"Your system is not fully protected" possibly infected

calypso9 · July 17, 2015

Hello, I was referred to this forum from here: https://forums.malwarebytes.org/index.php?/topic/170594-your-system-is-not-fully-protected-with-premium-license/

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015

Running from B:\Downloads

Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe

() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe

() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(Valve Corporation) B:\Program Files (x86)\Steam\Steam.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Microsoft Corporation) C:\Windows\System32\StikyNot.exe

(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe

(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\cmd.exe

(Valve Corporation) B:\Program Files (x86)\Steam\bin\steamwebhelper.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe

(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.201.1937.0.exe

(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)

HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297624 2015-01-30] (COMODO)

HKLM\...\Run: [intelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-07-02] (NVIDIA Corporation)

HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => "B:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)

HKLM-x32\...\Run: [tvncontrol] => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-07-14] (Oracle Corporation)

HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [steam] => "B:\Program Files (x86)\Steam\steam.exe" -silent

HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)

HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [HP Photosmart Plus B210 series (NET)] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [speccy] => C:\Program Files\Speccy\Speccy64.exe [6903064 2014-04-11] (Piriform Ltd)

HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-29] (Skype Technologies S.A.)

HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)

HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\MountPoints2: H - H:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\MountPoints2: {7bb8d282-d110-11e2-862f-3085a999135a} - G:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\MountPoints2: {d41bb265-16a5-11e4-a8eb-3085a999135a} - H:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-831873670-1328612798-2367821417-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2013-03-10]

ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2013-03-10]

ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2013-07-19]

ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)

ShellIconOverlayIdentifiers: [P4EXPCheckoutOverlay] -> {80E008A4-EAE7-4867-AEB0-1A245F070F25} => B:\Program Files\Perforce\p4exp64.dll [2012-09-24] (Perforce Software Inc.)

ShellIconOverlayIdentifiers: [P4EXPSyncdOverlay] -> {ADF262C1-E8FE-49BE-AD63-F77CD4A6CCD9} => B:\Program Files\Perforce\p4exp64.dll [2012-09-24] (Perforce Software Inc.)

ShellIconOverlayIdentifiers: [P4EXPUpdateOverlay] -> {C550CDA2-37D7-4838-A9D7-65ECB1EB5AB2} => B:\Program Files\Perforce\p4exp64.dll [2012-09-24] (Perforce Software Inc.)

ShellIconOverlayIdentifiers-x32: [P4EXPCheckoutOverlay] -> {80E008A4-EAE7-4867-AEB0-1A245F070F25} => B:\Program Files\Perforce\p4exp.dll [2012-09-24] (Perforce Software Inc.)

ShellIconOverlayIdentifiers-x32: [P4EXPSyncdOverlay] -> {ADF262C1-E8FE-49BE-AD63-F77CD4A6CCD9} => B:\Program Files\Perforce\p4exp.dll [2012-09-24] (Perforce Software Inc.)

ShellIconOverlayIdentifiers-x32: [P4EXPUpdateOverlay] -> {C550CDA2-37D7-4838-A9D7-65ECB1EB5AB2} => B:\Program Files\Perforce\p4exp.dll [2012-09-24] (Perforce Software Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-831873670-1328612798-2367821417-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-14] (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-14] (Oracle Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

Tcpip\..\Interfaces\{4CFF9ACD-4148-48D2-8608-1C80DEEAAA3A}: [NameServer] 156.154.70.22,156.154.71.22

Tcpip\..\Interfaces\{7080868E-95F9-4F1F-B94D-C56E65B7BC23}: [DhcpNameServer] 192.168.1.254

Tcpip\..\Interfaces\{BAFDD336-E8D6-4706-98F8-D40E24003D6B}: [DhcpNameServer] 7.254.254.254

FireFox:

========

FF ProfilePath: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default

FF DefaultSearchEngine.US: Google

FF SelectedSearchEngine: Ixquick HTTPS

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-14] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-14] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-02] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-02] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-831873670-1328612798-2367821417-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)

FF Plugin HKU\S-1-5-21-831873670-1328612798-2367821417-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-12-28] ()

FF SearchPlugin: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\searchplugins\ixquick-https.xml [2015-07-16]

FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\donottrackplus@abine.com [2014-01-23]

FF Extension: Firefogg - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\firefogg@firefogg.org [2015-02-06]

FF Extension: MaskMe - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\idme@abine.com [2015-06-06]

FF Extension: Shumway - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\shumway@research.mozilla.org [2015-07-15]

FF Extension: FT DeepDark - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-06-28]

FF Extension: Disconnect - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\2.0@disconnect.me.xpi [2014-04-27]

FF Extension: Firebug - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\firebug@software.joehewitt.com.xpi [2013-06-19]

FF Extension: MEGA - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\firefox@mega.co.nz.xpi [2015-02-12]

FF Extension: Test Pilot - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-05-01]

FF Extension: NoScript - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-09-25]

FF Extension: Abduction! - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi [2014-06-24]

FF Extension: Adblock Plus - C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-07]

Chrome:

=======

CHR Profile: C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Docs) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-27]

CHR Extension: (Google Drive) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-27]

CHR Extension: (YouTube) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-27]

CHR Extension: (Adblock Plus) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-06]

CHR Extension: (Google Search) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-27]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-06]

CHR Extension: (Google Wallet) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-27]

CHR Extension: (Gmail) - C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [348160 2011-01-29] (AVerMedia) [File not signed]

R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]

R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2015-01-30] (COMODO)

S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2015-01-30] (COMODO)

S2 DAZContentManagementService; B:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [22528 2011-05-05] () [File not signed]

S2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)

S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-07-02] (NVIDIA Corporation)

R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-07-16] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-07-16] (Malwarebytes Corporation)

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)

R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-07-02] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-07-02] (NVIDIA Corporation)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]

S2 Perforce; B:\Program Files\Perforce\Server\p4s.exe [3455104 2012-11-09] (Perforce Software Inc.)

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]

S3 TunngleService; B:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

S2 CLPSLauncher; "C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe" [X]

S2 GeekBuddyRSP; "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service [X]

S2 Hamachi2Svc; "B:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2015-04-23] (Advanced Micro Devices, Inc.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-03-09] ()

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2015-01-30] (COMODO)

R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [792648 2015-01-30] (COMODO)

R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45880 2015-01-30] (COMODO)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-09] (DT Soft Ltd)

R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [104608 2015-01-30] (COMODO)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-03-09] ()

S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-07-16] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-17] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-07-16] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-05-14] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-05-14] (Microsoft Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-07-02] (NVIDIA Corporation)

R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)

R3 TRIDCap; C:\Windows\System32\DRIVERS\AVerTM62_x64.sys [1074048 2012-11-22] (AVerMedia TECHNOLOGIES, Inc. )

S3 VSPerfDrv110; \??\B:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] ()

R3 WinRing0_1_2_0; C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.sys [14544 2015-07-16] (OpenLibSys.org)

R3 cpuz136; \??\C:\Users\Dizzle\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]

S3 SysInfo; \??\C:\Windows\system32\drivers\SysInfo.sys [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-17 08:40 - 2015-07-17 08:40 - 00000000 ____D C:\FRST

2015-07-16 22:49 - 2015-07-17 08:29 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-07-16 22:49 - 2015-07-16 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-07-16 22:48 - 2015-07-16 22:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-07-16 22:48 - 2015-07-16 22:48 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-07-16 22:48 - 2015-07-16 22:48 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-07-16 22:48 - 2015-07-16 22:48 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2015-07-16 22:48 - 2015-07-16 22:48 - 00000000 ____D C:\ProgramData\Malwarebytes

2015-07-16 22:22 - 2015-07-16 22:22 - 00000000 ____D C:\Users\Dizzle\Desktop\Configuration

2015-07-16 00:31 - 2015-07-16 00:31 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\NVIDIA

2015-07-16 00:31 - 2015-07-16 00:31 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\mpv

2015-07-15 23:59 - 2015-07-15 23:59 - 00000196 _____ C:\Users\Dizzle\.swfinfo

2015-07-15 23:55 - 2015-07-15 23:56 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\livestreamer

2015-07-15 21:03 - 2015-07-15 21:03 - 00000000 ____D C:\Users\Dizzle\AppData\Local\CEF

2015-07-15 19:51 - 2015-07-15 19:52 - 13245712 _____ C:\Users\Dizzle\Downloads\Warcraft Movie Trailer from Comic-Con (Leaked) (360p).mp4

2015-07-14 21:18 - 2015-07-14 21:18 - 00000000 _____ C:\Windows\system32\RENF046.tmp

2015-07-14 18:52 - 2015-07-14 18:52 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-07-14 18:52 - 2015-07-14 18:52 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-07-14 18:52 - 2015-07-14 18:52 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-07-14 18:52 - 2015-07-14 18:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-07-14 18:52 - 2015-07-14 18:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

2015-07-14 18:52 - 2015-07-14 18:52 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2015-07-14 18:51 - 2015-07-14 18:51 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-07-14 18:51 - 2015-07-14 18:51 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-07-14 18:51 - 2015-07-14 18:51 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-07-14 18:51 - 2015-07-14 18:51 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-07-14 18:51 - 2015-07-14 18:51 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-07-14 18:51 - 2015-07-14 18:51 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-07-14 18:51 - 2015-07-14 18:51 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-07-14 18:51 - 2015-07-14 18:51 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-07-14 18:51 - 2015-07-14 18:51 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-07-14 18:51 - 2015-07-14 18:51 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-07-14 18:51 - 2015-07-02 17:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2015-07-14 18:51 - 2015-07-02 16:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-07-14 18:49 - 2015-07-14 18:49 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-07-14 18:49 - 2015-07-14 18:49 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-07-14 18:49 - 2015-07-14 18:49 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-07-14 18:49 - 2015-07-14 18:49 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-07-14 18:49 - 2015-07-14 18:49 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-07-14 18:49 - 2015-07-14 18:49 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2015-07-14 18:49 - 2015-07-14 18:49 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-07-14 18:49 - 2015-07-14 18:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2015-07-14 18:49 - 2015-07-14 18:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-07-14 18:49 - 2015-06-20 15:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-07-14 18:49 - 2015-06-19 14:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2015-07-14 18:47 - 2015-07-14 18:47 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2015-07-14 18:47 - 2015-07-14 18:47 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2015-07-14 18:47 - 2015-07-14 18:47 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll

2015-07-14 18:47 - 2015-07-14 18:47 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll

2015-07-14 18:47 - 2015-07-14 18:47 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe

2015-07-14 18:47 - 2015-07-14 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2015-07-14 18:47 - 2015-07-14 18:47 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2015-07-14 18:46 - 2015-07-14 18:46 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2015-07-14 18:46 - 2015-07-14 18:46 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-07-14 18:46 - 2015-07-14 18:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2015-07-14 18:46 - 2015-07-14 18:46 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe

2015-07-14 18:46 - 2015-07-14 18:46 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2015-07-14 18:46 - 2015-07-14 18:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-07-14 18:46 - 2015-07-14 18:46 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe

2015-07-14 18:46 - 2015-07-14 18:46 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-07-14 18:46 - 2015-07-14 18:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2015-07-14 18:46 - 2015-07-14 18:46 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-07-14 18:46 - 2015-07-14 18:46 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

2015-07-14 18:46 - 2015-07-14 18:46 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2015-07-14 18:46 - 2015-07-14 18:46 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2015-07-05 02:03 - 2015-07-05 11:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-07-02 16:20 - 2015-07-02 16:20 - 00000000 ____D C:\Users\Dizzle\AppData\Local\NVIDIA Corporation

2015-07-02 16:13 - 2015-07-02 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2015-07-02 16:13 - 2015-07-02 16:13 - 00001377 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2015-07-02 16:13 - 2015-07-02 16:13 - 00000000 ____D C:\Users\Dizzle\AppData\Local\NVIDIA

2015-07-02 16:13 - 2015-06-17 05:10 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll

2015-07-02 16:13 - 2015-06-17 05:10 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2015-07-02 16:13 - 2015-06-17 05:10 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2015-07-02 16:13 - 2015-06-17 05:10 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll

2015-07-02 16:12 - 2015-07-02 16:13 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2015-07-02 16:12 - 2015-07-02 16:12 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2015-07-02 16:12 - 2015-07-02 16:12 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

2015-07-02 16:12 - 2015-07-02 16:12 - 00112784 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2015-07-02 16:12 - 2015-07-02 16:12 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll

2015-07-02 16:12 - 2015-06-17 02:48 - 06873232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2015-07-02 16:12 - 2015-06-17 02:48 - 03492168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

2015-07-02 16:12 - 2015-06-17 02:48 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2015-07-02 16:12 - 2015-06-17 02:48 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2015-07-02 16:12 - 2015-06-17 02:48 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2015-07-02 16:12 - 2015-06-02 10:11 - 04421614 _____ C:\Windows\system32\nvcoproc.bin

2015-07-02 16:11 - 2015-07-02 16:20 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2015-07-02 16:11 - 2015-07-02 16:12 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2015-07-02 16:11 - 2015-07-02 16:12 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 00408392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys

2015-07-02 16:11 - 2015-07-02 16:12 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 00061616 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

2015-07-02 16:11 - 2015-07-02 16:12 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

2015-07-02 16:11 - 2015-07-02 16:12 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll

2015-07-02 16:11 - 2015-07-02 16:11 - 00000000 ____D C:\ProgramData\boost_interprocess

2015-07-02 16:11 - 2015-06-17 05:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll

2015-07-02 16:11 - 2015-06-17 05:10 - 00030966 _____ C:\Windows\system32\nvinfo.pb

2015-07-02 16:10 - 2015-07-02 16:13 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2015-07-02 16:10 - 2015-07-02 16:10 - 00000000 ____D C:\NVIDIA

2015-07-02 16:05 - 2015-07-16 22:47 - 00000000 ____D C:\ProgramData\NVIDIA

2015-06-28 10:02 - 2015-07-15 18:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2015-06-28 10:02 - 2015-07-15 18:03 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

2015-06-28 10:02 - 2015-06-28 10:02 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk

2015-06-25 00:50 - 2015-06-25 00:50 - 00005690 _____ C:\Users\Dizzle\Documents\my letter.txt

2015-06-23 20:53 - 2015-06-23 20:53 - 00273224 _____ C:\Windows\Minidump\062315-30685-01.dmp

2015-06-22 21:02 - 2015-07-02 15:31 - 00207872 _____ (Power Admin LLC) C:\Windows\PAExec.exe

2015-06-22 21:00 - 2015-06-22 21:00 - 00000000 ____D C:\Windows\pss

2015-06-17 09:02 - 2015-06-17 09:02 - 00277352 _____ C:\Windows\Minidump\061715-23088-01.dmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-17 08:40 - 2013-03-06 11:52 - 01178966 _____ C:\Windows\WindowsUpdate.log

2015-07-17 08:36 - 2013-12-19 08:31 - 00000021 _____ C:\Users\Dizzle\AppData\Roaming\config_data.dat

2015-07-17 08:36 - 2013-04-24 17:58 - 00000000 ____D C:\Users\Dizzle\AppData\Local\CrashDumps

2015-07-17 08:34 - 2009-07-14 00:45 - 00027360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-07-17 08:34 - 2009-07-14 00:45 - 00027360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-07-17 08:29 - 2014-11-12 09:23 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-07-17 08:29 - 2014-06-27 19:17 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-07-17 08:29 - 2013-03-06 08:58 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\Skype

2015-07-16 23:45 - 2014-06-27 19:17 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-07-16 22:53 - 2009-07-14 01:13 - 00925702 _____ C:\Windows\system32\PerfStringBackup.INI

2015-07-16 22:50 - 2013-03-10 15:48 - 00000000 ____D C:\Users\Dizzle\AppData\Local\LogMeIn Hamachi

2015-07-16 22:48 - 2013-06-09 12:49 - 00000000 ____D C:\Users\Dizzle\AppData\Local\HTC MediaHub

2015-07-16 22:48 - 2009-07-14 00:51 - 00139377 _____ C:\Windows\setupact.log

2015-07-16 22:47 - 2010-11-20 23:47 - 00220104 _____ C:\Windows\PFRO.log

2015-07-16 22:47 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-07-16 22:25 - 2014-10-05 03:31 - 00000000 ___RD C:\Program Files (x86)\Skype

2015-07-16 22:25 - 2013-03-06 08:57 - 00000000 ____D C:\ProgramData\Skype

2015-07-16 22:24 - 2014-06-13 02:00 - 00000000 ____D C:\Users\Dizzle\AppData\Local\Adobe

2015-07-16 03:00 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX

2015-07-16 03:00 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\system32\GWX

2015-07-16 00:31 - 2013-03-10 15:12 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\vlc

2015-07-15 23:59 - 2013-03-06 19:54 - 00000000 ____D C:\Users\Dizzle

2015-07-15 23:40 - 2014-06-27 19:17 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-07-15 23:40 - 2014-06-27 19:17 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-07-15 23:29 - 2014-10-28 22:24 - 00000000 ____D C:\Users\Dizzle\AppData\Local\Battle.net

2015-07-15 18:31 - 2013-03-06 20:38 - 00000000 ____D C:\Users\Dizzle\Documents\My Games

2015-07-15 06:07 - 2014-08-14 04:00 - 00000000 ____D C:\Windows\rescache

2015-07-15 03:24 - 2009-07-14 00:45 - 00276624 _____ C:\Windows\system32\FNTCACHE.DAT

2015-07-15 03:23 - 2014-12-11 04:15 - 00000000 ____D C:\Windows\system32\appraiser

2015-07-15 03:23 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel

2015-07-15 03:23 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2015-07-15 03:04 - 2013-07-29 03:00 - 00000000 ____D C:\Windows\system32\MRT

2015-07-15 03:00 - 2013-03-05 22:05 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-07-14 21:18 - 2014-10-26 10:53 - 00000000 ____D C:\Program Files (x86)\Java

2015-07-14 21:18 - 2014-06-29 19:46 - 00000000 ____D C:\ProgramData\Oracle

2015-07-14 20:29 - 2014-10-26 10:53 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2015-07-14 20:28 - 2014-11-12 09:23 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-07-14 20:28 - 2013-03-08 19:39 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-07-14 20:28 - 2013-03-08 19:39 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-07-14 18:29 - 2014-06-27 19:18 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-07-12 11:42 - 2013-11-16 15:58 - 00024576 ___SH C:\Users\Dizzle\Documents\Thumbs.db

2015-07-06 08:41 - 2010-11-20 23:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2015-07-05 11:01 - 2013-03-08 19:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2015-07-02 16:19 - 2013-03-06 19:54 - 00000000 ____D C:\Users\Dizzle\AppData\Local\VirtualStore

2015-07-02 16:12 - 2013-06-09 12:47 - 00000000 ____D C:\Temp

2015-07-02 16:12 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Help

2015-06-28 10:01 - 2013-03-31 15:12 - 00000000 ____D C:\Program Files (x86)\Adobe

2015-06-28 10:01 - 2013-03-08 19:39 - 00000000 ____D C:\ProgramData\Adobe

2015-06-28 00:54 - 2014-08-17 21:40 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\OBS

2015-06-23 20:53 - 2013-03-06 19:54 - 00000000 ____D C:\Windows\Minidump

2015-06-23 19:09 - 2015-06-09 18:08 - 00006656 _____ C:\Windows\system32\lpcio.dll

2015-06-23 08:48 - 2014-05-28 23:17 - 00000000 ____D C:\Users\Dizzle\AppData\Roaming\Raptr

2015-06-23 08:48 - 2014-05-28 23:17 - 00000000 ____D C:\Program Files (x86)\Raptr

2015-06-22 21:43 - 2013-03-06 20:14 - 00000000 ____D C:\ProgramData\Package Cache

2015-06-22 20:07 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

==================== Files in the root of some directories =======

2015-02-27 19:12 - 2015-02-27 19:13 - 56568640 _____ () C:\Users\Dizzle\AppData\Roaming\Advanced Combat Tracker.zip

2013-12-19 08:31 - 2015-07-17 08:36 - 0000021 _____ () C:\Users\Dizzle\AppData\Roaming\config_data.dat

2013-03-05 20:08 - 2013-03-05 20:08 - 0000017 _____ () C:\Users\Dizzle\AppData\Local\resmon.resmoncfg

2008-02-05 15:28 - 2008-02-05 15:28 - 0000051 _____ () C:\Users\Dizzle\AppData\Local\setup.txt

2015-03-16 08:07 - 2015-03-16 08:07 - 0000000 _____ () C:\Users\Dizzle\AppData\Local\{00E698F6-1CDC-4623-863D-8908F2D6149C}

2015-03-25 08:38 - 2015-03-25 08:38 - 0000000 _____ () C:\Users\Dizzle\AppData\Local\{5666E3A9-7AA4-4B28-8896-22E2EEFB3BD6}

2015-05-03 09:59 - 2015-05-03 09:59 - 0000000 _____ () C:\Users\Dizzle\AppData\Local\{9834506B-3318-454E-B080-613FEB23F057}

2015-03-27 08:40 - 2015-03-27 08:40 - 0000000 _____ () C:\Users\Dizzle\AppData\Local\{E894F7C8-5041-4DCD-8A84-EBE44E37AAF3}

2014-03-27 15:01 - 2014-03-27 15:01 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:

====================

C:\Users\Dizzle\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exe

C:\Users\Dizzle\AppData\Local\Temp\AutoDetectUtilApp.exe

C:\Users\Dizzle\AppData\Local\Temp\Gw2.exe

C:\Users\Dizzle\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe

C:\Users\Dizzle\AppData\Local\Temp\jre-8u40-windows-au.exe

C:\Users\Dizzle\AppData\Local\Temp\jre-8u45-windows-au.exe

C:\Users\Dizzle\AppData\Local\Temp\qc_e3f0f3ef_27e6_4ca8_8a7c_a3d761aa54bb_64.exe

C:\Users\Dizzle\AppData\Local\Temp\raptrpatch.exe

C:\Users\Dizzle\AppData\Local\Temp\raptr_stub.exe

C:\Users\Dizzle\AppData\Local\Temp\speccycpuid.dll

C:\Users\Dizzle\AppData\Local\Temp\vlc-2.2.1-win32.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-07-13 03:15

==================== End of log ============================

FRST.txt

Addition.txt

TwinHeadedEagle · July 17, 2015

Hello,

When do you receive this warning?

calypso9 · July 17, 2015

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015

Running from B:\Downloads

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-831873670-1328612798-2367821417-500 - Administrator - Disabled)

Dizzle (S-1-5-21-831873670-1328612798-2367821417-1000 - Administrator - Enabled) => C:\Users\Dizzle

Guest (S-1-5-21-831873670-1328612798-2367821417-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-831873670-1328612798-2367821417-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}

AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Comodo Defense+ (Disabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}

FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)

Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)

Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)

Advanced Combat Tracker (remove only) (HKLM-x32\...\Advanced Combat Tracker) (Version: - )

Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version: - Creative Assembly)

American McGee presents Scrapland (HKLM-x32\...\{20D9C678-A895-4F76-8AC2-22EDFF5F9C91}) (Version: - )

ANNO 1404 - Venice (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.01.5010 - Ubisoft)

ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.03.0000 - Ubisoft)

Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden

Anno 1404: Venice (HKLM-x32\...\Steam App 33350) (Version: - Blue Byte)

Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte)

Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)

Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)

AVer MediaCenter 3D (HKLM-x32\...\InstallShield_{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}) (Version: 1.7.9 - AVerMedia Technologies, Inc.)

AVer MediaCenter 3D (x32 Version: 1.7.9 - AVerMedia Technologies, Inc.) Hidden

AVerMedia C027 PCIe HD Capture Device 1.52.64.37 (HKLM-x32\...\AVerMedia C027 PCIe HD Capture Device) (Version: 1.52.64.37 - AVerMedia TECHNOLOGIES, Inc.)

Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)

Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)

Black Mirror (HKLM-x32\...\Steam App 292930) (Version: - Future Games)

Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)

calibre (HKLM-x32\...\{ABCDCEDE-BB81-4169-8A5B-3776D7DBCDC5}) (Version: 1.42.0 - Kovid Goyal)

CameraHelperMsi (x32 Version: 13.40.836.0 - Logitech) Hidden

Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo)

COMODO Firewall (HKLM\...\{A0BABADE-E154-4F08-97A1-2903CD110E88}) (Version: 6.2.20728.2847 - COMODO Security Solutions Inc.)

Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.6.5214 - Corsair)

Corsair Link USB Dongle (Driver Removal) (HKLM-x32\...\CMIUSB&1B1C&1C00) (Version: - Corsair Memory, Inc.)

D4: Dark Dreams Don't Die (HKLM-x32\...\Steam App 358090) (Version: - Access Games)

DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)

Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)

DAZ Content Management Service (HKLM-x32\...\DAZ Content Management Service 4.8.1.7) (Version: 4.8.1.7 - DAZ 3D)

DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.0.1.115) (Version: 1.0.1.115 - DAZ 3D)

Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)

Disney Toontown Online (HKLM-x32\...\Disney Toontown Online) (Version: - Walt Disney Internet Group)

Distance (HKLM-x32\...\Steam App 233610) (Version: - Refract)

Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden

Dragon Age Inquisition (HKLM-x32\...\Dragon Age Inquisition_is1) (Version: 1.0.0.0 - Релиз от R.G. Steamgames)

Dreamfall Chapters (HKLM-x32\...\Steam App 237850) (Version: - Red Thread Games)

Dungeons & Dragons: Chronicles of Mystara (HKLM-x32\...\Steam App 229480) (Version: - Iron Galaxy Studios)

Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)

Epic Games Launcher (HKLM\...\{8727C279-A122-40B8-8ACA-271E1809DAA5}) (Version: 1.1.23.0 - Epic Games, Inc.)

erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden

F.E.A.R. (HKLM-x32\...\Steam App 21090) (Version: - Monolith Productions, Inc.)

Fable - The Lost Chapters (HKLM-x32\...\Steam App 204030) (Version: - Lionhead Studios)

Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)

FINAL FANTASY XI (HKLM-x32\...\Steam App 23390) (Version: - SQUARE ENIX, INC.)

FINAL FANTASY XI Seekers of Adoulin (x32 Version: 1.50.0 - SQUARE ENIX CO., LTD.) Hidden

FINAL FANTASY XI: Seekers of Adoulin (HKLM-x32\...\InstallShield_{E86A33A7-6C77-48F3-9D72-2D8F4C1AD5AC}) (Version: 1.50.0 - SQUARE ENIX CO., LTD.)

FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)

Five Nights at Freddy's 2 (HKLM-x32\...\Steam App 332800) (Version: - Scott Cawthon)

FUEL (HKLM-x32\...\Steam App 12800) (Version: - Asobo Studio SARL)

Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)

GeekBuddy (HKLM-x32\...\{8402D61C-609B-4FA3-B86D-21868D850821}) (Version: 4.19.137 - Comodo Security Solutions Inc)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden

Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)

GUILTY GEAR X2 #RELOAD (HKLM-x32\...\{6984297D-54B4-47F2-B160-D40C305756AF}) (Version: 01.00.0001 - Arc System Works Co., Ltd.)

Happy Cloud Client (HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.)

Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version: - IO Interactive)

HP Photosmart Plus B210 series Basic Device Software (HKLM\...\{5B17980C-5C44-45D0-80A5-665FD9E776A9}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.2.0.001 - HTC Corporation)

HTC Sync Manager (HKLM-x32\...\{5002C5B1-B688-474A-AB3A-9B65DBD38FF9}) (Version: 2.0.60.0 - HTC)

IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)

IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )

IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )

Intel® Network Connections 17.1.55.0 (HKLM\...\PROSetDX) (Version: 17.1.55.0 - Intel)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)

Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)

IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)

Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)

JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)

Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden

Lego Harry Potter (HKLM-x32\...\Steam App 21130) (Version: - TT Games)

LEGO® Worlds (HKLM-x32\...\Steam App 332310) (Version: - TT Games)

Livestream Procaster (HKLM-x32\...\{68E4C751-272B-44E1-94C7-4E1FDC40F7DA}) (Version: 20.3.25 - Procaster)

Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version: - )

LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden

LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden

Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.40 - Logitech Inc.)

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.236 - LogMeIn, Inc.) Hidden

LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden

Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)

Mercenary Kings (HKLM-x32\...\Steam App 218820) (Version: - Tribute Games Inc.)

METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version: - Kojima Productions)

Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)

Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)

Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)

Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)

Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual Studio Premium 2012 (HKLM-x32\...\{ddf0bb95-e254-447e-8472-3470057d9c7e}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)

Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)

Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig)

Mumble 1.3.0 (HKLM\...\{C1F5A0BB-2117-4609-90A0-D42DD66A3AE3}) (Version: 1.3.0 - The Mumble team)

NiGHTS into Dreams... (HKLM-x32\...\Steam App 219950) (Version: - SEGA)

Nosgoth (HKLM-x32\...\Steam App 200110) (Version: - Psyonix)

NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)

NVIDIA 3D Vision Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)

NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)

NVIDIA Graphics Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )

Outlast (HKLM-x32\...\Steam App 238320) (Version: - Red Barrels)

Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )

PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version: - Mine Loader Software Co., Ltd.)

Passing Pineview Forest (HKLM-x32\...\Steam App 331120) (Version: - VIS - Visual Imagination Software)

PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)

PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

Perforce Server Components (HKLM\...\{E320C837-5868-411C-B0B6-BDB74BFD628D}) (Version: 122.55.1823 - Perforce Software)

Perforce Visual Components (HKLM\...\{C9C04584-E48A-41D9-A069-85E4C309DA9B}) (Version: 122.52.8133 - Perforce Software)

Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)

PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden

Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)

Resident Evil 5 (HKLM-x32\...\Steam App 21690) (Version: - Capcom)

Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) <==== ATTENTION!

Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)

SDK Debuggers (x32 Version: 8.59.29746 - Microsoft Corporation) Hidden

SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version: - )

SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden

Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)

Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)

Sniper Ghost Warrior 2 (HKLM-x32\...\Steam App 34870) (Version: - City Interactive)

Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)

Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)

Split/Second (HKLM-x32\...\Steam App 297860) (Version: - Black Rock Studio)

Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version: - BioWare)

Starbound (HKLM-x32\...\Steam App 211820) (Version: - )

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

TeamSpeak 3 Client (HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)

TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)

TERA (HKLM-x32\...\{A2S166A0-F031-4E27-A057-C69733219434}_is1) (Version: 19.04.02.03.hf3 - Gameforge Productions GmbH)

TERA (HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\teraenmasse) (Version: - )

The Secret World (HKLM-x32\...\Steam App 215280) (Version: - Funcom)

Toybox Turbos (HKLM-x32\...\Steam App 287260) (Version: - Codemasters)

Transmission-Qt (HKLM-x32\...\8538E49A-6FE5-4FDB-8649-922BB839F21F) (Version: 2.77 - transmissionbt.com)

Trillian (HKLM-x32\...\Trillian) (Version: - Cerulean Studios, LLC)

Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)

Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)

Unreal Development Kit: 2013-07 (HKLM\...\UDK-8b67ad02-5d78-45bc-aee2-6ffdf9a24bf1) (Version: - Epic Games, Inc.)

Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)

Valkyria Chronicles™ (HKLM-x32\...\Steam App 294860) (Version: - SEGA)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)

Wanderlust: Rebirth (HKLM-x32\...\Steam App 211580) (Version: - Yeti Trunk)

WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden

WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden

WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)

WildStar (HKLM-x32\...\WildStar) (Version: - NCSOFT)

Windower (HKU\S-1-5-21-831873670-1328612798-2367821417-1000\...\Windower) (Version: 4.0.0.0 - Windower Team)

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation)

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

XSplit Broadcaster (HKLM-x32\...\{6459F338-FE52-4034-BCA7-74772DA0F24D}) (Version: 1.3.1403.1202 - SplitMediaLabs)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

08-07-2015 08:27:09 Windows Update

11-07-2015 12:07:16 Windows Update

15-07-2015 03:00:27 Windows Update

16-07-2015 03:00:21 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {170BA68F-54E9-4049-AF4A-C9A013F8A127} - System32\Tasks\{6711B8B4-95FB-4B77-BE0E-1C90BA227CE4} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/en/go/help.faq.installer?source=lightinstaller&LastError=1603

Task: {472A178E-B0F2-4AD0-8B2B-4F34A823FFED} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe

Task: {5016A974-3F87-4AAD-A48C-648048F180D1} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe [2014-04-11] ()

Task: {534305C1-87EE-4E1B-8D1C-65492FB4CD2E} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-01-30] (COMODO)

Task: {5F804C1E-284F-495E-811B-0F9FF8C8EA16} - System32\Tasks\{8B04A503-2D21-45AE-90F6-B43A22640F80} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/en/go/help.faq.installer?source=lightinstaller&LastError=1603

Task: {658BD800-814B-45A1-BF7E-72EA6EEDB3A6} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-01-30] (COMODO)

Task: {7534948D-3533-43DF-AC0F-21A8A20816F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-27] (Google Inc.)

Task: {7DDE16C2-A988-44C4-BB64-E8AC9558C811} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

Task: {82756ACE-B82E-4380-9DCB-1A9592BDF8B4} - System32\Tasks\{7FDC376D-4F77-4A5F-BF0A-89231E4AE9B2} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/en/go/help.faq.installer?source=lightinstaller&LastError=1603

Task: {8752F403-B560-495D-8C8B-FBDFFB12F8FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-15] (Adobe Systems Incorporated)

Task: {88379660-06F8-4707-8CBB-6B4569EDE367} - System32\Tasks\Start CorsairLINK Hardware Monitor => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exe [2013-08-06] (Corsair Components, Inc.)

Task: {8D88D503-AA77-47C6-BBCD-3C1F0723DACD} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

Task: {9BB86C39-FFC5-489E-8562-2A37099B29F1} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-01-30] (COMODO)

Task: {A4377106-E965-4191-89B7-63049738C85E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)

Task: {A9A11509-8221-49FE-AB2F-94FD54BEE7C0} - System32\Tasks\AdobeAAMUpdater-1.0-Bubuputer-Dizzle => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)

Task: {A9C5F716-8977-478A-B2E0-086C5E6E8AF5} - System32\Tasks\{D3D7B18F-963D-4FB0-B551-AEFFCE08815F} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/en/go/help.faq.installer?source=lightinstaller&LastError=1603

Task: {C23E9A0B-1F30-4DEC-8557-70916DBC0572} - System32\Tasks\{FA51CEC3-541C-4125-B535-1D5906172B0C} => Firefox.exe http://ui.skype.com/ui/0/6.6.60.106/en/abandoninstall?page=tsMain

Task: {D2019788-B40D-4D9C-8D88-289CE5D7C4D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-27] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-02 16:12 - 2015-06-17 02:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2013-03-10 15:20 - 2011-04-01 22:52 - 00403456 _____ () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe

2013-03-10 15:20 - 2010-01-06 03:43 - 00155648 _____ () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe

2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

2013-03-10 15:20 - 2012-06-10 02:33 - 00053248 _____ () C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL

2015-07-02 16:13 - 2015-06-17 05:10 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

2013-03-12 17:10 - 2015-04-16 13:40 - 00776192 _____ () B:\Program Files (x86)\Steam\SDL2.dll

2015-01-31 12:44 - 2015-04-22 22:16 - 04962816 _____ () B:\Program Files (x86)\Steam\v8.dll

2015-01-31 12:44 - 2015-04-22 22:16 - 01556992 _____ () B:\Program Files (x86)\Steam\icui18n.dll

2015-01-31 12:44 - 2015-04-22 22:16 - 01187840 _____ () B:\Program Files (x86)\Steam\icuuc.dll

2014-05-24 18:32 - 2015-06-04 14:56 - 02407104 _____ () B:\Program Files (x86)\Steam\video.dll

2014-08-29 18:09 - 2014-12-01 17:31 - 02396672 _____ () B:\Program Files (x86)\Steam\libavcodec-56.dll

2014-08-29 18:09 - 2014-12-01 17:31 - 00442880 _____ () B:\Program Files (x86)\Steam\libavutil-54.dll

2014-08-29 18:09 - 2014-12-01 17:31 - 00479744 _____ () B:\Program Files (x86)\Steam\libavformat-56.dll

2014-08-29 18:09 - 2014-12-01 17:31 - 00332800 _____ () B:\Program Files (x86)\Steam\libavresample-2.dll

2014-08-29 18:09 - 2014-12-01 17:31 - 00485888 _____ () B:\Program Files (x86)\Steam\libswscale-3.dll

2013-02-25 08:39 - 2015-06-04 14:56 - 00703168 _____ () B:\Program Files (x86)\Steam\bin\chromehtml.DLL

2011-11-11 15:08 - 2011-11-11 15:08 - 02145304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll

2011-11-11 15:08 - 2011-11-11 15:08 - 07956504 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll

2011-11-11 15:08 - 2011-11-11 15:08 - 00342552 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll

2011-11-11 15:08 - 2011-11-11 15:08 - 00029208 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll

2011-11-11 15:08 - 2011-11-11 15:08 - 00128536 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll

2013-02-19 12:48 - 2015-05-11 15:01 - 36302728 _____ () B:\Program Files (x86)\Steam\bin\libcef.dll

2013-05-17 12:22 - 2013-05-17 12:22 - 00030056 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll

2013-05-17 12:22 - 2013-05-17 12:22 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll

2013-05-17 12:22 - 2013-05-17 12:22 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll

2013-05-17 12:22 - 2013-05-17 12:22 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll

2013-05-17 12:23 - 2013-05-17 12:23 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll

2013-05-17 12:27 - 2013-05-17 12:27 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll

2014-10-18 05:19 - 2014-10-18 05:19 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll

2013-03-06 02:15 - 2012-02-01 17:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID

AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvapi64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvaudcap64v.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvcuda.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvcuvid.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvd3dumx.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvdispco6435330.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvdispgenco6435330.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvEncodeAPI64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\NvFBC64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvhdagenco6420103.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvhdap64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\NvIFR64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\NvIFROpenGL.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvinitx.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvoglshim64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvoglv64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvopencl.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvumdshimx.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvvsvc.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\nvwgf2umx.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\OpenCL.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\rdvidcrl.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID

AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID

AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wksprt.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\nvapi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\nvaudcap32v.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\nvcompiler.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\nvcuda.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\nvcuvid.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\nvd3dum.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\nvEncodeAPI.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\NvFBC.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\NvIFR.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\NvIFROpenGL.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\nvinit.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\nvoglshim32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\nvoglv32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\nvopencl.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\nvStreaming.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\nvumdshim.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\nvwgf2um.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\rdvidcrl.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID

AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\amdkmpfd.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\MpFilter.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\NisDrvWFP.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\nvhda64v.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\nvlddmkm.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\nvvad64v.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID

AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID

AlternateDataStreams: C:\Users\Dizzle\Downloads\033115wo.mp3:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\20150610_100525.png:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\20150614_031108(1).png:$CmdTcID

AlternateDataStreams: C:\Users\Dizzle\Downloads\20150614_031108(1).png:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\20150614_031108.png:$CmdTcID

AlternateDataStreams: C:\Users\Dizzle\Downloads\20150614_031108.png:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\20150615_175619.png:$CmdTcID

AlternateDataStreams: C:\Users\Dizzle\Downloads\20150615_175619.png:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\20150618_162440.png:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\20150619_183529.png:$CmdTcID

AlternateDataStreams: C:\Users\Dizzle\Downloads\20150619_183529.png:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\Adoption Application.fb:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\EpicGamesLauncherInstaller-2.0.0-2465596.msi:$CmdTcID

AlternateDataStreams: C:\Users\Dizzle\Downloads\EpicGamesLauncherInstaller-2.0.0-2465596.msi:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\fceux-2.2.2-win32.zip:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\Gw2Setup.exe:$CmdTcID

AlternateDataStreams: C:\Users\Dizzle\Downloads\Gw2Setup.exe:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0098.jpg:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0105(1).jpg:$CmdTcID

AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0105(1).jpg:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0105.jpg:$CmdTcID

AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0105.jpg:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0130.jpg:$CmdTcID

AlternateDataStreams: C:\Users\Dizzle\Downloads\IMAG0130.jpg:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\photo_1431877536842.jpg:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\Screenshot_2015-04-27-15-43-28.png:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\Screenshot_2015-06-19-09-27-15.png:$CmdTcID

AlternateDataStreams: C:\Users\Dizzle\Downloads\Screenshot_2015-06-19-09-27-15.png:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\SkypeSetup(1).exe:$CmdTcID

AlternateDataStreams: C:\Users\Dizzle\Downloads\SkypeSetup(1).exe:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\Stone Cold Mania 31 Unused Entrance (360p).mp4:$CmdTcID

AlternateDataStreams: C:\Users\Dizzle\Downloads\Stone Cold Mania 31 Unused Entrance (360p).mp4:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\Takeshi's Challenge.nes:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\Takeshi's Challenge.nes.part:$CmdTcID

AlternateDataStreams: C:\Users\Dizzle\Downloads\Untitled.webm:$CmdTcID

AlternateDataStreams: C:\Users\Dizzle\Downloads\Untitled.webm:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\vine.mp4:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\Warcraft Movie Trailer from Comic-Con (Leaked) (360p).mp4:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\watching a shitposter.gif:$CmdZnID

AlternateDataStreams: C:\Users\Dizzle\Downloads\Zodiac.Glass.exe:$CmdTcID

AlternateDataStreams: C:\Users\Dizzle\Downloads\Zodiac.Glass.exe:$CmdZnID

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-831873670-1328612798-2367821417-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dizzle\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.1.254

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

calypso9 · July 17, 2015

Hello,
When do you receive this warning?

It always just persists whenever MBAM is running. Please see the link to the previous thread. Real-time protection is unable to be activated.

(Second half off Addition.txt)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{71E24ADE-6F5D-45DC-96ED-FDEAB020B2F2}] => (Allow) B:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{D944C32F-C416-45B4-BBD0-22CA48AC4886}] => (Allow) B:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [TCP Query User{8F9742CB-955B-4ED6-8BA0-632D6C4BE44E}C:\program files (x86)\transmission-qt\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission-qt\transmission-qt.exe

FirewallRules: [uDP Query User{B3B7D072-68CC-4D1C-A21C-777BD5E01710}C:\program files (x86)\transmission-qt\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission-qt\transmission-qt.exe

FirewallRules: [TCP Query User{59A620D0-D260-451A-96EC-53A8A4B8A3EA}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe

FirewallRules: [uDP Query User{CF3A78B3-8857-4189-9A31-79C026830864}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe

FirewallRules: [{7F13FCD3-8B96-479F-AFE8-31743346F8CE}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\The Secret World\ClientPatcher.exe

FirewallRules: [{5AF6C339-9E84-495C-B01F-13ABD7A5313A}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\The Secret World\ClientPatcher.exe

FirewallRules: [TCP Query User{60003254-D722-45BD-8C83-D6D60F29D603}C:\program files (x86)\squareenix\final fantasy xiv - a realm reborn (beta version)\game\ffxiv.exe] => (Allow) C:\program files (x86)\squareenix\final fantasy xiv - a realm reborn (beta version)\game\ffxiv.exe

FirewallRules: [uDP Query User{8903C65C-2754-4D87-B9AF-BCB313EFB5E5}C:\program files (x86)\squareenix\final fantasy xiv - a realm reborn (beta version)\game\ffxiv.exe] => (Allow) C:\program files (x86)\squareenix\final fantasy xiv - a realm reborn (beta version)\game\ffxiv.exe

FirewallRules: [TCP Query User{1E2D9B54-293F-4957-8C79-3AB443278956}C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe] => (Block) C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe

FirewallRules: [uDP Query User{63289276-C741-4E66-ACA9-B07841DE132D}C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe] => (Block) C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe

FirewallRules: [{01079CA5-4967-4F4A-9555-E0645A54C935}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Addon.exe

FirewallRules: [{717CA712-DFC8-4E7F-9F23-2A451EDDA777}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Addon.exe

FirewallRules: [{76F32080-1CA7-4B54-88EB-3DA5FEE471A1}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe

FirewallRules: [{1EC65DA7-0DF2-4367-BD89-D6AA19E41505}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe

FirewallRules: [{5A9C25E6-B547-42C1-B43B-40E7C5C8C2F5}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dead Island\DeadIslandGame.exe

FirewallRules: [{1DC2EA88-EAE1-469A-9825-E9CBB22B5165}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dead Island\DeadIslandGame.exe

FirewallRules: [{770EB2AA-0137-40CD-99D3-34FD296A3538}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\FINAL FANTASY XI\polboot.exe

FirewallRules: [{38AE48F6-3912-4A28-9596-8D31E6D191EB}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\FINAL FANTASY XI\polboot.exe

FirewallRules: [{AD169DE3-FBCD-4B92-93B9-70852727642C}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\PlayOnlineViewer\polcfg\polcfg.exe

FirewallRules: [{9862D61D-1714-4038-B84B-A74A4FE74FD5}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\PlayOnlineViewer\polcfg\polcfg.exe

FirewallRules: [{6679A643-B0B5-485C-A5B9-658BAF8C01A5}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\FINAL FANTASY XI\ToolsUS\FINAL FANTASY XI Config.exe

FirewallRules: [{1F2A398D-6EFF-4216-9301-F4966DEFF3BA}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ffxi\SquareEnix\FINAL FANTASY XI\ToolsUS\FINAL FANTASY XI Config.exe

FirewallRules: [{75646070-3858-4AD9-873E-BD1986FAE6A4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 5\Launcher.exe

FirewallRules: [{26E013A2-DECF-46F7-95C9-A5A577FD61ED}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 5\Launcher.exe

FirewallRules: [TCP Query User{365718C6-535B-42AF-97BC-E7AAB5CD65E9}B:\program files (x86)\steam\steamapps\common\ffxi\squareenix\playonlineviewer\pol.exe] => (Allow) B:\program files (x86)\steam\steamapps\common\ffxi\squareenix\playonlineviewer\pol.exe

FirewallRules: [uDP Query User{68F78B55-22D9-405C-9871-4C4B621D443A}B:\program files (x86)\steam\steamapps\common\ffxi\squareenix\playonlineviewer\pol.exe] => (Allow) B:\program files (x86)\steam\steamapps\common\ffxi\squareenix\playonlineviewer\pol.exe

FirewallRules: [{C456438E-204C-4378-9A3B-9F68E9BFDC6F}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe

FirewallRules: [{195F3DDD-971D-439E-B06C-8691B12BA731}] => (Block) D:\Program Files (x86)\Dragon Age 2\DragonAge2Launcher.exe

FirewallRules: [{4A5D9913-367D-49BC-B3A2-1F64492752F8}] => (Block) D:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exe

FirewallRules: [{9EC8B1CA-41FD-49DE-865A-8C8037B809D8}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe

FirewallRules: [{79D321E0-4814-4F43-9A4A-7B3A409B0F5E}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe

FirewallRules: [{539B84C4-4B12-419F-B191-1E8CA8566DB3}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Hitman Blood Money\HitmanBloodMoney.exe

FirewallRules: [{A420BE28-DAAD-4B61-BBAC-A6BE953F316F}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Hitman Blood Money\HitmanBloodMoney.exe

FirewallRules: [{40B3350E-65C9-4530-A9F8-E96A9C9A5E9F}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Hitman Blood Money\configure.exe

FirewallRules: [{EC1B6336-DCDF-4464-8B37-7E86A7BB0AF5}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Hitman Blood Money\configure.exe

FirewallRules: [TCP Query User{044543CB-E13B-4347-9491-90F55B3F310E}B:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) B:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe

FirewallRules: [uDP Query User{3C7642B3-6F67-47D3-B86C-D070276FD6D5}B:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) B:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe

FirewallRules: [{EFC9FE44-7D06-4BE6-8384-1BA34F13F6B1}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLClient.exe

FirewallRules: [{8FDAF587-73DD-4A05-AC49-7B9C33854DA6}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLClient.exe

FirewallRules: [{D61D8745-6203-45A8-8E82-51A8532BB5B4}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLClient.exe

FirewallRules: [{8B2CFF0C-6066-4EAE-ABA9-E28F2EA1B46C}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLClient.exe

FirewallRules: [{C8394A87-186C-4CFA-8B84-0E03BAC707A9}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe

FirewallRules: [{A23D0D5C-FD68-460D-937C-FD10616AFF39}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe

FirewallRules: [{1D0C3275-1406-4953-8EEF-A348203A4F3C}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe

FirewallRules: [{30A20519-6F08-4C9F-A83F-0FA0F82B815F}] => (Allow) C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe

FirewallRules: [{C83DE87A-259A-4879-BA8E-798A94BC475C}] => (Allow) LPort=3074

FirewallRules: [{3FED296F-5794-4DAE-81D0-9DE273DA503B}] => (Allow) LPort=3074

FirewallRules: [{22F63F75-3D02-4371-977E-8395C3DE8899}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\FUEL\GameSetup.exe

FirewallRules: [{A5E9EA2F-677E-46CB-B3EF-73E391DCA9FB}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\FUEL\GameSetup.exe

FirewallRules: [{82DC3AB2-6C54-4EB1-9546-2C981127598E}] => (Allow) C:\UDK\UDK-2013-07\Binaries\Win32\UDK.exe

FirewallRules: [{9AEEEF37-EEEF-4E3B-90C0-E01C067FD138}] => (Allow) C:\UDK\UDK-2013-07\Binaries\Win32\UDK.exe

FirewallRules: [{8D5D5214-590E-4D44-8BA8-BDD23D334FD2}] => (Allow) C:\UDK\UDK-2013-07\Binaries\Win64\UDK.exe

FirewallRules: [{5F9FCB3D-AA41-4A47-8374-FB5113C65CD8}] => (Allow) C:\UDK\UDK-2013-07\Binaries\Win64\UDK.exe

FirewallRules: [{04C357F6-25FA-4A46-ADC9-07A9A9C5EEEE}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe

FirewallRules: [{6B134FD3-8562-4D52-9E0A-A9E88957EE81}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe

FirewallRules: [{1ED0F717-5D4F-4A5A-ADD9-8439D8106D97}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe

FirewallRules: [{FC1BCF9D-F018-44CB-802B-9586A1C2C01B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe

FirewallRules: [{F2503AF5-08FF-426F-8EEE-13B522C9F508}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe

FirewallRules: [{C6B883B8-3695-4729-B8D0-4F367F3123C4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe

FirewallRules: [{1CE37F95-E946-4F44-9E24-EB970ECB9E33}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe

FirewallRules: [{727E61AE-68BF-47E9-9BD5-54B3CED8F96B}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe

FirewallRules: [{99FD66D9-DB0F-4455-B57C-E19CAFE11EB5}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe

FirewallRules: [{7C754A78-8FBC-4413-B14B-BCFE766E62E7}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe

FirewallRules: [{BBF7939F-8B33-43EB-A3E0-69E830ADC048}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe

FirewallRules: [{E891273A-6D31-45EA-A8F0-8C894ACEB4E7}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe

FirewallRules: [{3C487239-C168-4305-89CB-34CCE4A121B1}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe

FirewallRules: [{E4C2F5B9-C426-4297-807E-178F09865C21}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe

FirewallRules: [{C351DF30-4C0D-4A25-B189-58BFAB2DE9B4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe

FirewallRules: [{0C925FBC-1AC8-4EE2-AFB9-74ACE7180637}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe

FirewallRules: [{43DA3AA5-57D4-4E98-B0AD-F35C58AE850E}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe

FirewallRules: [{6D8C2515-C693-4EDC-85AC-A11A2DC96854}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe

FirewallRules: [{D75BD60F-624E-4ED5-A298-BC9F12988230}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe

FirewallRules: [{0D3018DB-60D5-4ADA-B0B1-B2D912EBA8E4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe

FirewallRules: [{4AAECCF7-7D68-4A93-B1DA-2C74C180CEAE}] => (Allow) B:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe

FirewallRules: [{658D1431-3C41-4211-9EB1-9653E36BAC2D}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe

FirewallRules: [{131A19C6-7A7C-4B2D-B86C-A41C29AE7C58}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe

FirewallRules: [{E3F84527-A229-487E-9271-30310A39EF38}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe

FirewallRules: [{E075DD9C-78BB-434A-94B0-DBE25ADF905B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe

FirewallRules: [{74559A37-F4CD-4976-9B55-26F915C86109}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Wanderlust Rebirth\Wanderlust.exe

FirewallRules: [{EDCCB2B1-E076-4CCC-8410-20FD7FF6E5AC}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Wanderlust Rebirth\Wanderlust.exe

FirewallRules: [{8A423AA5-A291-4666-AFAC-951CA390510B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe

FirewallRules: [{FBEED69C-1F0B-4FAB-AC1C-81CA0B5450F7}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe

FirewallRules: [{8EFC64E1-378B-4F5B-8E01-769A29A0EDBF}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe

FirewallRules: [{6E50C40E-8CC9-435C-B0E6-28CFEE23DC88}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe

FirewallRules: [{0C3CB4F8-AFB0-444A-871E-6F0C2733D667}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe

FirewallRules: [{D6F8712E-F3C3-4C09-9901-25463136BD0E}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe

FirewallRules: [{05222B9C-A19F-4658-9313-5CBB199714E7}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe

FirewallRules: [{935856F5-5856-42C6-B448-DB13671CE6C2}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe

FirewallRules: [{EAEB1C89-3C60-4715-A069-8D8EBE68A5B2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

FirewallRules: [{B5AD338B-F147-4324-9552-F4074B43C994}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

FirewallRules: [{4A052965-CEAA-4BAF-918A-FFE5C240245D}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe

FirewallRules: [{D995E0CC-F254-4AA0-9E2C-79E57BC6E790}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe

FirewallRules: [{7E59BF8C-17F4-487E-B59B-E2AC8ED62B8E}] => (Allow) B:\HappyCloud\Cache\TERA\TERA-Launcher.exe

FirewallRules: [{C6C29A7A-09B6-48E6-8CB6-3CDEFAC64EF4}] => (Allow) B:\HappyCloud\Cache\TERA\TERA-Launcher.exe

FirewallRules: [{017A6432-A059-4FC3-8217-DBC2729486E6}] => (Allow) B:\HappyCloud\Cache\TERA\Client\TL.exe

FirewallRules: [{3753C25B-96E7-4E59-90F6-86D2AFCD8CC5}] => (Allow) B:\HappyCloud\Cache\TERA\Client\TL.exe

FirewallRules: [{85821350-0116-45F6-92C2-513EE3115A0D}] => (Allow) B:\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe

FirewallRules: [{9CD6B736-A0DD-428F-ABF2-704FFAE07296}] => (Allow) B:\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe

FirewallRules: [{44FDFDB4-64FC-4C1B-AFC7-315EBEB845CC}] => (Allow) B:\Program Files (x86)\Tunngle\TnglCtrl.exe

FirewallRules: [{647C1A99-754E-4C10-A4A6-949F1040FC17}] => (Allow) B:\Program Files (x86)\Tunngle\TnglCtrl.exe

FirewallRules: [{8FCAFDBF-491C-434D-98E9-65244F7E5ABA}] => (Allow) B:\Program Files (x86)\Tunngle\Tunngle.exe

FirewallRules: [{C923BFC2-BCF8-459C-92F6-C16917AF1FB0}] => (Allow) B:\Program Files (x86)\Tunngle\Tunngle.exe

FirewallRules: [{D35D0206-36A6-4C88-BDB1-75AFC1B336E1}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Fable The Lost Chapters\Fable.exe

FirewallRules: [{AAB65210-7A80-4694-8C52-7B4DEA1D9495}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Fable The Lost Chapters\Fable.exe

FirewallRules: [{1858156E-22F3-45AD-A609-D6BB69200EEA}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe

FirewallRules: [{28E6E63E-9422-46AA-9512-BF9D3DCF4598}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe

FirewallRules: [{258A12F5-F848-4CA7-98B2-63FDF27C58D8}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicatorCom.exe

FirewallRules: [{1E2F32A0-85F2-4988-8E61-86355A7D871B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exe

FirewallRules: [{DDDA60AB-61ED-47B9-A1A4-1CD4E7CAFE74}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\NiGHTS Into Dreams\Launcher.exe

FirewallRules: [{146245B5-9E34-40F9-9EC3-38048C65924B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Wanderlust Rebirth\Wanderlust.exe

FirewallRules: [{8A6EFE67-756A-4B80-9EE6-FB7BA73EF4DA}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Wanderlust Rebirth\Wanderlust.exe

FirewallRules: [{FA135EB2-A519-4129-A65C-28A7A8A2A2F4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe

FirewallRules: [{B583E63B-BF93-407C-9E1F-52F5D44B1823}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe

FirewallRules: [{4CD6C8F2-DFBA-45D8-B5D6-7675528FE1CF}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe

FirewallRules: [{53F53383-7FF4-4E9E-801F-972042E24906}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe

FirewallRules: [{6AEFAE89-656B-477B-89BC-4291BA65E50E}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dungeons & Dragons HD\ManaGame.exe

FirewallRules: [{CC7DC063-0F61-4CF5-A4EB-0AD7D3022AD4}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dungeons & Dragons HD\ManaGame.exe

FirewallRules: [{DA7A6BD1-F2C6-4AFF-B476-119C5E29E9CD}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe

FirewallRules: [{0992FFE1-8A4D-4D0E-9BC9-42709BBE7FF2}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe

FirewallRules: [{AD42EC6C-4F91-4DC5-8F27-981EBBEEC52C}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Outlast\OutlastLauncher.exe

FirewallRules: [{A17BA2C8-A158-4C2A-94A6-3CD1B1A77E89}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Outlast\OutlastLauncher.exe

FirewallRules: [{3982DF06-4928-4214-A48B-D199803EA44C}] => (Allow) B:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe

FirewallRules: [{C2906127-0048-4299-A39B-47E79F1C8FDA}] => (Allow) B:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe

FirewallRules: [{CAE4F26B-D994-497E-BC29-FB8E18017A52}] => (Allow) B:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe

FirewallRules: [{1E67896C-E930-4B1B-B6A3-6BC45F84F94C}] => (Allow) B:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe

FirewallRules: [{BEA4A2A4-F972-4437-BC84-ED42AABAC4FB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{BA19124F-F3E1-4609-A87C-7CBE9C3675DF}] => (Allow) B:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{58309F3D-E5D6-417F-8440-16A16839BC03}] => (Allow) B:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{8269DA63-AA42-4706-97E1-C52B7B734A4B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\FEAR Ultimate Shooter Edition\FEAR.exe

FirewallRules: [{DFD0F6D5-7A7F-4088-A5F8-2DF8A62B2431}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\FEAR Ultimate Shooter Edition\FEAR.exe

FirewallRules: [{58A11594-50C2-4268-95FB-4CD9864FB6DC}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe

FirewallRules: [{EC2927D9-F733-4643-AEDE-52BADF15B0B3}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe

FirewallRules: [{FE2A9504-A586-49E0-BBD5-66BFEDA10F7D}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe

FirewallRules: [{C7D9D0FD-88A6-4C17-B806-A098AD6FE3E1}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe

FirewallRules: [{5E7768E5-891C-4A9F-BF4F-310690D3256E}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dreamfall Chapters\Dreamfall Chapters.exe

FirewallRules: [{985558EB-ED43-44A9-BED7-A4627578B9AA}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dreamfall Chapters\Dreamfall Chapters.exe

FirewallRules: [{1A96ECAE-997C-4901-B9D6-4173EAE3EB1B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\mercenary_kings\MercenaryKings.exe

FirewallRules: [{00C4CFB5-62D2-4770-8E22-105B6428A1CC}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\mercenary_kings\MercenaryKings.exe

FirewallRules: [{B3D9347A-273B-49C0-843E-E2CFCCE81393}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\LEGO Harry Potter\LEGOHarryPotter.exe

FirewallRules: [{4948E85C-11B7-49CD-ABDF-5E8787FA7224}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\LEGO Harry Potter\LEGOHarryPotter.exe

FirewallRules: [{DB450417-B882-4BF6-A495-C8DF64008001}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exe

FirewallRules: [{5B5DC907-A617-4313-B4E0-EEB9341E54E3}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exe

FirewallRules: [{888C81B9-FFB2-49DA-B179-21A9A82D9077}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Five Nights at Freddy's 2\FiveNightsatFreddys2.exe

FirewallRules: [{4C54B453-7F81-4E92-A550-1B418D004DF7}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Five Nights at Freddy's 2\FiveNightsatFreddys2.exe

FirewallRules: [{FD520DFD-C895-4082-AC79-653A2836299F}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ToyboxTurbos\ToyboxTurbos.exe

FirewallRules: [{1A557CE4-BF45-4031-B8AB-07A862BEDA6B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\ToyboxTurbos\ToyboxTurbos.exe

FirewallRules: [{F1BDDCB2-F2CF-4B06-8724-8F927CD8BB4A}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Alien Isolation\AI.exe

FirewallRules: [{1CFAEFB4-AA0F-4EE5-9566-B1232C4F21DA}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Alien Isolation\AI.exe

FirewallRules: [{8534D05D-159C-4D03-93B6-011F813730E2}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Passing Pineview Forest\.autorun\autorun.exe

FirewallRules: [{1F4377DF-F880-461F-A5BE-C47F75E2CDFE}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Passing Pineview Forest\.autorun\autorun.exe

FirewallRules: [{A498BF04-672C-429A-981A-2EDD75C08A5A}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\SplitSecond\SplitSecond.exe

FirewallRules: [{AE699747-22E8-497C-AD8A-6D9DCE597A15}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\SplitSecond\SplitSecond.exe

FirewallRules: [{A0F35B38-2E51-48B6-B6CF-2E7A41357EA0}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Distance\Distance.exe

FirewallRules: [{75C6CB5F-398E-417A-AFF9-7B60C4216449}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Distance\Distance.exe

FirewallRules: [{5C80401F-F576-4103-9D1C-553F35F53FB0}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\swkotor\swkotor.exe

FirewallRules: [{DBFA32B0-3F07-46D2-B525-06D6D3B77560}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\swkotor\swkotor.exe

FirewallRules: [{049B6EAE-6575-441A-A2CB-A15DB194BDED}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe

FirewallRules: [{37C2099A-7654-4185-9CFD-69F7414DAF6B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe

FirewallRules: [{01253A71-C2CA-4B8E-B17A-11885E219927}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Addon.exe

FirewallRules: [{3E88BDA0-6620-46E5-BAEB-A80DE47744CA}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Addon.exe

FirewallRules: [{A49ECEB6-D69B-4246-B9CF-CE2FAD35D1D8}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Anno4.exe

FirewallRules: [{27069769-7FE5-4002-A802-EC28AE33FC32}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Anno4.exe

FirewallRules: [{49B78589-16E2-48CF-9A0C-0E4198BBE0D5}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Black Mirror\agds.exe

FirewallRules: [{4046F9ED-3871-4635-B6A0-C723F045457F}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Black Mirror\agds.exe

FirewallRules: [{C0400064-F8E2-45AF-9EC9-1B575F1840C3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{ECE018F0-BD53-4C9F-92CB-F4A2D5336855}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{915A8720-6333-49AF-A31D-513626E040F3}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe

FirewallRules: [{B1DAD169-BBDD-4A98-9AC9-5758908067E9}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe

FirewallRules: [{17D81F1C-2E97-4D10-B46B-6514E12E4E28}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 5\Launcher.exe

FirewallRules: [{592AFAC1-8563-4BE3-A06F-15554A7E8E32}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 5\Launcher.exe

FirewallRules: [{D30AF40C-0BEE-4289-B1E0-791173C21035}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe

FirewallRules: [{4D4EF1E5-A4AC-4CEC-B359-DE70EE03FA44}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe

FirewallRules: [{25A3FBC2-CF47-41AB-97B9-5E007BA74929}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe

FirewallRules: [{BC11BF69-CFF8-4445-8275-083AC80AADD3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe

FirewallRules: [{0B7DD490-225B-448F-B6DB-7B707CBC6FBD}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe

FirewallRules: [{298A7D7D-9536-4163-9EF3-E4F218DE37E5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe

FirewallRules: [{36FED665-59D1-4418-93BC-1CD9CF4A7BB6}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe

FirewallRules: [{F54212C1-8CE5-4B5D-BD8C-8F75A1F62588}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe

FirewallRules: [{9AF1DF27-4143-49C5-9916-8B6C5779C846}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{5E22BB6A-95C1-4C13-A554-4B50DD2F52CA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{859F9458-5EFE-47AB-ACFC-E32C23B348CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{222D5C78-6DD5-4EC1-9275-3F8AB742AC94}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{4FEFC68E-B309-44C1-AB03-25199CF2FE93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{135192FF-9A50-4B1C-9571-F789D69FD6B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{9D5CC43B-0EC9-4EA9-8D32-ADF4B8CBCDEB}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\D4 Dark Dreams Don't Die\D4.exe

FirewallRules: [{031A476B-CFF1-407E-BA28-36CBC3549E75}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\D4 Dark Dreams Don't Die\D4.exe

FirewallRules: [{BD01E4A9-111D-4684-AE8A-048BDC18042A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{151CA7D8-612A-4E79-9B6E-8BF7F35AC958}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{6D6533A3-DA0C-4DC1-A80C-AA85E3CBBC02}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{8B4C85A9-BD15-430A-BC78-6B5FF7E1E6A8}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe

FirewallRules: [{5154A152-6989-4AC6-A297-7FE24B0D849B}] => (Allow) B:\Program Files (x86)\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (07/17/2015 08:36:29 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: CorsairLINK_HardwareMonitor.exe, version: 2.4.5110.41697, time stamp: 0x520168cf

Faulting module name: UsbClink.dll, version: 0.0.0.0, time stamp: 0x532b0b2e

Exception code: 0xc0000005

Fault offset: 0x00001874

Faulting process id: 0x2494

Faulting application start time: 0xCorsairLINK_HardwareMonitor.exe0

Faulting application path: CorsairLINK_HardwareMonitor.exe1

Faulting module path: CorsairLINK_HardwareMonitor.exe2

Report Id: CorsairLINK_HardwareMonitor.exe3

Error: (07/17/2015 08:36:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: CorsairLINK_HardwareMonitor.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.AccessViolationException

Stack:

at Sierra2.Backend.HidPinvoke.hid_size()

at Sierra2.Backend.Hid.get_First()

at Sierra2.Backend.Usb.<InitModule>b__e()

at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)

at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)

at System.Threading.ThreadHelper.ThreadStart()

Error: (07/17/2015 08:30:21 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: CorsairLINK_HardwareMonitor.exe, version: 2.4.5110.41697, time stamp: 0x520168cf

Faulting module name: UsbClink.dll, version: 0.0.0.0, time stamp: 0x532b0b2e

Exception code: 0xc0000005

Fault offset: 0x00001874

Faulting process id: 0x1f7c

Faulting application start time: 0xCorsairLINK_HardwareMonitor.exe0

Faulting application path: CorsairLINK_HardwareMonitor.exe1

Faulting module path: CorsairLINK_HardwareMonitor.exe2

Report Id: CorsairLINK_HardwareMonitor.exe3

Error: (07/17/2015 08:30:20 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: CorsairLINK_HardwareMonitor.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.AccessViolationException

Stack:

at Sierra2.Backend.HidPinvoke.hid_size()

at Sierra2.Backend.Hid.get_First()

at Sierra2.Backend.Usb.<InitModule>b__e()

at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)

at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)

at System.Threading.ThreadHelper.ThreadStart()

Error: (07/17/2015 01:27:56 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: CorsairLINK_HardwareMonitor.exe, version: 2.4.5110.41697, time stamp: 0x520168cf

Faulting module name: UsbClink.dll, version: 0.0.0.0, time stamp: 0x532b0b2e

Exception code: 0xc0000005

Fault offset: 0x00001874

Faulting process id: 0xae4

Faulting application start time: 0xCorsairLINK_HardwareMonitor.exe0

Faulting application path: CorsairLINK_HardwareMonitor.exe1

Faulting module path: CorsairLINK_HardwareMonitor.exe2

Report Id: CorsairLINK_HardwareMonitor.exe3

Error: (07/17/2015 01:27:55 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: CorsairLINK_HardwareMonitor.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.AccessViolationException

Stack:

at Sierra2.Backend.HidPinvoke.hid_size()

at Sierra2.Backend.Hid.get_First()

at Sierra2.Backend.Usb.<InitModule>b__e()

at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)

at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)

at System.Threading.ThreadHelper.ThreadStart()

Error: (07/17/2015 01:21:36 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: CorsairLINK_HardwareMonitor.exe, version: 2.4.5110.41697, time stamp: 0x520168cf

Faulting module name: UsbClink.dll, version: 0.0.0.0, time stamp: 0x532b0b2e

Exception code: 0xc0000005

Fault offset: 0x00001874

Faulting process id: 0x18bc

Faulting application start time: 0xCorsairLINK_HardwareMonitor.exe0

Faulting application path: CorsairLINK_HardwareMonitor.exe1

Faulting module path: CorsairLINK_HardwareMonitor.exe2

Report Id: CorsairLINK_HardwareMonitor.exe3

Error: (07/17/2015 01:21:35 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: CorsairLINK_HardwareMonitor.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.AccessViolationException

Stack:

at Sierra2.Backend.HidPinvoke.hid_size()

at Sierra2.Backend.Hid.get_First()

at Sierra2.Backend.Usb.<InitModule>b__e()

at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)

at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)

at System.Threading.ThreadHelper.ThreadStart()

Error: (07/17/2015 01:15:18 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: CorsairLINK_HardwareMonitor.exe, version: 2.4.5110.41697, time stamp: 0x520168cf

Faulting module name: UsbClink.dll, version: 0.0.0.0, time stamp: 0x532b0b2e

Exception code: 0xc0000005

Fault offset: 0x00001874

Faulting process id: 0x10bc

Faulting application start time: 0xCorsairLINK_HardwareMonitor.exe0

Faulting application path: CorsairLINK_HardwareMonitor.exe1

Faulting module path: CorsairLINK_HardwareMonitor.exe2

Report Id: CorsairLINK_HardwareMonitor.exe3

Error: (07/17/2015 01:15:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: CorsairLINK_HardwareMonitor.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.AccessViolationException

Stack:

at Sierra2.Backend.HidPinvoke.hid_size()

at Sierra2.Backend.Hid.get_First()

at Sierra2.Backend.Usb.<InitModule>b__e()

at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)

at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)

at System.Threading.ThreadHelper.ThreadStart()

System errors:

=============

Error: (07/17/2015 12:33:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Perforce service terminated unexpectedly. It has done this 1 time(s).

Error: (07/17/2015 12:32:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The COMODO LPS Launcher service terminated unexpectedly. It has done this 1 time(s).

Error: (07/17/2015 12:32:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The GeekBuddyRSP Server service failed to start due to the following error:

%%2

Error: (07/17/2015 12:32:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The GeekBuddyRSP Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (07/17/2015 12:32:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The GeekBuddyRSP Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (07/17/2015 12:31:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The GeekBuddyRSP Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (07/17/2015 12:31:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/17/2015 12:31:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The COMODO Dragon Update Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/17/2015 12:30:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The DAZ Content Management Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/16/2015 11:38:46 PM) (Source: BROWSER) (EventID: 8032) (User: )

Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{7080868E-95F9-4F1F-B94D-C56E65B7BC23}.

The backup browser is stopping.

Microsoft Office:

=========================

Error: (07/17/2015 08:36:29 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: CorsairLINK_HardwareMonitor.exe2.4.5110.41697520168cfUsbClink.dll0.0.0.0532b0b2ec000000500001874249401d0c08d314651bcC:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exeC:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll71e905df-2c80-11e5-b44c-3085a999135a

Error: (07/17/2015 08:36:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: CorsairLINK_HardwareMonitor.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.AccessViolationException

Stack:

at Sierra2.Backend.HidPinvoke.hid_size()

at Sierra2.Backend.Hid.get_First()

at Sierra2.Backend.Usb.<InitModule>b__e()

at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)

at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)

at System.Threading.ThreadHelper.ThreadStart()

Error: (07/17/2015 08:30:21 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: CorsairLINK_HardwareMonitor.exe2.4.5110.41697520168cfUsbClink.dll0.0.0.0532b0b2ec0000005000018741f7c01d0c08c57a37670C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exeC:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll968c8d3b-2c7f-11e5-b44c-3085a999135a

Error: (07/17/2015 08:30:20 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: CorsairLINK_HardwareMonitor.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.AccessViolationException

Stack:

at Sierra2.Backend.HidPinvoke.hid_size()

at Sierra2.Backend.Hid.get_First()

at Sierra2.Backend.Usb.<InitModule>b__e()

at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)

at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)

at System.Threading.ThreadHelper.ThreadStart()

Error: (07/17/2015 01:27:56 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: CorsairLINK_HardwareMonitor.exe2.4.5110.41697520168cfUsbClink.dll0.0.0.0532b0b2ec000000500001874ae401d0c05155855367C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exeC:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll93bf62f2-2c44-11e5-b44c-3085a999135a

Error: (07/17/2015 01:27:55 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: CorsairLINK_HardwareMonitor.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.AccessViolationException

Stack:

at Sierra2.Backend.HidPinvoke.hid_size()

at Sierra2.Backend.Hid.get_First()

at Sierra2.Backend.Usb.<InitModule>b__e()

at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)

at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)

at System.Threading.ThreadHelper.ThreadStart()

Error: (07/17/2015 01:21:36 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: CorsairLINK_HardwareMonitor.exe2.4.5110.41697520168cfUsbClink.dll0.0.0.0532b0b2ec00000050000187418bc01d0c05073149dfaC:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exeC:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dllb13f921d-2c43-11e5-b44c-3085a999135a

Error: (07/17/2015 01:21:35 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: CorsairLINK_HardwareMonitor.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.AccessViolationException

Stack:

at Sierra2.Backend.HidPinvoke.hid_size()

at Sierra2.Backend.Hid.get_First()

at Sierra2.Backend.Usb.<InitModule>b__e()

at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)

at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)

at System.Threading.ThreadHelper.ThreadStart()

Error: (07/17/2015 01:15:18 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: CorsairLINK_HardwareMonitor.exe2.4.5110.41697520168cfUsbClink.dll0.0.0.0532b0b2ec00000050000187410bc01d0c04f91ca1d5cC:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exeC:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dllcff1b613-2c42-11e5-b44c-3085a999135a

Error: (07/17/2015 01:15:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: CorsairLINK_HardwareMonitor.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.AccessViolationException

Stack:

at Sierra2.Backend.HidPinvoke.hid_size()

at Sierra2.Backend.Hid.get_First()

at Sierra2.Backend.Usb.<InitModule>b__e()

at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)

at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)

at System.Threading.ThreadHelper.ThreadStart()

CodeIntegrity Errors:

===================================

Date: 2014-08-02 23:45:41.913

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\tcpip.sys\538490D2274000\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-02 23:45:41.884

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\tcpip.sys\538490D2274000\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-02 23:45:41.861

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\tcpip.sys\538490D2274000\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-02 23:45:41.358

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\dumpfve.sys\530894B816000\dumpfve.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-02 23:45:41.357

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\dumpfve.sys\530894B816000\dumpfve.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-02 23:45:41.356

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\dbg\sym\dumpfve.sys\530894B816000\dumpfve.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-04 22:21:03.782

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-06-04 22:21:03.742

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-06-04 22:21:03.703

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-06-04 22:20:22.912

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows.old\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_54ffd942dc23dbc0\bcrypt.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core i5-2500K CPU @ 3.30GHz

Percentage of memory in use: 37%

Total physical RAM: 8137.53 MB

Available physical RAM: 5108.58 MB

Total Virtual: 16273.27 MB

Available Virtual: 11836.43 MB

==================== Drives ================================

Drive b: (Data) (Fixed) (Total:931.51 GB) (Free:103.2 GB) NTFS

Drive c: () (Fixed) (Total:111.69 GB) (Free:3.12 GB) NTFS

Drive d: (Old Data) (Fixed) (Total:465.76 GB) (Free:17.72 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive e: (Dragon.Age.Inqui) (CDROM) (Total:0.38 GB) (Free:0 GB) CDFS

Drive f: (LaptopOS) (Fixed) (Total:186.3 GB) (Free:1.05 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive g: (LaptopDATA) (Fixed) (Total:254.46 GB) (Free:19.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: A4A94588)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 496B9619)

Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)

Partition 2: (Active) - (Size=186.3 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=254.5 GB) - (Type=07 NTFS)

========================================================

Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 80BAE060)

Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================

Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 39358499)

Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of log ============================

TwinHeadedEagle · July 17, 2015

Scan with MGADiag

Need to check one more thing.

Please download MGADiag by Microsoft and save it to your desktop.
Double-click on icon to start the tool.
PressContinuewhen prompted.
When it has finished, press Copy.
Press the + R on your keyboard at the same time. Type Notepad and click OK.
Paste (Ctrl+V) this into notepad and save to your desktop.

Include that report in your reply.

calypso9 · July 17, 2015

Thanks for your help

calypso9 · July 17, 2015

Forgot the attachment, sorry

MGADiagReport.txt

TwinHeadedEagle · July 18, 2015

Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

Right-click on icon and select Run as Administrator to start the tool.
Wait patiently until the main console will appear, it may take a minute or two.

In the main box please paste in the following script:

createsrpoint;autoclean;emptyalltemp;ipconfig /flushdns;b

Make sure that Scan All Users option is checked.
Push Run Script and wait patiently. The scan may take a couple of minutes.
When the scan completes, a zoek-results logfile should open in notepad.
If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

calypso9 · July 18, 2015

Zoek.exe v5.0.0.0 Updated 04-May-2015

Tool run by Dizzle on Sat 07/18/2015 at 10:16:55.01.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: B:\Downloads\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

7/18/2015 10:18:09 AM Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully

C:\PROGRA~2\Steam deleted successfully

C:\Users\Dizzle\AppData\Roaming\mpv deleted successfully

C:\Users\Dizzle\AppData\Local\calibre-cache deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default

user.js not found

---- Lines Customized removed from prefs.js ----

user_pref("extensions.testpilot.alreadyCustomizedToolbar", true);

---- FireFox user.js and prefs.js backups ----

prefs_20150718_1048_.backup

==== Batch Command(s) Run By Tool======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Steam not found

C:\Users\Dizzle\AppData\Roaming\calibre deleted

C:\Users\Dizzle\AppData\Roaming\livestreamer deleted

C:\Users\Dizzle\AppData\Roaming\transmission deleted

C:\Users\Dizzle\.android deleted

C:\PROGRA~3\Package Cache deleted

C:\Users\Dizzle\AppData\Local\CrashRpt deleted

C:\Windows\SysNative\config\systemprofile\Searches deleted

C:\Windows\SysWow64\AI_RecycleBin deleted

C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\extensions\firefox@mega.co.nz.xpi deleted

C:\Users\Dizzle\Desktop\Continue Media Player Classic Installation.lnk deleted

C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\extensions\shumway@research.mozilla.org deleted

"C:\Windows\Installer\24a8ff.msi" deleted

"C:\Users\Dizzle\AppData\Local\{00E698F6-1CDC-4623-863D-8908F2D6149C}" deleted

"C:\Users\Dizzle\AppData\Local\{5666E3A9-7AA4-4B28-8896-22E2EEFB3BD6}" deleted

"C:\Users\Dizzle\AppData\Local\{9834506B-3318-454E-B080-613FEB23F057}" deleted

"C:\Users\Dizzle\AppData\Local\{E894F7C8-5041-4DCD-8A84-EBE44E37AAF3}" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default

user_pref("browser.search.defaultenginename.US", "Google");

user_pref("browser.search.selectedEngine", "Ixquick HTTPS");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default

- DoNotTrackMe: Online Privacy Protection - %ProfilePath%\extensions\donottrackplus@abine.com

- Firefogg - %ProfilePath%\extensions\firefogg@firefogg.org

- MaskMe - %ProfilePath%\extensions\idme@abine.com

- FT DeepDark - %ProfilePath%\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}

- Disconnect - %ProfilePath%\extensions\2.0@disconnect.me.xpi

- Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi

- Instrument Test - %ProfilePath%\extensions\testpilot@labs.mozilla.com.xpi

- NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

- Abduction - %ProfilePath%\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default

4C07B5286D129DFD25C24B4A31B9B888 - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll - Happy Cloud Plugin

==== Deleted Firefox Extensions ======================

C:\Users\Dizzle\AppData\Roaming\Mozilla\Firefox\Profiles\ozyymxpn.default\extensions\donottrackplus@abine.com deleted

==== Chromium Look ======================

Chrome Hotword Shared Module - Dizzle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg

==== Chromium Startpages ======================

C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Preferences

ooglesyndication.com:443":{"alternative_service":[{"port":443,"probability":0.02,"protocol_str":"quic"}],"network_stats":{"srtt":46727},"supports_spdy":true},"tpc.googlesyndication.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":47908}},"translate.google.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}]},"translate.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"triggeredmail.appspot.com:80":{"alternative_service":[{"port":80,"probability":0.02,"protocol_str":"quic"}]},"twitter.com:443":{"supports_spdy":true},"video-ad-stats.googlesyndication.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"video-ad-stats.googlesyndication.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"whatistheexcel.com:443":{"supports_spdy":true},"www.facebook.com:443":{"supports_spdy":true},"www.google-analytics.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":65419},"supports_spdy":true},"www.google-analytics.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":62271}},"www.google.co.in:443":{"alternative_service":[{"port":443,"probability":0.01,"protocol_str":"quic"}],"supports_spdy":true},"www.google.co.in:80":{"alternative_service":[{"port":80,"probability":0.01,"protocol_str":"quic"}]},"www.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":60550},"supports_spdy":true},"www.google.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":55907}},"www.googleadservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":64139},"supports_spdy":true},"www.googleadservices.com:80":{"alternative_service":[{"port":80,"probability":0.5,"protocol_str":"quic"}],"network_stats":{"srtt":62624}},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":54440},"supports_spdy":true},"www.googletagmanager.com:443":{"alternative_service":[{"port":443,"probability":0.08,"protocol_str":"quic"}],"supports_spdy":true},"www.googletagmanager.com:80":{"alternative_service":[{"port":80,"probability":0.5,"protocol_str":"quic"}],"network_stats":{"srtt":40557}},"www.googletagservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":95628},"supports_spdy":true},"www.googletagservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":45215}},"www.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":50465},"supports_spdy":true},"www.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.01,"protocol_str":"quic"}]},"www.youtube-nocookie.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":50872},"supports_spdy":true},"www.youtube-nocookie.com:80":{"alternative_service":[{"port":80,"probability":0.01,"protocol_str":"quic"}]},"www.youtube.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":45076},"supports_spdy":true},"www.youtube.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":56027}},"youtu.be:443":{"alternative_service":[{"port":443,"probability":0.5,"protocol_str":"quic"}],"supports_spdy":true},"yt3.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":51328},"supports_spdy":true},"yt3.ggpht.com:80":{"alternative_service":[{"port":80,"probability":0.01,"protocol_str":"quic"}]}},"supports_quic":{"address":"::ffff:2602:306","used_quic":true},"version":3}},"plugins":{"last_internal_directory":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.134","migrated_to_pepper_flash":true,"plugins_list":[{"enabled":true,"name":"Widevine Content Decryption Module","path":"C:\\Users\\Dizzle\\AppData\\Local\\Google\\Chrome\\User Data\\WidevineCDM\\1.4.8.823\\_platform_specific\\win_x86\\widevinecdmadapter.dll","version":"1.4.8.823"},{"enabled":true,"name":"Chrome PDF Viewer","path":"chrome-extension://mhjfbmdgcfjbbpaeojofohoefgiehjai/","version":""},{"enabled":true,"name":"Shockwave Flash","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.134\\PepperFlash\\pepflashplayer.dll","version":"18.0.0.209"},{"enabled":true,"name":"Chrome Remote Desktop Viewer","path":"internal-remoting-viewer","version":""},{"enabled":true,"name":"Native Client","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.134\\internal-nacl-plugin","version":""},{"enabled":true,"name":"Chrome PDF Viewer","path":"internal-pdf-viewer","version":""},{"enabled":true,"name":"Adobe Flash Player"},{"enabled":true,"name":"Chrome PDF Viewer"},{"enabled":true,"name":"Chrome Remote Desktop Viewer"},{"enabled":true,"name":"Native Client"},{"enabled":true,"name":"Widevine Content Decryption Module"}],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"":{"setting":1},"https://www.youtube.com:443,https://www.youtube.com:443":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{"[*.]uverse.com,*":{"setting":1}},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]uverse.com,*":{"plugins":1},"https://www.yofla.com:443,https://www.yofla.com:443":{"fullscreen":1},"https://www.youtube.com:443,https://www.youtube.com:443":{"fullscreen":1}},"pref_version":1},"created_by_version":"35.0.1916.153","exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"First user","per_host_zoom_levels":{}},"protection":{"macs":{}},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13048384711832788"},"settings":{"privacy":{"drm_salt":"39A6173C4733B8736C084E90B333926C237DE718D4E2D01A460B715D49761E69"}},"sync_promo":{"startup_count":10},"translate_accepted_count":{"fr":0},"translate_blocked_languages":["en"],"translate_denied_count":{"fr":2},"translate_last_denied_time":1413584425365.611,"translate_too_often_denied":true,"translate_whitelists":{}}

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9C8928403D4AB094F99FBA20A329833F deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{048298C9-A4D3-490B-9FF9-AB023A9238F3} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\9C8928403D4AB094F99FBA20A329833F deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Dizzle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Dizzle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Dizzle\AppData\Local\Mozilla\Firefox\Profiles\ozyymxpn.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Dizzle\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=806 folders=478 1203688933 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Dizzle\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Dizzle\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Sat 07/18/2015 at 11:03:38.09 ======================

TwinHeadedEagle · July 18, 2015

Can you please upload all reports, do not paste them.

There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.

calypso9 · July 18, 2015

attached

zoek-results.log

TwinHeadedEagle · July 18, 2015

Very good. How is your PC behaving now?

calypso9 · July 18, 2015

Real-time protection is now enabled! Thank you!

TwinHeadedEagle · July 18, 2015

Glad I could help. We will delete all used tools and I'll give you some tips to harden your security and learn how to protect yourself

Recommended reading:

MUST READ - security tips:

Computer Security - a short guide to staying safer online.

Simple and easy ways to keep your computer safe and secure on the Internet

How Malware Spreads - How did I get infected

MUST READ - general maintenance:

What to do if your Computer is running slowly?

The Importance of Software Updating:

In order to stay protected it is very important that you regularly update all of your software. Cybercriminals depend on the apathy of users around software updates to keep their malicious endeavor running.

Operating systems, such as Windows, and applications, such as Adobe Reader or JAVA, are used by tens of millions of computers and devices around the world, making them a huge target for cybercriminals. Downloading updates and installing them can sometimes be tedious, but the advantages you get from the updates are certainly worth it.

Recommended additional software:

CCleaner - to clean unneeded temporary files.

Malwarebytes' Anti-Malware - to scan your system from time to time in search for malware.

Malwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.

McShield - to prevent infections spread by removable media.

Unchecky - to prevent from installing additional foistware, implemented in legitimate installations.

Adblock - to surf the web without annoying ads!

Post-cleanup procedures:

Download DelFix by Xplode and save it to your desktop.

Run the tool by right click on the icon and Run as administrator option.
Make sure that these ones are checked:
- Remove disinfection tools
- Purge system restore
- Reset system settings
Push Run.
The program will run for a few seconds and display a notepad report. You do not need to attach it.

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix

Tool deletes old system restore points and create a fresh system restore point after cleaning.

My help is free for everybody.

If you're happy with the help provided and/or wish to show your appreciation for the assistance you received, then you can consider a donation:

Thank you!

Stay safe,

TwinHeadedEagle

AdvancedSetup · July 29, 2015

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

"Your system is not fully protected" possibly infected

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information