVERS\mfmonitor_x64.sys [20696 2014-12-05] (Windows ® Win 7 DDK provider)
R1 mirrorv3; C:\Windows\system32\DRIVERS\rminiv3.sys [5632 2012-12-18] (Famatech International Corp.)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-09-05] (Razer Inc)
R3 RZMAELSTROMVADService; C:\Windows\system32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows ® Win 7 DDK provider)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-10-31] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-04-11] (Synaptics Incorporated)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 cpuz136; \??\C:\Users\admin\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 cpuz137; \??\C:\Users\admin\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 20:10 - 2015-01-06 20:11 - 00000000 ____D () C:\FRST
2015-01-06 20:02 - 2015-01-06 20:11 - 00022999 _____ () C:\Users\admin\Desktop\FRST.txt
2015-01-06 20:00 - 2015-01-06 20:00 - 02123776 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2015-01-03 21:22 - 2015-01-03 21:22 - 00000264 _____ () C:\Users\admin\Desktop\TCSS.appref-ms
2015-01-03 21:22 - 2015-01-03 21:22 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\THAUMCRAFT RESEARCH HELPER
2015-01-03 21:21 - 2015-01-06 15:10 - 00000000 ____D () C:\Users\admin\AppData\Local\Deployment
2015-01-02 21:19 - 2015-01-02 21:19 - 00000000 ____D () C:\Users\admin\Documents\NewBlueFX
2015-01-02 21:19 - 2015-01-02 21:19 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Titler
2015-01-01 19:59 - 2015-01-02 21:01 - 00375832 _____ (proDAD GmbH) C:\Windows\system32\proDAD-PA-Support.dll
2015-01-01 19:59 - 2015-01-02 20:59 - 00607256 _____ (proDAD GmbH) C:\Windows\system32\prodad-codec.dll
2015-01-01 19:59 - 2015-01-01 19:59 - 00000000 ____D () C:\Users\admin\AppData\Roaming\proDAD
2015-01-01 19:59 - 2015-01-01 19:59 - 00000000 ____D () C:\ProgramData\proDAD
2015-01-01 18:09 - 2015-01-01 18:09 - 00000000 ____D () C:\Users\admin\Documents\CyberLink
2015-01-01 18:07 - 2015-01-01 18:07 - 00000000 ____D () C:\Users\admin\AppData\Local\CyberLink
2015-01-01 18:06 - 2015-01-01 18:06 - 00000000 ____D () C:\Program Files\Common Files\NewBlue
2015-01-01 18:01 - 2015-01-06 19:29 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2014-12-29 21:59 - 2015-01-06 19:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-29 21:59 - 2014-12-29 21:59 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-29 21:59 - 2014-12-29 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-29 21:59 - 2014-12-29 21:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-29 21:59 - 2014-12-29 21:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-29 21:59 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-29 21:59 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-29 21:59 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-28 17:05 - 2014-12-28 17:05 - 00000000 ____D () C:\Users\admin\AppData\Local\Be
2014-12-28 16:55 - 2014-12-28 16:55 - 00000202 _____ () C:\Users\admin\Desktop\Rollercoaster.url
2014-12-26 21:18 - 2014-12-26 21:18 - 00000580 _____ () C:\Users\admin\Desktop\ATLauncher.exe - Snelkoppeling.lnk
2014-12-26 15:53 - 2014-12-26 15:49 - 00045866 _____ () C:\Users\admin\Downloads\[kickass.so]the.sims.4.reloaded.torrent
2014-12-26 15:53 - 2014-12-26 15:49 - 00018252 _____ () C:\Users\admin\Downloads\[kickass.so]five.nights.at.freddy.s.v1.0.iso.torrent
2014-12-26 15:53 - 2014-12-26 15:45 - 00035480 _____ () C:\Users\admin\Downloads\[kickass.so]the.sims.4.all.dlc.patches.updates.repack.term.nator.torrent
2014-12-26 15:53 - 2014-12-26 10:28 - 00016691 _____ () C:\Users\admin\Downloads\[kickass.so]the.sims.4.reloaded.update.version.1.0.732.20.no.origin.crack.mr.dj.torrent
2014-12-26 15:53 - 2014-12-26 09:54 - 00020341 _____ () C:\Users\admin\Downloads\[kickass.so]3dmgame.the.sims.4.update.3.and.crack.v7.rar.torrent
2014-12-26 15:35 - 2014-12-26 15:35 - 00000000 ____D () C:\Users\admin\Documents\SimCity
2014-12-21 15:53 - 2014-12-26 22:55 - 00000059 _____ () C:\Users\admin\.atl.properties
2014-12-20 22:42 - 2014-12-20 22:42 - 00003132 _____ () C:\Windows\System32\Tasks\{C192BE07-BCF7-4283-98FB-3BE8E834D09A}
2014-12-19 16:49 - 2014-12-19 16:50 - 00000000 ____D () C:\Users\admin\AppData\Roaming\ftblauncher
2014-12-19 13:58 - 2014-12-19 13:58 - 00000867 _____ () C:\Users\Public\Desktop\SimCity™.lnk
2014-12-19 13:58 - 2014-12-19 13:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
2014-12-16 20:35 - 2014-12-16 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-16 20:35 - 2014-12-16 20:35 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-15 23:28 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-12-15 23:28 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-12-13 17:01 - 2014-12-13 17:01 - 00045112 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-12-13 15:47 - 2014-12-13 15:47 - 00000844 _____ () C:\Users\admin\Desktop\CoDWaW.exe.lnk
2014-12-13 00:03 - 2014-12-13 00:03 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-12-12 23:17 - 2014-12-13 19:15 - 00000000 ___HD () C:\Users\admin\.mediafire
2014-12-12 23:15 - 2014-12-05 00:28 - 00020696 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\mfmonitor_x64.sys
2014-12-12 21:29 - 2015-01-06 19:34 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-12 21:29 - 2015-01-06 12:49 - 00001062 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-12 21:29 - 2014-12-12 21:29 - 00004038 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-12 21:29 - 2014-12-12 21:29 - 00003802 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-12 21:29 - 2014-12-12 21:29 - 00002295 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 21:29 - 2014-12-12 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-12 17:09 - 2014-12-15 20:38 - 00000793 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2014-12-12 17:09 - 2014-12-15 20:38 - 00000777 _____ () C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2014-12-12 17:09 - 2014-12-12 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2014-12-11 17:32 - 2014-12-11 17:32 - 00001375 _____ () C:\Users\admin\AppData\Local\recently-used.xbel
2014-12-11 16:41 - 2014-12-11 16:41 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Participatory Culture Foundation
2014-12-11 16:41 - 2014-12-11 16:41 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Mozilla
2014-12-10 23:14 - 2014-12-10 23:14 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 22:13 - 2014-12-10 22:13 - 00000000 ____D () C:\Users\admin\AppData\Local\RzStats
2014-12-10 20:11 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-10 20:11 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 20:11 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-10 20:11 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-10 20:07 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 20:07 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 20:06 - 2014-12-04 00:09 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 20:06 - 2014-12-03 00:09 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 20:06 - 2014-12-03 00:09 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 20:06 - 2014-12-03 00:09 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 20:06 - 2014-12-03 00:09 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 20:06 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 20:06 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 20:06 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 20:06 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-10 20:06 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 20:06 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-10 20:06 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 20:06 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 20:06 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 20:06 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-10 20:06 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-10 20:06 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 20:06 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 20:06 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 20:06 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-10 20:06 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-10 20:06 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-10 20:06 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 20:06 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 20:06 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 20:06 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 20:06 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 20:06 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 20:06 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-10 20:06 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 20:06 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 20:06 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-12-10 20:06 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 20:06 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-10 20:06 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 20:06 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 20:06 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 20:06 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 20:06 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 20:06 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 20:06 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 20:06 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 20:06 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 20:06 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 20:06 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 20:05 - 2014-12-04 00:37 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 20:05 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-12-10 20:05 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-12-09 15:00 - 2014-12-09 15:00 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-12-09 14:59 - 2014-12-09 14:59 - 00053736 _____ () C:\Windows\SysWOW64\CCCInstall_201412091459105692.log
2014-12-09 14:59 - 2014-12-09 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-12-09 14:59 - 2014-12-09 14:59 - 00000000 ____D () C:\ProgramData\ATI
2014-12-09 14:59 - 2014-12-09 14:59 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-12-09 14:58 - 2014-12-13 21:27 - 00000000 ____D () C:\Program Files\AMD
2014-12-09 14:58 - 2014-12-09 14:58 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-12-09 14:57 - 2014-12-09 14:57 - 00055860 _____ () C:\Windows\SysWOW64\CCCInstall_201412091457381554.log
2014-12-09 14:57 - 2014-12-09 14:57 - 00000000 ____D () C:\Users\admin\AppData\Roaming\ATI
2014-12-09 14:57 - 2014-12-09 14:57 - 00000000 ____D () C:\Users\admin\AppData\Local\ATI
2014-12-09 14:55 - 2014-12-09 14:55 - 00056720 _____ () C:\Windows\SysWOW64\CCCInstall_201412091455516194.log
2014-12-09 14:55 - 2014-12-09 14:55 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-12-09 14:55 - 2014-12-09 14:55 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-12-09 14:54 - 2014-12-09 15:00 - 00000000 ____D () C:\Program Files\ATI
2014-12-07 15:45 - 2014-12-07 16:51 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 20:05 - 2014-07-23 21:56 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype
2015-01-06 20:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-06 19:57 - 2014-10-23 21:05 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-06 19:40 - 2014-03-02 21:16 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2579176743-215364513-2509699589-1001
2015-01-06 19:30 - 2014-03-27 19:55 - 00000000 ____D () C:\ProgramData\SmartSound Software Inc
2015-01-06 19:30 - 2014-03-02 21:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-06 18:55 - 2014-03-04 17:24 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Spotify
2015-01-06 16:50 - 2014-07-15 18:38 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Raptr
2015-01-06 16:27 - 2014-10-28 20:19 - 01993084 _____ () C:\Windows\WindowsUpdate.log
2015-01-06 16:04 - 2014-03-02 21:15 - 01823174 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-06 16:04 - 2013-08-22 23:58 - 00805462 _____ () C:\Windows\system32\perfh013.dat
2015-01-06 16:04 - 2013-08-22 23:58 - 00161964 _____ () C:\Windows\system32\perfc013.dat
2015-01-06 15:09 - 2014-05-31 13:55 - 00000000 ____D () C:\Users\admin\AppData\Local\ftblauncher
2015-01-06 12:49 - 2014-12-02 18:45 - 00000330 _____ () C:\Windows\Tasks\DriverToolkit Autorun.job
2015-01-06 12:49 - 2014-03-06 17:08 - 00000000 __RDO () C:\Users\admin\SkyDrive
2015-01-05 23:58 - 2014-03-03 21:32 - 00000000 ____D () C:\ProgramData\Origin
2015-01-05 21:24 - 2014-08-17 13:00 - 00000000 ____D () C:\Users\admin\AppData\Roaming\TS3Client
2015-01-05 20:31 - 2014-03-04 14:10 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-01-05 20:31 - 2014-03-04 14:10 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-01-04 23:43 - 2014-06-26 18:57 - 00000000 ____D () C:\Users\admin\Documents\map nederlands
2015-01-04 23:42 - 2014-12-04 22:34 - 00012800 ___SH () C:\Users\admin\Documents\Thumbs.db
2015-01-04 23:42 - 2014-07-02 20:29 - 00000000 ____D () C:\Users\admin\Documents\Overige school artikelen
2015-01-04 23:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-01-03 22:57 - 2014-03-04 17:24 - 00000000 ____D () C:\Users\admin\AppData\Local\Spotify
2015-01-03 13:40 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-03 01:17 - 2014-03-02 21:11 - 00000000 ____D () C:\Users\admin
2015-01-02 23:30 - 2014-09-09 20:04 - 00000000 ____D () C:\Users\admin\AppData\Local\Apple Computer
2015-01-02 22:00 - 2014-11-29 23:09 - 00025386 _____ () C:\Windows\PFRO.log
2015-01-02 22:00 - 2014-11-29 23:04 - 05183584 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-02 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\L2Schemas
2015-01-02 22:00 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-02 20:52 - 2014-03-27 19:51 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-01 18:01 - 2014-03-27 19:51 - 00000000 ____D () C:\ProgramData\install_clap
2014-12-31 22:00 - 2014-11-29 22:59 - 00014946 _____ () C:\Windows\setupact.log
2014-12-29 23:06 - 2014-11-29 20:54 - 00000000 ____D () C:\Users\admin\AppData\Local\Popcorn-Time
2014-12-29 12:14 - 2014-07-15 19:03 - 00152064 ___SH () C:\Users\admin\Desktop\Thumbs.db
2014-12-28 21:58 - 2014-03-07 15:28 - 00000000 ____D () C:\Users\admin\AppData\Roaming\.minecraft
2014-12-28 16:55 - 2014-12-03 17:46 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-27 14:30 - 2014-04-06 16:57 - 00000000 ____D () C:\Users\admin\Documents\Electronic Arts
2014-12-27 14:10 - 2014-09-10 07:01 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-12-22 21:09 - 2014-04-08 14:23 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-12-22 21:09 - 2014-03-05 18:56 - 00000000 ____D () C:\Users\admin\AppData\Local\PunkBuster
2014-12-20 20:21 - 2014-11-02 00:36 - 00000000 ____D () C:\Users\admin\AppData\Local\LogMeIn Hamachi
2014-12-19 21:22 - 2014-12-06 19:44 - 00000000 ____D () C:\Users\admin\AppData\Local\Game Dev Tycoon
2014-12-17 23:43 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-17 19:55 - 2014-03-04 14:10 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-14 19:01 - 2014-12-04 21:55 - 00000000 ____D () C:\Users\admin\.gimp-2.8
2014-12-13 21:28 - 2013-08-22 14:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-12-13 21:26 - 2014-03-02 21:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-13 21:17 - 2014-12-04 18:34 - 00000000 ____D () C:\AMD
2014-12-13 21:14 - 2014-12-02 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2014-12-13 00:03 - 2014-12-06 01:05 - 00002802 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Brian)
2014-12-12 22:07 - 2014-04-11 12:44 - 00000000 ____D () C:\Users\admin\AppData\Roaming\TeamViewer
2014-12-12 21:52 - 2014-05-19 21:37 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-12 21:52 - 2014-05-19 21:37 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Dropbox
2014-12-12 21:29 - 2014-03-03 21:13 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-12 20:13 - 2014-03-05 18:57 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-12-12 17:09 - 2014-11-30 18:51 - 00070014 _____ () C:\Windows\DirectX.log
2014-12-12 17:09 - 2014-03-04 14:10 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-12 16:16 - 2014-08-24 16:41 - 00000000 ____D () C:\Users\admin\AppData\Local\Adobe
2014-12-12 13:55 - 2014-10-23 21:05 - 00003828 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-11 17:28 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-12-11 16:43 - 2014-04-21 17:31 - 00000000 ____D () C:\Users\admin\AppData\Local\gtk-2.0
2014-12-10 23:14 - 2014-07-09 22:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 23:14 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-12-10 23:14 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-10 23:14 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 21:04 - 2014-03-02 21:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 21:04 - 2014-03-02 21:18 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 21:02 - 2014-03-02 21:50 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 14:59 - 2014-12-04 18:37 - 00000000 ____D () C:\ProgramData\AMD
2014-12-09 14:54 - 2014-03-03 21:20 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-12-07 16:52 - 2014-09-09 20:03 - 00000000 ____D () C:\ProgramData\Apple

Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\1871KrakenDevProps.dll
C:\Users\admin\AppData\Local\Temp\CJVXdixthqrWhyNpmAiU.DLL
C:\Users\admin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0r_xqs.dll
C:\Users\admin\AppData\Local\Temp\fOkceKiYzalsGTxaJQFC.DLL
C:\Users\admin\AppData\Local\Temp\jansi-64-git-Spigot-1.7.9-R0.2-208-ge0f2e95.dll
C:\Users\admin\AppData\Local\Temp\jAXrDwrhuU.DLL
C:\Users\admin\AppData\Local\Temp\JoegYqDVaG.DLL
C:\Users\admin\AppData\Local\Temp\KebfAEFHHaVJBUDnVqEG.DLL
C:\Users\admin\AppData\Local\Temp\LpojOWJkJvMAxBiCZSoP.DLL
C:\Users\admin\AppData\Local\Temp\MmseoNhrDrAMvlVZAKAO.DLL
C:\Users\admin\AppData\Local\Temp\sonarinst.exe
C:\Users\admin\AppData\Local\Temp\TEBvLcbYQM.DLL
C:\Users\admin\AppData\Local\Temp\TFkdVgXriM.DLL
C:\Users\admin\AppData\Local\Temp\tmp7A85.exe
C:\Users\admin\AppData\Local\Temp\uninstall.exe
C:\Users\admin\AppData\Local\Temp\uSWtlPuqJWVlpTuceLVL.DLL
C:\Users\admin\AppData\Local\Temp\YjUKAZOjhSHvZLzIbJIQ.DLL
C:\Users\admin\AppData\Local\Temp\zyIcqrriPeGMRJHknhra.DLL

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-18 18:48

==================== End Of Log ============================

Additional.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-01-2015
Ran by Brian at 2015-01-06 20:11:15
Running from C:\Users\admin\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BF4 Settings Editor (HKLM\...\{EF4C9459-47DE-4FCD-B9E0-CEB5BA03FC64}) (Version: 1.1 - Realmware)
Call of Duty® - World at War (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.7 - Activision)
Call of Duty® - World at War (x32 Version: 1.0 - Activision) Hidden
Call of Duty® - World at War 1.1 Patch (x32 Version:  - ) Hidden
Call of Duty® - World at War 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Call of Duty® - World at War 1.2 Patch (x32 Version:  - ) Hidden
Call of Duty® - World at War 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
Call of Duty® - World at War 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty® - World at War 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty® - World at War 1.5 Patch (x32 Version:  - ) Hidden
Call of Duty® - World at War 1.5 Patch (x32 Version: 1.5 - Activision) Hidden
Call of Duty® - World at War 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty® - World at War 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty® - World at War 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty® - World at War 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Creative Music Server (HKLM-x32\...\Music Server) (Version: 1.01 - Creative Technology Limited)
Creative-systeeminformatie (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dropbox (HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Fable III (x32 Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
GameRanger (HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\GameRanger) (Version:  - GameRanger Technologies)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware versie 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MediaFire Desktop (HKLM-x32\...\MediaFire Desktop 1.4.7.10713) (Version: 1.4.7.10713 - MediaFire)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.4276.0) (Version: 4.0.4276.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{64C12304-7010-43F3-A25B-BDC38DE41E46}) (Version: 4.0.4276.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Hotmail Connector 64-bits (HKLM\...\{95140000-0081-0413-1000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Origin (HKLM-x32\...\Origin) (Version: 9.4.5.195 - Electronic Arts, Inc.)
PowerDirector (Version: 12.0 - Uw bedrijfsnaam) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.10 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM-x32\...\Steam App 285330) (Version:  - Chris Sawyer Productions)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sound Blaster Recon3D PCIe (HKLM-x32\...\{344F2565-8724-473A-9A4E-62A780AAE396}) (Version: 1.01.19 - Creative Technology Limited)
Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{204FCF73-1450-407D-BCF9-1233EC5F5787}) (Version: 1.0 - Creative Technology Limited)
Spotify (HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TCSS (HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\c3174b629303c191) (Version: 1.3.1.0 - THAUMCRAFT RESEARCH HELPER)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
ThreeShipsPluginSetup (HKLM-x32\...\{954AED8D-F8FD-46AC-ABDF-A624C1B41803}) (Version: 2.0.0.4 - Three Ships)
Unity Web Player (HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\UnityWebPlayer) (Version: 4.6.0f3 - Unity Technologies ApS)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XSplit Broadcaster (HKLM-x32\...\{F8A47958-47CC-4B57-AE7D-7DDC0A86BEF5}) (Version: 1.3.1311.1201 - SplitMediaLabs)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2579176743-215364513-2509699589-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2579176743-215364513-2509699589-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2579176743-215364513-2509699589-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2579176743-215364513-2509699589-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2579176743-215364513-2509699589-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2579176743-215364513-2509699589-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2579176743-215364513-2509699589-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2579176743-215364513-2509699589-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2579176743-215364513-2509699589-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

01-01-2015 18:06:54 Installed QuickTime
02-01-2015 20:49:38 Removed QuickTime
06-01-2015 19:29:35 Geconfigureerd PowerDirector

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2015-01-02 21:08 - 00000853 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 cap.cyberlink.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {23C4414E-6341-4DBD-94A5-CEA9FAE7B62F} - System32\Tasks\Driver Booster SkipUAC (Brian) => F:\Driver Booster\DriverBooster.exe
Task: {2E0626D3-D012-410A-8294-C43882CB277E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-12] (Google Inc.)
Task: {2FD7C2BF-190B-4CC3-AA1C-E4B104955200} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {305B61DF-3A43-43F8-B7CB-B18C46CC5BE4} - System32\Tasks\{AACEA31E-2714-4F17-9F03-2917800747FD} => pcalua.exe -a C:\Windows\unvise32.exe -c C:\Program Files (x86)\REVisionEffects\uninstallinfo\RSMB5AEuninstall.log
Task: {40A2456F-B428-4CCC-A1A6-12ECEC49EBC4} - System32\Tasks\{5196C40B-8CD2-45FB-B0C3-C5FEAF561831} => pcalua.exe -a "F:\Downloads\Age Of Empires 3 All in One\AGE OF EMPIRES 3\autorun.exe" -d "F:\Downloads\Age Of Empires 3 All in One\AGE OF EMPIRES 3"
Task: {59568389-7D17-468A-831B-E7A0FCE3637B} - System32\Tasks\{E572A9B0-5F7B-4607-BDD7-2E950CDEC488} => pcalua.exe -a "F:\Folder Lock\Uninstall.exe" -d "F:\Folder Lock"
Task: {59C68ADE-E6C3-4A21-887F-3AA6EC10277B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-12] (Google Inc.)
Task: {7C44AD60-8891-4990-9AE0-73D511AD0DAD} - System32\Tasks\{DCD422FA-E754-4E23-98A7-2EC10894E479} => pcalua.exe -a "F:\DAEMON Tools Lite\uninst.exe"
Task: {8D4A2B29-81C2-4AE3-9202-2E1E84596FB5} - \LuckyTab No Task File <==== ATTENTION
Task: {9F5BF19E-0384-4908-BE00-DB116C0C5386} - System32\Tasks\DriverToolkit Autorun => F:\DriverToolkit\DriverToolkit.exe
Task: {BA4B39CB-666A-4235-8CA7-AE620322143E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {D3431024-67BA-4B6D-81D8-BB2399861739} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated)
Task: {D5A5F3C7-8479-40BF-94CE-3A329579514B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E31E7EE9-BBA3-4D3D-BA27-93652E2695BB} - System32\Tasks\{C192BE07-BCF7-4283-98FB-3BE8E834D09A} => pcalua.exe -a F:\Downloads\forge-1.7.10-10.13.2.1231-installer-win.exe -d F:\Downloads
Task: {F2C3EDFF-12F8-4B52-89C0-89CC2C3B0FCF} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => F:\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-12-12 23:15 - 2014-12-05 00:58 - 00456504 _____ () C:\Users\admin\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
2014-03-05 18:57 - 2014-12-12 20:13 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-03-04 14:10 - 2015-01-05 20:31 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-12-12 21:29 - 2014-12-06 02:16 - 01408328 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 21:29 - 2014-12-06 02:16 - 00204616 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 21:29 - 2014-12-06 02:17 - 10689352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 21:29 - 2014-12-06 02:16 - 01856840 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-11-20 09:23 - 2014-11-20 09:23 - 00289792 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2014-03-04 17:24 - 2014-12-10 23:11 - 00374840 _____ () C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-12-19 23:15 - 2015-01-06 15:09 - 00310272 _____ () F:\FTB\direwolf20_17\natives\lwjgl64.dll
2014-12-19 23:15 - 2015-01-06 15:09 - 00653832 _____ () F:\FTB\direwolf20_17\natives\avutil-ttv-51.dll
2014-12-19 23:15 - 2015-01-06 15:09 - 00361103 _____ () F:\FTB\direwolf20_17\natives\swresample-ttv-0.dll
2014-12-19 23:15 - 2015-01-06 15:09 - 00688161 _____ () F:\FTB\direwolf20_17\natives\libmp3lame-ttv.dll
2014-12-19 23:15 - 2015-01-06 15:09 - 01127424 _____ () F:\FTB\direwolf20_17\natives\twitchsdk.dll
2014-12-19 23:15 - 2015-01-06 15:09 - 00382464 _____ () F:\FTB\direwolf20_17\natives\OpenAL64.dll
2014-12-19 23:15 - 2015-01-06 15:09 - 00065024 _____ () F:\FTB\direwolf20_17\natives\jinput-dx8_64.dll
2014-12-19 23:15 - 2015-01-06 15:09 - 00062464 _____ () F:\FTB\direwolf20_17\natives\jinput-raw_64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-06-21 09:44 - 2015-01-06 12:50 - 00619312 _____ () C:\Users\admin\AppData\Local\Temp\1871KrakenDevProps.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 07816192 _____ () F:\xsplit\avcodec-54.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 01425920 _____ () F:\xsplit\avformat-54.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 00188416 _____ () F:\xsplit\avutil-52.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 00336896 _____ () F:\xsplit\swscale-2.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 00096256 _____ () F:\xsplit\swresample-0.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2014-08-14 01:37 - 2014-08-14 01:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 01:37 - 2014-08-14 01:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 01:05 - 2013-11-21 01:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2014-12-08 20:17 - 2014-12-08 20:17 - 02519808 _____ () C:\Program Files (x86)\Raptr\ltc_host_ex.DLL
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 01:56 - 2014-06-18 01:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-11-14 11:03 - 2014-01-04 01:20 - 34755072 _____ () C:\Users\admin\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2014-11-20 07:02 - 2014-11-20 07:02 - 00193024 _____ () C:\ProgramData\Razer\Synapse\RzStats\RigWrapper.dll
2014-11-14 11:03 - 2014-01-04 01:20 - 00970240 _____ () C:\Users\admin\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\ffmpegsumo.dll
2014-03-04 17:24 - 2014-12-10 23:11 - 36966968 _____ () C:\Users\admin\AppData\Roaming\Spotify\Data\libcef.dll
2014-07-09 22:00 - 2014-12-10 23:11 - 00867896 _____ () C:\Users\admin\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-03-04 17:24 - 2014-12-10 23:11 - 00886840 _____ () C:\Users\admin\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-03-04 17:24 - 2014-12-10 23:11 - 00108600 _____ () C:\Users\admin\AppData\Roaming\Spotify\Data\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\admin\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Creative ALchemy AL6 Licensing Service => 3
MSCONFIG\Services: Creative Audio Engine Licensing Service => 3
MSCONFIG\Services: CTAudSvcService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: PnkBstrA => 2
MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\Services: RzMaelstromVADStreamingService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: Update service => 2
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "StartCCC"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "IntelTBRunOnce"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "UpdReg"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Sound Blaster Recon3D PCIe Control Panel"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\StartupApproved\StartupFolder: => "GameRanger.lnk"
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\StartupApproved\StartupFolder: => "Intel® Turbo Boost Technologie monitor 2.6.lnk"
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\StartupApproved\Run: => "Clownfish"
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\StartupApproved\Run: => "puush"
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-2579176743-215364513-2509699589-1001\...\StartupApproved\Run: => "uTorrent"

========================= Accounts: ==========================

Administrator (S-1-5-21-2579176743-215364513-2509699589-500 - Administrator - Disabled)
Brian (S-1-5-21-2579176743-215364513-2509699589-1001 - Administrator - Enabled) => C:\Users\admin
Gast (S-1-5-21-2579176743-215364513-2509699589-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2579176743-215364513-2509699589-1006 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: High Definition Audio Bus
Description: High Definition Audio Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: AMD
Service: HDAudBus
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/06/2015 07:29:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Toegang geweigerd.
.

Error: (01/06/2015 01:50:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: backgroundTaskHost.exe, versie: 6.3.9600.17415, tijdstempel: 0x545042b7
Naam van module met fout: twinapi.appcore.dll, versie: 6.3.9600.17415, tijdstempel: 0x54503c4d
Uitzonderingscode: 0xc000027b
Foutmarge: 0x0000000000063c1f
Id van proces met fout: 0x4034
Starttijd van toepassing met fout: 0xbackgroundTaskHost.exe0
Pad naar toepassing met fout: backgroundTaskHost.exe1
Pad naar module met fout: backgroundTaskHost.exe2
Rapport-id: backgroundTaskHost.exe3
Volledige pakketnaam met fout: backgroundTaskHost.exe4
Relatieve toepassings-id van pakket met fout: backgroundTaskHost.exe5

Error: (01/05/2015 08:24:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: bf4.exe, versie: 1.4.2.23831, tijdstempel: 0x547fa9b4
Naam van module met fout: ltc_game64-90652.dll_unloaded, versie: 1.0.0.1, tijdstempel: 0x5485f8cf
Uitzonderingscode: 0xc0000005
Foutmarge: 0x00000000000491e9
Id van proces met fout: 0x5cc4
Starttijd van toepassing met fout: 0xbf4.exe0
Pad naar toepassing met fout: bf4.exe1
Pad naar module met fout: bf4.exe2
Rapport-id: bf4.exe3
Volledige pakketnaam met fout: bf4.exe4
Relatieve toepassings-id van pakket met fout: bf4.exe5

Error: (01/05/2015 01:40:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Het programma javaw.exe, versie 8.0.25.18 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm.

Proces-id: 2ec0

Starttijd: 01d028e4c73d338c

Eindtijd: 20

Toepassingspad: C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe

Rapport-id: 11a464c7-94d8-11e4-8349-50465dac2795

Volledige pakketnaam met fout:

Relatieve toepassings-id van pakket met fout:

Error: (01/02/2015 09:08:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: keygen.exe, versie: 0.0.0.0, tijdstempel: 0x2a425e19
Naam van module met fout: KERNELBASE.dll, versie: 6.3.9600.17415, tijdstempel: 0x54504ade
Uitzonderingscode: 0xc000041d
Foutmarge: 0x00014598
Id van proces met fout: 0x10fac
Starttijd van toepassing met fout: 0xkeygen.exe0
Pad naar toepassing met fout: keygen.exe1
Pad naar module met fout: keygen.exe2
Rapport-id: keygen.exe3
Volledige pakketnaam met fout: keygen.exe4
Relatieve toepassings-id van pakket met fout: keygen.exe5

Error: (01/02/2015 09:08:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: keygen.exe, versie: 0.0.0.0, tijdstempel: 0x2a425e19
Naam van module met fout: KERNELBASE.dll, versie: 6.3.9600.17415, tijdstempel: 0x54504ade
Uitzonderingscode: 0x0eedfade
Foutmarge: 0x00014598
Id van proces met fout: 0x10fac
Starttijd van toepassing met fout: 0xkeygen.exe0
Pad naar toepassing met fout: keygen.exe1
Pad naar module met fout: keygen.exe2
Rapport-id: keygen.exe3
Volledige pakketnaam met fout: keygen.exe4
Relatieve toepassings-id van pakket met fout: keygen.exe5

Error: (01/02/2015 09:07:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: keygen.exe, versie: 0.0.0.0, tijdstempel: 0x2a425e19
Naam van module met fout: KERNELBASE.dll, versie: 6.3.9600.17415, tijdstempel: 0x54504ade
Uitzonderingscode: 0x0eedfade
Foutmarge: 0x00014598
Id van proces met fout: 0x12208
Starttijd van toepassing met fout: 0xkeygen.exe0
Pad naar toepassing met fout: keygen.exe1
Pad naar module met fout: keygen.exe2
Rapport-id: keygen.exe3
Volledige pakketnaam met fout: keygen.exe4
Relatieve toepassings-id van pakket met fout: keygen.exe5

Error: (01/02/2015 08:49:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service DeltaFix since QueryServiceConfig API failed

System Error:
Het systeem kan het opgegeven bestand niet vinden.
.

Error: (01/02/2015 08:49:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Toegang geweigerd.
.

Error: (01/02/2015 01:22:22 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

System errors:
=============
Error: (01/06/2015 07:30:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De Cyberlink RichVideo64 Service(CRVS)-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.

Error: (01/06/2015 07:27:20 PM) (Source: DCOM) (EventID: 10000) (User: ADMIN)
Description: "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\delegate_execute.exe" -Embedding2{5C65F4B0-3651-4514-B207-D10CB699B14B}

Error: (01/06/2015 07:27:13 PM) (Source: DCOM) (EventID: 10000) (User: ADMIN)
Description: "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\delegate_execute.exe" -Embedding2{5C65F4B0-3651-4514-B207-D10CB699B14B}

Error: (01/06/2015 07:19:50 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN)
Description: {5C65F4B0-3651-4514-B207-D10CB699B14B}

Error: (01/06/2015 07:16:56 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN)
Description: {5C65F4B0-3651-4514-B207-D10CB699B14B}

Error: (01/05/2015 08:23:11 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: MBAMScheduler.

Error: (01/02/2015 10:00:22 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: De vorige afsluiting van het systeem om 21:57:49 op ‎2-‎1-‎2015 is onverwacht gebeurd.

Error: (01/01/2015 08:57:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De Cyberlink RichVideo64 Service(CRVS)-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.

Error: (01/01/2015 08:08:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De Cyberlink RichVideo64 Service(CRVS)-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.

Error: (01/01/2015 06:13:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De Cyberlink RichVideo64 Service(CRVS)-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.

Microsoft Office Sessions:
=========================
Error: (01/06/2015 07:29:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Toegang geweigerd.

Error: (01/06/2015 01:50:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.17415545042b7twinapi.appcore.dll6.3.9600.1741554503c4dc000027b0000000000063c1f403401d029af66058871C:\Windows\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dlla5bb753b-95a2-11e4-8349-50465dac2795Microsoft.XboxOneSmartGlass_2.2.1501.1006_x64__8wekyb3d8bbweMicrosoft.XboxOneSmartGlass

Error: (01/05/2015 08:24:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bf4.exe1.4.2.23831547fa9b4ltc_game64-90652.dll_unloaded1.0.0.15485f8cfc000000500000000000491e95cc401d0291d1d1e51bdF:\Origin\Games\Battlefield 4\bf4.exeltc_game64-90652.dll7fe6ed4a-9510-11e4-8349-50465dac2795

Error: (01/05/2015 01:40:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.25.182ec001d028e4c73d338c20C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe11a464c7-94d8-11e4-8349-50465dac2795

Error: (01/02/2015 09:08:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: keygen.exe0.0.0.02a425e19KERNELBASE.dll6.3.9600.1741554504adec000041d0001459810fac01d026c7e3569798F:\Downloads\CyberLink PowerDirector Ultimate v13 0 2307 0 Multilingual Incl Keymaker READNFO-CORE\keygen.exeC:\Windows\SYSTEM32\KERNELBASE.dll2283fe1b-92bb-11e4-8348-50465dac2795

Error: (01/02/2015 09:08:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: keygen.exe0.0.0.02a425e19KERNELBASE.dll6.3.9600.1741554504ade0eedfade0001459810fac01d026c7e3569798F:\Downloads\CyberLink PowerDirector Ultimate v13 0 2307 0 Multilingual Incl Keymaker READNFO-CORE\keygen.exeC:\Windows\SYSTEM32\KERNELBASE.dll21cb0038-92bb-11e4-8348-50465dac2795

Error: (01/02/2015 09:07:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: keygen.exe0.0.0.02a425e19KERNELBASE.dll6.3.9600.1741554504ade0eedfade000145981220801d026c7ad2aeaefF:\Downloads\CyberLink PowerDirector Ultimate v13 0 2307 0 Multilingual Incl Keymaker READNFO-CORE\keygen.exeC:\Windows\SYSTEM32\KERNELBASE.dllee05c782-92ba-11e4-8348-50465dac2795

Error: (01/02/2015 08:49:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service DeltaFix since QueryServiceConfig API failed

System Error:
Het systeem kan het opgegeven bestand niet vinden.

Error: (01/02/2015 08:49:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Toegang geweigerd.

Error: (01/02/2015 01:22:22 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description:

CodeIntegrity Errors:
===================================
  Date: 2015-01-06 17:46:31.912
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-06 17:46:31.819
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-06 17:46:31.726
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-06 17:46:26.668
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-06 17:46:26.569
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-04 14:29:01.779
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-02 20:59:23.731
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-02 20:57:11.512
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-02 20:57:11.411
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-02 20:57:11.108
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel® Core i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 51%
Total physical RAM: 16331.91 MB
Available physical RAM: 7906.93 MB
Total Pagefile: 18763.91 MB
Available Pagefile: 7368.66 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:46.49 GB) NTFS
Drive f: (Lokale schijf ) (Fixed) (Total:465.42 GB) (Free:263.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 22BCE4B2)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 3A6EBF82)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Link to post
Share on other sites

  • Root Admin

Yes, please update and rescan and it should no longer be detected.

 

Please note the following though which is piracy and will prevent future assistance if found.

 

2014-12-26 15:53 - 2014-12-26 15:45 - 00035480 _____ () C:\Users\admin\Downloads\[kickass.so]the.sims.4.all.dlc.patches.updates.repack.term.nator.torrent
2014-12-26 15:53 - 2014-12-26 10:28 - 00016691 _____ () C:\Users\admin\Downloads\[kickass.so]the.sims.4.reloaded.update.version.1.0.732.20.no.origin.crack.mr.dj.torrent
2014-12-26 15:53 - 2014-12-26 09:54 - 00020341 _____ () C:\Users\admin\Downloads\[kickass.so]3dmgame.the.sims.4.update.3.and.crack.v7.rar.torrent

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.