Jump to content

I have an adware that randomly redirects my clicks third party websites

Kicker93
 Share

Recommended Posts

Kicker93

Kicker93

Posted
Posted

Hello everyone,

 

As you can see, I have a malware problem, and I don't know how to solve it.

I'm usually a very careful web user, and this is my first infection in years...

 

Spybot, Malwarebytes' Anti-malware, adwCleaner and JRT weren't able to completely remove it.

It creates invisible Chrome Extensions (they don't appear in the browser's menu but they're in the folder) with random names that eventually come back when I delete them.

Once my clicks are redirected to tradeadexchange.com, they're then redirected again to third party sites, like dating sites.

 

I tried to Google it, but when I look up tradeadexchange, the only results I get are a few ranking websites that give me no useful info... 

 

For now, I simply redirect tradeadexchange.com to 127.0.0.1 in my host file so I don't get bothered again by ads, but being randomly redirected even to a blank page is still annoying, and I don't know what other tricks this malware has up its sleeves...

 

Any suggestion would be very welcome.

 

Thanks in advance.

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Hello Kicker93 and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post your log files in a new reply in this thread:

https://forums.malwarebytes.org/index.php?/topic/9573-im-infected-what-do-i-do-now/

Link to post
Share on other sites
Kicker93

Kicker93

Posted
  • Author
Posted

Hello again.

 

Here are the logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-08-2015

Ran by MICKA (administrator) on MICKA-PC (10-08-2015 20:28:38)
Running from C:\Users\MICKA\Desktop
Loaded Profiles: MICKA (Available Profiles: MICKA)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
() C:\Windows\DAODx.exe
(
ASUSTeK Computer Inc.) C:\Program Files\ASUS\GPU Boost Driver\GpuBoostServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
( ) C:\Windows\System32\lmabcoms.exe
() C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
() C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
() C:\Program Files (x86)\ClipX\clipx.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(PacketVideo) C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe
() C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(FlashDevelop.org) C:\Program Files (x86)\FlashDevelop\FlashDevelop.exe
() C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe
() C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
() C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
() C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Oracle Corporation) C:\Windows\SysWOW64\java.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Flash CC\Flash.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files (x86)\Git\bin\sh.exe
() C:\Program Files (x86)\Git\bin\sh.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [intelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2328944 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [LMPSSDMON] => C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe [753664 2010-09-16] ()
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2013-12-13] (Greenshot)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-08-12] (Logitech Inc.)
HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [updatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Media Codec Update Service] => C:\Program Files (x86)\Essentials Codec Pack\WECPUpdate.exe [196608 2009-01-25] (MediaCodec.Org)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2688920 2014-05-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\...\Run: [Google Update] => C:\Users\MICKA\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-15] (Google Inc.)
HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [842048 2011-03-17] (DT Soft Ltd)
HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\...\Run: [iDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3898960 2015-07-19] (Tonec Inc.)
HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\...\Run: [spybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
AppInit_DLLs: acaptuser64.dll => C:\Windows\system32\acaptuser64.dll [119160 2008-06-11] (Adobe Systems, Inc.)
AppInit_DLLs-x32: acaptuser32.dll => "acaptuser32.dll" File not found
Startup: C:\Users\MICKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ClipX.lnk [2011-06-18]
ShortcutTarget: ClipX.lnk -> C:\Program Files (x86)\ClipX\clipx.exe ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-05-23] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-05-23] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-05-23] ()
ShellIconOverlayIdentifiers: [iDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts\User: Group Policy detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2014-12-05] (Internet Download Manager, Tonec Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2014-12-05] (Internet Download Manager, Tonec Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-04-23] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-04-22] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-04-23] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-04-22] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{820645F3-82D8-48BA-BAA1-4208B5D42EC1}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{CA97558A-ED9A-4B32-AC20-DF71B7396686}: [DhcpNameServer] 212.27.40.241 212.27.40.240
 
FireFox:
========
FF ProfilePath: C:\Users\MICKA\AppData\Roaming\Mozilla\Firefox\Profiles\bvx05aa1.default
FF DefaultSearchEngine: Google.fr
FF DefaultSearchUrl: hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF SelectedSearchEngine: Google.fr
FF Homepage: hxxp://google.fr
FF Keyword.URL: 
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-09] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2014-02-11] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-05-26] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-05-26] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1594525578-2187793927-1167310059-1001: @tools.google.com/Google Update;version=3 -> C:\Users\MICKA\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-1594525578-2187793927-1167310059-1001: @tools.google.com/Google Update;version=9 -> C:\Users\MICKA\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-1594525578-2187793927-1167310059-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MICKA\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-14] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\MICKA\AppData\Roaming\Mozilla\Firefox\Profiles\bvx05aa1.default\searchplugins\googlefr.xml [2011-06-24]
FF SearchPlugin: C:\Users\MICKA\AppData\Roaming\Mozilla\Firefox\Profiles\bvx05aa1.default\searchplugins\recherche-de-vidos-youtube.xml [2009-06-01]
FF Extension: Oskar - C:\Users\MICKA\AppData\Roaming\Mozilla\Firefox\Profiles\bvx05aa1.default\Extensions\{5b175400-2368-11de-8c30-0800200c9a66} [2011-03-02]
FF Extension: Check4Change - C:\Users\MICKA\AppData\Roaming\Mozilla\Firefox\Profiles\bvx05aa1.default\Extensions\check4change-owner@mozdev.org.xpi [2011-08-23]
FF Extension: Firebug - C:\Users\MICKA\AppData\Roaming\Mozilla\Firefox\Profiles\bvx05aa1.default\Extensions\firebug@software.joehewitt.com.xpi [2011-05-10]
FF Extension: Charles Autoconfiguration - C:\Users\MICKA\AppData\Roaming\Mozilla\Firefox\Profiles\bvx05aa1.default\Extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}.xpi [2015-03-24]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\MICKA\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\MICKA\AppData\Roaming\IDM\idmmzcc5 [2015-08-10]
FF HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\MICKA\AppData\Roaming\IDM\idmmzcc5
 
Chrome: 
=======
CHR Profile: C:\Users\MICKA\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MICKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-22]
CHR Extension: (YouTube) - C:\Users\MICKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15]
CHR Extension: (Google Search) - C:\Users\MICKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15]
CHR Extension: (AdBlock) - C:\Users\MICKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-03]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\MICKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-08-09]
CHR Extension: (Adblock Super) - C:\Users\MICKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-07-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\MICKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-19]
CHR Extension: (Skype Click to Call) - C:\Users\MICKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-02-18]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\MICKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MICKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (Gmail) - C:\Users\MICKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-12-07]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-12-07]
CHR HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\MICKA\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-12-07]
StartMenuInternet: Google Chrome - C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [79360 2013-01-17] (Autodesk) [File not signed]
S3 BrlAPI; C:\cygwin\bin\cygrunsrv.exe [68096 2008-03-18] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-06-15] (Macrovision Europe Ltd.) [File not signed]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2011-02-04] () [File not signed]
R2 lmab_device; C:\Windows\system32\LMabcoms.exe [1048576 2012-09-28] ( ) [File not signed]
R2 lmab_device; C:\Windows\SysWOW64\LMabcoms.exe [593920 2012-09-28] ( ) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 mi-raysat_3dsMax2009_64; C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe [65536 2008-03-10] () [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2222360 2015-07-29] (IBM Corp.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Serveur Média; C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe [501336 2010-12-14] (PacketVideo)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R1 ArcSec; C:\Windows\System32\drivers\ArcSec.sys [312184 2010-09-21] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
S3 EMSJOY; C:\Windows\SysWOW64\Drivers\EMSJOY.Sys [13696 2007-01-05] () [File not signed]
S3 EMVSCARD; C:\Windows\System32\Drivers\EMVSCARD.sys [28544 2006-12-13] (USB Smart Card Reader)
S3 hidusbf; C:\Windows\System32\DRIVERS\hidusbf.sys [6784 2009-02-11] (SweetLow) [File not signed]
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-12-15] (MotioninJoy) [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R1 RapportCerberus_1412121; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1412121.sys [921176 2015-08-07] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [487992 2015-07-29] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [121432 2015-07-29] (IBM Corp.)
S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [376184 2015-07-29] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [480440 2015-07-29] (IBM Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-02-05] () [File not signed]
S3 SzCCID; C:\Windows\System32\DRIVERS\SzCCID.sys [46080 2012-09-05] (Generic)
S3 usbio_demo; C:\Windows\System32\Drivers\usbio_demo_x64.sys [51048 2009-11-16] ()
U3 adgc7z1u; no ImagePath
U3 aofgnj94; C:\Windows\System32\Drivers\aofgnj94.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-10 20:28 - 2015-08-10 20:29 - 00029117 _____ C:\Users\MICKA\Desktop\FRST.txt
2015-08-10 20:27 - 2015-08-10 20:28 - 00000000 ____D C:\FRST
2015-08-10 20:26 - 2015-08-10 20:26 - 02171392 _____ (Farbar) C:\Users\MICKA\Desktop\FRST64.exe
2015-08-09 10:56 - 2015-08-09 10:53 - 00452020 ____R C:\Windows\system32\Drivers\etc\hosts.20150809-105606.backup
2015-08-09 10:53 - 2015-08-09 10:40 - 00452020 _____ C:\Windows\system32\Drivers\etc\hosts.20150809-105326.backup
2015-08-09 10:38 - 2015-08-09 10:35 - 00451954 ____R C:\Windows\system32\Drivers\etc\hosts.20150809-103832.backup
2015-08-09 10:35 - 2015-08-08 05:30 - 00452062 _____ C:\Windows\system32\Drivers\etc\hosts.20150809-103533.backup
2015-08-09 10:20 - 2015-08-09 10:59 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-09 10:20 - 2015-08-09 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-09 10:20 - 2015-08-09 10:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-09 10:20 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-09 10:20 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-09 10:16 - 2015-08-09 10:16 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-09 10:16 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\MICKA\Downloads\Post Win10 Spybot-install.exe
2015-08-09 10:12 - 2015-08-09 10:12 - 01797896 _____ (Malwarebytes Corporation) C:\Program Files (x86)\JRT.exe
2015-08-09 02:08 - 2015-08-09 02:12 - 00000000 ____D C:\AdwCleaner
2015-08-09 02:08 - 2015-08-09 02:08 - 02248704 _____ C:\Program Files (x86)\adwcleaner_4.208.exe
2015-08-08 08:02 - 2015-08-08 08:49 - 00000000 ____D C:\Users\MICKA\AppData\Roaming\Mount&Blade Warband
2015-08-03 22:06 - 2015-08-03 22:06 - 00001176 _____ C:\Users\Public\Desktop\paint.net.lnk
2015-08-02 18:08 - 2015-08-02 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-08-02 18:08 - 2015-08-02 18:08 - 00000000 ____D C:\Program Files\Oracle
2015-08-02 18:08 - 2015-07-10 13:22 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-08-02 18:08 - 2015-07-10 13:21 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-08-01 23:20 - 2015-08-02 15:20 - 00000000 ____D C:\Users\MICKA\VirtualBox VMs
2015-08-01 23:10 - 2015-08-10 19:39 - 00000000 ____D C:\Users\MICKA\.VirtualBox
2015-08-01 23:09 - 2015-08-02 00:15 - 00000000 ____D C:\Users\MICKA\.vagrant.d
2015-08-01 22:14 - 2015-07-14 09:59 - 00000000 ____D C:\nginx-1.9.3
2015-07-25 18:27 - 2015-07-25 18:27 - 00000000 ____D C:\Users\MICKA\AppData\Roaming\ATI
2015-07-25 18:27 - 2015-07-25 18:27 - 00000000 ____D C:\Users\MICKA\AppData\Local\ATI
2015-07-25 18:27 - 2015-07-25 18:27 - 00000000 ____D C:\Users\MICKA\AppData\Local\AMD
2015-07-25 18:27 - 2015-07-25 18:27 - 00000000 ____D C:\ProgramData\ATI
2015-07-25 18:27 - 2015-07-25 18:27 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2015-07-25 18:26 - 2015-07-25 18:26 - 00066505 _____ C:\Windows\SysWOW64\CCCInstall_201507251826471671.log
2015-07-25 18:26 - 2015-07-25 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-25 18:25 - 2015-07-25 18:27 - 00000000 ____D C:\ProgramData\AMD
2015-07-25 18:25 - 2013-09-24 16:53 - 00094208 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2015-07-25 18:25 - 2013-09-24 16:51 - 00110080 _____ (TODO: <Company name>) C:\Windows\system32\DelayAPO.dll
2015-07-25 18:24 - 2015-07-25 18:26 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-07-25 18:24 - 2013-12-06 23:38 - 00230912 _____ C:\Windows\system32\clinfo.exe
2015-07-25 18:24 - 2013-12-06 23:38 - 00099840 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2015-07-25 18:24 - 2013-12-06 23:38 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2015-07-25 18:24 - 2013-12-06 23:38 - 00083968 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2015-07-25 18:24 - 2013-12-06 23:38 - 00073728 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2015-07-25 18:24 - 2013-12-06 23:37 - 29382144 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-07-25 18:24 - 2013-12-06 23:35 - 24860160 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-07-25 18:24 - 2013-12-06 23:33 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-07-25 18:24 - 2013-12-06 23:33 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-07-25 18:24 - 2013-12-06 23:26 - 00129536 _____ (AMD) C:\Windows\system32\coinst_13.251.dll
2015-07-25 18:24 - 2013-12-06 23:13 - 00550456 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-07-25 18:24 - 2013-12-06 23:13 - 00550456 _____ C:\Windows\system32\atiapfxx.blb
2015-07-25 18:24 - 2013-09-30 22:48 - 00047887 _____ C:\Windows\atiogl.xml
2015-07-25 18:24 - 2013-09-26 23:14 - 00083552 _____ C:\Windows\system32\ativce02.dat
2015-07-25 18:24 - 2013-09-12 18:31 - 00233776 _____ C:\Windows\system32\ativvaxy_cik_nd.dat
2015-07-25 18:24 - 2013-09-12 18:30 - 00234036 _____ C:\Windows\system32\ativvaxy_cik.dat
2015-07-25 18:21 - 2015-07-25 18:26 - 00000000 ____D C:\Program Files\ATI Technologies
2015-07-25 17:59 - 2015-07-25 17:59 - 00000000 _____ C:\Windows\ativpsrm.bin
2015-07-25 17:39 - 2015-07-25 18:27 - 00000000 ____D C:\Program Files\AMD
2015-07-25 17:39 - 2015-07-25 17:39 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-07-19 18:00 - 2015-07-19 18:13 - 00000000 ____D C:\Users\MICKA\AppData\Roaming\IDM
2015-07-19 18:00 - 2015-07-19 18:00 - 00000000 ____D C:\Users\MICKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-07-19 18:00 - 2015-07-19 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-07-19 18:00 - 2015-07-19 18:00 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2015-07-19 16:07 - 2015-08-02 21:52 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2015-07-19 16:07 - 2015-07-19 16:07 - 00000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2015-07-19 16:02 - 2015-07-19 16:03 - 00407152 _____ C:\Windows\Minidump\071915-65770-01.dmp
2015-07-19 14:41 - 2015-07-19 14:41 - 00316176 _____ C:\Windows\Minidump\071915-69451-01.dmp
2015-07-19 07:41 - 2015-07-19 07:41 - 00407200 _____ C:\Windows\Minidump\071915-66721-01.dmp
2015-07-19 02:27 - 2015-07-19 02:28 - 00305272 _____ C:\Windows\Minidump\071915-67392-01.dmp
2015-07-19 02:24 - 2015-07-19 02:24 - 00407208 _____ C:\Windows\Minidump\071915-65879-01.dmp
2015-07-19 01:42 - 2015-07-19 01:42 - 00407184 _____ C:\Windows\Minidump\071915-65239-01.dmp
2015-07-11 21:05 - 2015-07-11 21:05 - 00407184 _____ C:\Windows\Minidump\071115-66815-01.dmp
2015-07-11 02:32 - 2015-07-11 02:32 - 00407216 _____ C:\Windows\Minidump\071115-67922-01.dmp
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-10 20:28 - 2011-02-05 01:03 - 00000000 ____D C:\Users\MICKA\AppData\Roaming\DMCache
2015-08-10 20:27 - 2011-06-06 20:12 - 00001078 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1594525578-2187793927-1167310059-1001UA.job
2015-08-10 20:20 - 2009-07-14 06:45 - 00024496 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-10 20:20 - 2009-07-14 06:45 - 00024496 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-10 20:03 - 2014-09-19 06:25 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-10 18:21 - 2013-04-06 21:33 - 00000000 ____D C:\ProgramData\Serveur Média
2015-08-10 12:27 - 2011-06-06 20:12 - 00001026 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1594525578-2187793927-1167310059-1001Core.job
2015-08-10 12:03 - 2014-09-19 06:25 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-10 08:17 - 2015-04-01 20:29 - 01128716 _____ C:\Windows\WindowsUpdate.log
2015-08-10 02:20 - 2011-02-05 03:03 - 00000000 ____D C:\Users\MICKA\AppData\Roaming\vlc
2015-08-10 02:04 - 2011-02-18 21:15 - 00000000 ____D C:\Users\MICKA\AppData\Local\Adobe
2015-08-09 12:58 - 2012-12-20 22:59 - 00000460 _____ C:\Users\MICKA\mm.cfg
2015-08-09 10:54 - 2013-04-07 00:12 - 00235431 _____ C:\ProgramData\LMabscan.log
2015-08-09 10:50 - 2012-12-11 23:55 - 00000000 ____D C:\Users\MICKA\AppData\Local\Greenshot
2015-08-09 10:49 - 2013-04-06 21:33 - 00000000 ____D C:\Program Files (x86)\Serveur Media
2015-08-09 10:48 - 2015-06-17 20:31 - 00023618 _____ C:\Windows\PFRO.log
2015-08-09 10:48 - 2015-06-15 01:00 - 00006868 _____ C:\Windows\setupact.log
2015-08-09 10:48 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-09 10:20 - 2011-05-10 00:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-09 10:16 - 2014-08-18 21:05 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-09 10:14 - 2011-02-04 22:21 - 00000000 ____D C:\Users\MICKA
2015-08-08 09:30 - 2010-04-04 14:54 - 00000000 ____D C:\Users\MICKA\Documents\Mount&Blade Warband Savegames
2015-08-08 08:02 - 2014-12-20 22:34 - 00000600 _____ C:\Users\MICKA\AppData\Local\PUTTY.RND
2015-08-08 07:37 - 2011-02-05 01:12 - 00000000 ____D C:\Jeux
2015-08-08 07:31 - 2012-12-29 23:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-08-08 07:31 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-07 20:34 - 2013-08-28 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Sécurité des points d'accès
2015-08-07 20:31 - 2012-04-26 00:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-03 22:06 - 2011-02-10 15:41 - 00001188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2015-08-03 22:06 - 2011-02-10 15:41 - 00000000 ____D C:\Program Files\Paint.NET
2015-08-02 15:19 - 2012-03-29 22:14 - 00000000 ____D C:\dev
2015-07-29 22:46 - 2015-06-07 21:51 - 00121432 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportHades64.sys
2015-07-29 22:46 - 2013-03-28 22:05 - 00376184 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKE64.sys
2015-07-25 18:27 - 2011-02-04 22:45 - 00000000 ____D C:\Program Files (x86)\AMD
2015-07-25 18:23 - 2013-04-29 11:13 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-25 18:14 - 2014-06-18 07:25 - 00000000 ____D C:\Users\MICKA\AppData\Local\NVIDIA Corporation
2015-07-25 18:14 - 2011-02-04 22:40 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-07-25 18:14 - 2011-02-04 22:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-25 18:14 - 2011-02-04 22:39 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-25 18:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2015-07-25 18:09 - 2015-06-22 21:07 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-19 22:25 - 2012-04-03 07:14 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-19 22:25 - 2011-05-16 07:35 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-19 16:02 - 2015-06-30 23:44 - 836685621 _____ C:\Windows\MEMORY.DMP
2015-07-19 16:02 - 2014-01-11 09:04 - 00000000 ____D C:\Windows\Minidump
2015-07-19 02:59 - 2011-02-04 08:59 - 00000000 ____D C:\Windows\System32\Tasks\Games
2015-07-18 12:22 - 2011-06-06 20:12 - 00004052 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1594525578-2187793927-1167310059-1001UA
2015-07-18 12:22 - 2011-06-06 20:12 - 00003656 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1594525578-2187793927-1167310059-1001Core
2015-07-18 11:58 - 2014-09-19 06:25 - 00004064 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-18 11:58 - 2014-09-19 06:25 - 00003812 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-11 22:36 - 2012-12-20 22:59 - 00000000 ____D C:\Users\MICKA\AppData\Local\FlashDevelop
2015-07-11 02:32 - 2009-07-14 07:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
 
==================== Files in the root of some directories =======
 
2015-08-09 02:08 - 2015-08-09 02:08 - 2248704 _____ () C:\Program Files (x86)\adwcleaner_4.208.exe
2015-08-09 10:12 - 2015-08-09 10:12 - 1797896 _____ (Malwarebytes Corporation) C:\Program Files (x86)\JRT.exe
2014-12-20 22:32 - 2014-12-20 22:32 - 0495616 _____ (Simon Tatham) C:\Program Files (x86)\putty.exe
2013-01-16 01:11 - 2015-07-06 11:08 - 0000132 _____ () C:\Users\MICKA\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-05-14 22:30 - 2013-07-21 21:59 - 0012005 _____ () C:\Users\MICKA\AppData\Roaming\alsoft.ini
2011-02-04 19:44 - 2011-02-04 19:47 - 0024086 _____ () C:\Users\MICKA\AppData\Roaming\Notepad2.ini
2013-04-29 14:36 - 2013-04-29 14:36 - 0001456 _____ () C:\Users\MICKA\AppData\Local\Adobe Save for Web 13.0 Prefs
2011-04-30 20:55 - 2011-05-13 16:17 - 0003584 _____ () C:\Users\MICKA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-28 01:23 - 2015-02-28 01:23 - 0000058 _____ () C:\Users\MICKA\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-12-20 22:34 - 2015-08-08 08:02 - 0000600 _____ () C:\Users\MICKA\AppData\Local\PUTTY.RND
2011-05-19 22:46 - 2015-06-29 01:55 - 0007611 _____ () C:\Users\MICKA\AppData\Local\Resmon.ResmonCfg
2011-07-23 13:30 - 2011-07-23 13:30 - 0000306 _____ () C:\ProgramData\hpzinstall.log
2013-04-07 00:12 - 2015-08-09 10:54 - 0235431 _____ () C:\ProgramData\LMabscan.log
2011-02-04 20:26 - 2011-02-04 20:26 - 0000040 _____ () C:\ProgramData\ra3.ini
 
Some files in TEMP:
====================
C:\Users\MICKA\AppData\Local\Temp\i4j2414875029726624245.exe
C:\Users\MICKA\AppData\Local\Temp\i4jdel0.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <===== ATTENTION
 
 
LastRegBack: 2015-08-02 18:36
 
==================== End of log ============================
Link to post
Share on other sites
Kicker93

Kicker93

Posted
  • Author
Posted

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-08-2015

Ran by MICKA (2015-08-10 20:29:54)
Running from C:\Users\MICKA\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1594525578-2187793927-1167310059-500 - Administrator - Disabled)
Guest (S-1-5-21-1594525578-2187793927-1167310059-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1594525578-2187793927-1167310059-1002 - Limited - Enabled)
MICKA (S-1-5-21-1594525578-2187793927-1167310059-1001 - Administrator - Enabled) => C:\Users\MICKA
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Aces Wild 1.0 (HKLM-x32\...\Aces Wild 1.0) (Version: 1.0 - Cat-A-Cat)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.6.0.393 - Adobe Systems Incorporated)
Adobe Flash Builder 4.6 (HKLM-x32\...\{0802B79F-257C-4F91-9A1E-7A94588C636A}) (Version: 4.6 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Professional CC (HKLM-x32\...\{B56B95BF-7161-4166-8288-DB1BA9F6C9B8}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Scout CC (HKLM\...\{BA573BFE-83B4-11E3-93D2-D231FEB1DC81}) (Version: 1.1.3.354121 - Adobe Systems Incorporated)
adsl TV (HKLM-x32\...\{3AFDD2C6-8663-46B5-B195-6CEB00D44768}) (Version: 2013.1 - adsl TV / FM)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.34.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.34.0 - Alcor Micro Corp.) Hidden
AMD Catalyst Install Manager (HKLM\...\{FD8FD2BD-A82D-C528-EDA0-A6635F47C19C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AnalogX AutoTune (HKLM-x32\...\AnalogX AutoTune_is1) (Version: 2.31 - AnalogX, LLC)
ArcSoft TotalMedia Theatre 5 (HKLM-x32\...\InstallShield_{9A2CE5D4-0A1E-42EB-9CE0-ABD5DD79E94E}) (Version: 5.0.1.86 - ArcSoft)
ArcSoft TotalMedia Theatre 5 (x32 Version: 5.0.1.80 - ArcSoft) Hidden
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Audiosurf 2 - Beta (HKLM-x32\...\{DDA55E82-39A4-4692-999D-4B2A363241CE}_is1) (Version:  - )
Autodesk 3ds Max 2009 64-bit (HKLM\...\{EC2280DF-BBAF-0409-9359-BCCD15545FFB}) (Version: 11.0 - Autodesk)
Autodesk 3ds Max 2009 64-bit Additional Maps and Material Libraries (HKLM\...\{CD853BA5-AA85-0409-85DC-A805D779DCA8}) (Version: 11.0 - Autodesk)
Autodesk 3ds Max 2009 64-bit Architectural Materials Library (HKLM\...\{155AB5E8-9913-0409-A7E7-D076DDE2AA6C}) (Version: 11.0 - Autodesk)
Autodesk 3ds Max 2009 64-bit Movies (HKLM\...\{7A1FD936-C444-0409-92D2-043B1F4ED886}) (Version: 11.0 - Autodesk)
Autodesk 3ds Max 2009 64-bit ProMaterials™ Library (HKLM\...\{5BD1364B-58D6-0409-8633-9B8E8D0AD52F}) (Version: 11.0 - Autodesk)
Autodesk 3ds Max 2009 64-bit Vault 2008 Plug-In (HKLM\...\{B7D0751A-3F16-0409-9F9B-FF3DC390F139}) (Version: 11.0 - Autodesk)
Autodesk 3ds Max 2009 64-bit Vault 2009 Plug-In (HKLM\...\{FA3E35E2-F088-0409-A563-C96430FF73F6}) (Version: 11.0 - Autodesk)
Autodesk Backburner 2008.1 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2008.1 - Autodesk, Inc.)
avstreamtools_ia64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
avstreamtools_x64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
avstreamtools_x86fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
biometrictools_x64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
biometrictools_x86fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.65a-release - Blender Foundation)
Bluerock Technologies Flight Studio 3ds Max 2009 64-bit (HKLM\...\{3605AC81-55E5-0409-BB41-0407FB67C639}) (Version: 11.0 - Autodesk)
bluetoothtools_ia64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
bluetoothtools_x64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
bluetoothtools_x86fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
BulletStorm (x32 Version: 1.0.0001.130 - EA) Hidden
CameraHelperMsi (x32 Version: 13.30.1395.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Charles 3.7 (HKLM\...\{2B2D8DD3-E7CF-4C2E-AF95-4CBA441F66C2}) (Version: 3.7.0.0 - XK72 Ltd)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
chkinftool_x86fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
ClipX (HKLM-x32\...\ClipX) (Version:  - )
CodeBlocks (HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\...\CodeBlocks) (Version: 12.11 - The Code::Blocks Team)
Cook, Serve, Delicious (HKLM-x32\...\Cook, Serve, Delicious1.0) (Version: 1.0 - Foxy Games)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.0924 - CyberLink Corp.)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 4.41.0314.0232 - DT Soft Ltd)
Désinstallation du logiciel Lexmark (HKLM\...\Lexmark_HostCD) (Version:  - Lexmark International, Inc.)
Devil May Cry 4 Special Edition version 1.0.0 (HKLM-x32\...\Devil May Cry 4 Special Edition_is1) (Version: 1.0.0 - Capcom)
dfx_ia64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
dfx_x64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
dfx_x86fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
Dictionnaire Freelang (liste de mots) (HKLM-x32\...\{14B380D6-8205-4F9D-81D8-515235929F2A}_is1) (Version:  - Freelang)
Dictionnaire Freelang 3.74 beta (HKLM-x32\...\{F53C4192-71DE-4B21-BE03-D6F8CBB5A238}_is1) (Version:  - Freelang)
Don't Starve (HKLM-x32\...\GOGPACKDONTSTARVE_is1) (Version: 2.4.0.13 - GOG.com)
drvtools_ia64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
drvtools_x64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
drvtools_x86fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
Dust: An Elysian Tail (HKLM-x32\...\Dust: An Elysian Tail_is1) (Version:  - Microsoft Studios)
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version:  - epubfilereader.com)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ExifCleaner 1.6 (HKLM-x32\...\ExifCleaner) (Version: 1.6 - SuperUtils.com Software)
Fable III (x32 Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
FBX Plugin 2009.0 for Max 2009 64 (HKLM\...\FBX Plugin 2009.0 for Max 2009 64) (Version:  - )
FEZ version 1.10 (HKLM-x32\...\{634CBDF9-98A3-4AF5-AED4-A23EC2665434}_is1) (Version: 1.10 - Polytron)
FFsplit version 0.7 (HKLM-x32\...\{82458834-6226-4A34-AE96-6907354F9F36}_is1) (Version: 0.7 - FFsplit Team)
Firefox Developer Edition 40.0a2 (x86 en-US) (HKLM-x32\...\Firefox Developer Edition 40.0a2 (x86 en-US)) (Version: 40.0a2 - Mozilla)
FlashDevelop (HKLM-x32\...\FlashDevelop) (Version: 5.0.1 - FlashDevelop.org)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download version 2.10.33.324 (HKLM-x32\...\Free YouTube Download_is1) (Version:  - DVDVideoSoft Limited.)
FreeKapture 2.00 - Freeware (HKLM-x32\...\FreeKapture 2.00 - Freeware_is1) (Version:  - )
FreeTools Launcher (HKLM-x32\...\{BB86BE84-4123-4967-9BA3-45F6648551E1}) (Version: 1.00.001 - Zoho Corp)
generaltools_ia64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
generaltools_x64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
generaltools_x86fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
Geometry Wars 3 Dimensions (HKLM-x32\...\Geometry Wars 3 Dimensions_is1) (Version:  - )
Git version 1.9.5-preview20141217 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
GitHub (HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\...\5f7eb300e2ea4ebf) (Version: 2.0.6.0 - GitHub, Inc.)
Google Chrome (HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GPU Boost Driver (HKLM-x32\...\{B8887E02-C910-4498-A7C0-186ABFDCD110}) (Version: 1.01.15 - ASUS)
Greenshot 1.1.7.17 (HKLM\...\Greenshot_is1) (Version: 1.1.7.17 - Greenshot)
Half Minute Hero Super Mega Neo Climax Ultimate Boy (HKLM-x32\...\Half Minute Hero Super Mega Neo Climax Ultimate Boy_is1) (Version:  - )
HandBrake 0.10.1 (HKLM-x32\...\HandBrake) (Version: 0.10.1 - )
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
imagingtools_ia64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
imagingtools_x64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
imagingtools_x86fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.6.0 - LIGHTNING UK!)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java 6 Update 37 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416037FF}) (Version: 6.0.370 - Oracle)
Java SE Development Kit 6 Update 37 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160370}) (Version: 1.6.0.370 - Oracle)
JetBrains PhpStorm 8.0.1 (HKLM-x32\...\PhpStorm 8.0.1) (Version: 138.2001.2328 - JetBrains s.r.o.)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMicron Technology Corp.)
KickBeat Steam Edition (HKLM-x32\...\S2lja0JlYXRTdGVhbUVkaXRpb24=_is1) (Version: 1 - )
KWorld Editing Device Driver (HKLM-x32\...\KWorld Editing Device Driver_is1) (Version:  - )
LAV Filters 0.55.3 (HKLM-x32\...\lavfilters_is1) (Version: 0.55.3 - Hendrik Leppkes)
Lexmark Pilote TWAIN réseau Programme de désinstallation (HKLM\...\Lexmark Network TWAIN Driver) (Version:  - Lexmark International, Inc.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
Lumino City (HKLM-x32\...\Lumino City_is1) (Version:  - )
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
Magicka 2 (HKLM-x32\...\TWFnaWNrYTI=_is1) (Version: 1 - )
Malwarebytes' Anti-Malware (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version:  - Malwarebytes Corporation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mark of the Ninja (HKLM-x32\...\Mark of the Ninja_is1) (Version:  - )
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft IntelliPoint 8.0 (HKLM\...\{2BF35D84-6377-4F70-9F39-97CF67E67FFF}) (Version: 8.01.249.0 - Microsoft)
Microsoft Office « Démarrer en un clic » 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 - Français (HKLM-x32\...\{90140011-0061-040C-0000-0000000FF1CE}) (Version: 14.0.5130.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{86CE1746-9EFF-3C9C-8755-81EA8903AC34}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Windows Driver Kit 7.1.0.7600 (HKLM-x32\...\KitSetup Registration {B4285279-1846-49B4-B8FD-B9EAF0FF17DA}:{68656B6B-555E-5459-5E5D-6363635E5F61}) (Version: 7.1.0.7600 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mitsurugi Kamui Hikae (HKLM-x32\...\{EDAD6709-0387-416D-845F-67FCE10E23B8}) (Version: 1.0.2 - ZENITH BLUE)
modemtools (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
Mount and Blade - Warband  - Viking Conquest (HKLM-x32\...\Mount and Blade: Warband  - Viking Conquest_is1) (Version: 2.1.1.11 - GOG.com)
Mount and Blade - Warband (HKLM-x32\...\1207666913_is1) (Version: 2.2.0.10 - GOG.com)
Mouse Recorder 2.2.8.6 (HKLM-x32\...\{7281CABA-E70B-411A-AF4B-ECB3C8778364}_is1) (Version:  - Robot-Soft.com, Inc.)
Mozilla Firefox 36.0.4 (x86 fr) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 fr)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.0.5658 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nidhogg (HKLM-x32\...\TmlkaG9nZw==_is1) (Version: 1 - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.8.7 - )
One Finger Death Punch 1.0 (HKLM-x32\...\One Finger Death Punch 1.0) (Version: 1.0 - Cat-A-Cat)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.0 (HKLM-x32\...\{B3B009FC-6909-4E00-9F43-FFB5CA93D606}) (Version: 4.10.9764 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.30 (HKLM\...\{5E7BEDD4-397D-4537-A290-AB012A45D771}) (Version: 4.3.30 - Oracle Corporation)
PAC-MAN Championship Edition DX+ (HKLM-x32\...\PAC-MAN Championship Edition DX+_is1) (Version:  - Namco Bandai Games)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
PaperScan 2 Free Edition (HKLM-x32\...\{41E45D65-814E-45C9-898A-5C6A2BADEC77}) (Version: 2.0.17 - ORPALIS)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Pepakura Viewer 3 (HKLM-x32\...\pepakura_viewer3en) (Version:  - TamaSoftware)
Perforce Visual Components (HKLM\...\{F198A8BD-75A7-4D5A-B92E-79D3D76F7CA9}) (Version: 142.97.3065 - Perforce Software)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.1 - )
Plague Inc - Evolved version 0.6.6 (HKLM-x32\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 0.6.6 - )
pnptools_ia64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
pnptools_x64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
pnptools_x86fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
powermanagement_ia64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
powermanagement_x64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
powermanagement_x86fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
Prefab3D (HKLM-x32\...\Prefab3D) (Version: 2.143 - UNKNOWN)
Prefab3D (x32 Version: 2.143 - UNKNOWN) Hidden
Pressure version 1 (HKLM-x32\...\UHJlc3N1cmU=_is1) (Version: 1 - )
printtools_ia64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
printtools_x64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
printtools_x86fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
Proun (HKLM-x32\...\Proun) (Version:  - )
Rapport (x32 Version: 3.5.1412.207 - Trusteer) Hidden
readme (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6037 - Realtek Semiconductor Corp.)
Recettear: An Item Shop's Tale (HKLM-x32\...\Recettear: An Item Shop's Tale_is1) (Version:  - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
RetroGrade (HKLM-x32\...\RetroGrade_is1) (Version:  - )
Reus (HKLM-x32\...\GOGPACKREUS_is1) (Version: 2.0.0.10 - GOG.com)
Robocraft version 0.3.290 (HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\...\{9F101691-69D3-422E-BB5C-8CAD7110781B}_is1) (Version: 0.3.290 - Freejam)
Rogue Legacy version 1.0.10a (HKLM-x32\...\Rogue Legacy_is1) (Version: 1.0.10a - )
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\RollerCoaster Tycoon 3 Platinum_is1) (Version:  - GOG.com)
Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Runner2: Future Legend of Rhythm Alien_is1) (Version:  - )
sdv (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
Serveur Média (HKLM-x32\...\TwonkyMediaServeur Média) (Version: 6.0.30.0 - PacketVideo)
setuptools_ia64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
setuptools_x64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
setuptools_x86fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
ShoeBox (HKLM-x32\...\ShoeBox) (Version: 3.4.2 - UNKNOWN)
ShoeBox (x32 Version: 3.4.2 - UNKNOWN) Hidden
Shovel Knight (HKLM-x32\...\Shovel Knight_is1) (Version:  - )
SimCity 4 Deluxe Edition (HKLM-x32\...\GOGPACKSC4_is1) (Version: 2.0.0.8 - GOG.com)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Sneaky Sneaky (HKLM-x32\...\Sneaky SneakyFinal) (Version: Final - Game-Owl.com)
Space Run (HKLM-x32\...\Space Run_is1) (Version:  - Focus Home Interactive)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spring 96.0 (HKLM-x32\...\Spring) (Version: 96.0 - Spring team)
SpriteSheetCreator (HKLM-x32\...\com.adobe.example.SpriteSheetCreator) (Version: 1.7 - UNKNOWN)
SpriteSheetCreator (x32 Version: 1.7 - UNKNOWN) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
StepMania (remove only) (HKLM-x32\...\StepMania) (Version:  - )
Subway Surfers 1.0 (HKLM-x32\...\Subway Surfers 1.0) (Version: 1.0 - Cat-A-Cat)
Super House of Dead Ninjas (HKLM-x32\...\Super House of Dead Ninjas_is1) (Version:  - )
Super Street Fighter IV: Arcade Edition (HKLM-x32\...\GFWL_{43430FA0-49F0-4B13-B4C5-611000008100}) (Version: 1.0.0000.129 - CAPCOM U.S.A., INC)
Super Street Fighter IV: Arcade Edition (x32 Version: 1.0.0000.129 - CAPCOM U.S.A., INC) Hidden
SUPER STREET FIGHTER IV: ARCADE EDITION (x32 Version: 1.0.0003.129 - CAPCOM U.S.A., INC) Hidden
SUPER STREET FIGHTER IV: ARCADE EDITION (x32 Version: 1.0.0005.129 - CAPCOM U.S.A., INC) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
Tetris TGM 3 (HKLM-x32\...\Tetris TGM 3) (Version: 1.0 - Jimbo)
The Alley Strikes Back (HKLM-x32\...\The Alley Strikes Backv1.0) (Version: v1.0 - Iwin.com)
The Binding of Isaac: Rebirth (HKLM-x32\...\VGhlQmluZGluZ29mSXNhYWNSZWJpcnRo_is1) (Version: 1 - )
TigerGame PS/PS2 Game Controller Adapter series to pc USB Drive (HKLM-x32\...\TigerGame PS/PS2 Game Controller Adapter series_is1) (Version:  - )
TigerGame Superjoy Box Series (HKLM-x32\...\TigerGame Superjoy Box Series_is1) (Version:  - )
Tiled - Tiled Map Editor (HKLM-x32\...\Tiled) (Version:  - )
toolindex (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
tracingtool_ia64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
tracingtool_x64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
tracingtool_x86fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
TreeMaker 5.0 (HKLM-x32\...\TreeMaker_is1) (Version:  - TreeMaker Team)
Triolinker Plus (HKLM-x32\...\Triolinker Plus) (Version:  - )
Trusteer Sécurité des points d'accès (HKLM-x32\...\Rapport_msi) (Version: 3.5.1412.207 - Trusteer)
Turbo Squid Tentacles 3ds Max 2009 64-bit (HKLM\...\{29421E62-F88F-45F1-8686-8EAE6748AE59}) (Version: 3.2.0 - Turbo Squid)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Valdis Story. Abyssal City 1.0 (HKLM-x32\...\Valdis Story. Abyssal City 1.0) (Version: 1.0 - Cat-A-Cat)
Video to Video (HKLM-x32\...\{7F95A744-78DA-4AED-A8F0-A0AF330B8411}_is1) (Version:  - Media Converters)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
wdftools_ia64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
wdftools_x64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
wdftools_x86fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Essentials Media Codec Pack 2.2 (HKLM-x32\...\Windows Essentials Media Codec Pack) (Version: 2.2 - Media Codec)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Winkawaks 1.61 (HKLM-x32\...\Winkawaks 1.61) (Version:  - )
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
wpdtools_ia64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
wpdtools_x64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
wpdtools_x86fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
wsdtool_ia64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
wsdtool_x64fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
wsdtool_x86fre (x32 Version: 1.1.6001.0 - Microsoft Corporation) Hidden
XAMPP (HKLM-x32\...\xampp) (Version: 5.5.24-0 - Bitnami)
XBCD 360 0.2.5 (HKLM-x32\...\XBCD 360) (Version: 0.2.5 - DhruvB14)
Xilisoft Montage Vidéo 6 (HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\...\Xilisoft Movie Maker) (Version: 6.0.3.0701 - Xilisoft)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
Zuma's Revenge! (HKLM-x32\...\Zuma's Revenge!1.0) (Version: 1.0 - FishBone Games)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1594525578-2187793927-1167310059-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\MICKA\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1594525578-2187793927-1167310059-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\MICKA\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1594525578-2187793927-1167310059-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-1594525578-2187793927-1167310059-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-1594525578-2187793927-1167310059-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\MICKA\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:34 - 2015-08-09 10:56 - 00452020 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
 
There are 1000 more lines.
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0EB3FE61-37B1-4CE1-BD37-0D3518DED3CD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {3A420FFE-F9A1-491C-BDBE-3C7AB2C05878} - System32\Tasks\AdobeAAMUpdater-1.0-MICKA-PC-MICKA => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {3A5A240A-C7F6-4C6A-85F4-49814E18714C} - System32\Tasks\ASUS\Gpu Boost Driver => C:\Program Files\ASUS\GPU Boost Driver\GpuBoostServer.exe [2010-03-27] (
ASUSTeK Computer Inc.)
Task: {400614BF-2887-4D9E-AC71-20DB3FAED91C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1594525578-2187793927-1167310059-1001Core => C:\Users\MICKA\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-15] (Google Inc.)
Task: {480CFE9C-BAB9-412D-84D8-F0131C4B25C8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {5606A8BC-1C9C-4CE0-94A9-8163030E83AE} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {626F0206-A509-4DA6-A5CD-593DEBB731FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-19] (Google Inc.)
Task: {678AA9FD-9C5F-42F3-98D4-12712BC8C7FF} - System32\Tasks\{C6379D0C-5EBC-40EA-8ED4-DFCB747B359F} => C:\Jeux\MAMEs\ShmupMAME\mame32p.exe
Task: {8042BE3B-AAF9-4BDD-BE2F-C838C6036867} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-01-07] (Microsoft Corporation)
Task: {80905BE9-6FC0-4B99-BB85-878A60ED6C77} - System32\Tasks\{DFBB1697-C654-4E83-9F61-4FA75F0E671D} => pcalua.exe -a F:\AutorunPro.EXE -d F:\
Task: {82F4DCDC-C537-441B-90D2-03799BFC4BBD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-19] (Google Inc.)
Task: {8BCAFCE4-5063-4524-8553-9A7B5B7FBB30} - System32\Tasks\{04382899-ED5F-4E51-8C1A-84D5F7CFA0AC} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.)
Task: {90F62C5A-084E-4531-8D50-147F8E7220FC} - System32\Tasks\{3814DA92-51E9-479C-97F0-FCCB93960A86} => pcalua.exe -a C:\Users\MICKA\Downloads\windows-7-dreamscene-installer_windows_7_dreamscene_installer_anglais_310872.exe -d C:\Users\MICKA\Downloads
Task: {9AF8D6F7-5A71-4E9B-82F2-9733E1D1219C} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1594525578-2187793927-1167310059-1001
Task: {C92F2E5F-1C7C-44C1-A85D-2FF388E68F7B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1594525578-2187793927-1167310059-1001UA => C:\Users\MICKA\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-15] (Google Inc.)
Task: {CD1988DC-B50B-4819-8944-B4503E7A4071} - System32\Tasks\{996D8102-BBD3-47E3-BA3B-028C14A7004B} => Chrome.exe 
Task: {D45A202E-AF2F-4ADF-A4A4-F488C9A6548A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {DF55987A-0B9B-4E57-A262-AB2AA0C51886} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {F248FBD5-AA7B-41A8-90F8-857932D5362B} - System32\Tasks\{EF689615-90E4-4C88-9CD0-F0316EE04C7C} => pcalua.exe -a C:\Users\MICKA\Downloads\portal-prelude-setup-1.1.5.exe -d C:\Users\MICKA\Downloads
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1594525578-2187793927-1167310059-1001Core.job => C:\Users\MICKA\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1594525578-2187793927-1167310059-1001UA.job => C:\Users\MICKA\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-05-23 02:10 - 2014-05-23 02:10 - 00671904 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-12-21 23:32 - 2014-12-17 22:23 - 00736962 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2013-12-06 16:06 - 2013-12-06 16:06 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2009-03-30 08:32 - 2009-03-30 08:32 - 00032768 ____R () C:\Windows\DAODx.exe
2008-03-10 01:08 - 2008-03-10 01:08 - 00065536 _____ () C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe
2013-04-07 00:12 - 2010-09-16 13:47 - 00753664 _____ () C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe
2005-11-30 23:34 - 2005-11-30 23:34 - 00068608 _____ () C:\Program Files (x86)\ClipX\clipx.exe
2010-12-14 23:47 - 2010-12-14 23:47 - 01451608 _____ () C:\Program Files (x86)\Serveur Media\TwonkyMediaServer.exe
2013-12-06 16:06 - 2013-12-06 16:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-07-10 13:22 - 2015-07-10 13:22 - 01039088 _____ () C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
2013-04-29 13:12 - 2013-04-29 13:12 - 15305128 _____ () C:\Program Files\Adobe\Adobe Flash CC\Common\Configuration\authplay.dll
2014-12-21 23:32 - 2014-12-21 23:33 - 00598016 _____ () C:\Program Files (x86)\Git\git-cheetah\..\bin\sh.exe
2014-12-21 23:32 - 2014-12-21 23:33 - 00598016 _____ () C:\Program Files (x86)\Git\bin\sh.exe
2014-08-18 21:05 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-18 21:05 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-18 21:05 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-08-18 21:05 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-18 21:05 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-04-07 00:12 - 2010-09-16 13:47 - 00380928 _____ () C:\Program Files\Lexmark\Monitor\ACB\LMabscw.dll
2013-04-07 00:12 - 2010-09-16 13:47 - 01114112 _____ () C:\Program Files\Lexmark\Monitor\ACB\LMabDRS.dll
2013-04-07 00:12 - 2010-09-16 13:47 - 00147456 _____ () C:\Program Files\Lexmark\Monitor\ACB\LMabcaps.dll
2015-07-21 17:02 - 2015-07-21 17:02 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2010-05-07 19:35 - 2010-05-07 19:35 - 02143576 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2010-05-07 19:35 - 2010-05-07 19:35 - 07954776 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2010-05-07 19:36 - 2010-05-07 19:36 - 00340824 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2010-05-07 19:37 - 2010-05-07 19:37 - 00027480 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2010-05-07 19:37 - 2010-05-07 19:37 - 00126808 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2014-06-16 01:28 - 2009-02-27 16:32 - 00020480 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.fra
2014-06-16 01:28 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.DEU
2013-04-29 11:07 - 2013-04-28 13:08 - 00038912 _____ () C:\Program Files (x86)\FFsplit\Filters\FFsource.ax
2015-08-04 20:28 - 2015-07-31 08:19 - 01405768 _____ () C:\Users\MICKA\AppData\Local\Google\Chrome\Application\44.0.2403.130\libglesv2.dll
2015-08-04 20:28 - 2015-07-31 08:19 - 00081224 _____ () C:\Users\MICKA\AppData\Local\Google\Chrome\Application\44.0.2403.130\libegl.dll
2010-08-15 20:34 - 2010-08-15 20:34 - 00204800 _____ () C:\Program Files (x86)\Notepad++\plugins\ComparePlugin.dll
2008-09-06 14:51 - 2008-09-06 14:51 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2010-08-21 14:56 - 2015-05-25 19:25 - 02873856 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
2007-08-05 03:10 - 2007-08-05 03:10 - 00250368 _____ () C:\Program Files (x86)\Notepad++\plugins\Config\tidy\libTidy.dll
2015-06-21 23:51 - 2015-06-21 23:51 - 00157184 _____ () C:\Program Files (x86)\FlashDevelop\Aga.dll
2015-06-21 23:51 - 2015-06-21 23:51 - 00188416 _____ () C:\Program Files (x86)\FlashDevelop\Plugins\fdb.j4n.dll
2013-03-13 14:42 - 2013-03-13 14:42 - 00071568 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:ADF211B1
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7867 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\MICKA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{ED38F4B0-4E02-4DE1-830C-C9DB3DB1BB00}C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe] => (Block) C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe
FirewallRules: [uDP Query User{7C356DFA-FBEA-4818-B427-824B31CDA346}C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe] => (Block) C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe
FirewallRules: [TCP Query User{7663DDED-4107-41D3-AE42-5FCA92965C12}C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe] => (Block) C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe
FirewallRules: [uDP Query User{23D4236B-D865-40B5-B3EF-CCEA3ED36A96}C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe] => (Block) C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe
FirewallRules: [TCP Query User{37ADDFDE-B554-442F-A331-055BA1F9B7FE}C:\program files (x86)\arcsoft\totalmedia theatre 5\utotalmediatheatre5.exe] => (Allow) C:\program files (x86)\arcsoft\totalmedia theatre 5\utotalmediatheatre5.exe
FirewallRules: [uDP Query User{B3FFE76B-8651-4BA1-8A38-3B69A8F6F654}C:\program files (x86)\arcsoft\totalmedia theatre 5\utotalmediatheatre5.exe] => (Allow) C:\program files (x86)\arcsoft\totalmedia theatre 5\utotalmediatheatre5.exe
FirewallRules: [TCP Query User{1A33A88D-A97B-4B37-9501-B57EA18B20A2}C:\jeux\stepmania cvs\program\stepmania.exe] => (Allow) C:\jeux\stepmania cvs\program\stepmania.exe
FirewallRules: [uDP Query User{16DD45AA-2B2B-4909-8637-CC69F33333A4}C:\jeux\stepmania cvs\program\stepmania.exe] => (Allow) C:\jeux\stepmania cvs\program\stepmania.exe
FirewallRules: [{6FADB2C8-CFAA-41AA-AF5E-50F4831CCA40}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E71C7E41-5433-4EF7-9D33-DBB49049C44E}] => (Allow) LPort=2869
FirewallRules: [{C145A8E7-B57C-4BBB-8FE6-2954F258F90B}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{41B912C4-214A-4CCE-9B49-9F460BEC1005}C:\program files (x86)\internet download manager\idman.exe] => (Allow) C:\program files (x86)\internet download manager\idman.exe
FirewallRules: [uDP Query User{88D62F56-0284-46DF-A585-C3FB4229C54C}C:\program files (x86)\internet download manager\idman.exe] => (Allow) C:\program files (x86)\internet download manager\idman.exe
FirewallRules: [{C6474E4C-B35A-4BAE-BD76-5D018C73F032}] => (Allow) C:\Program Files (x86)\adslTV\adsltv.exe
FirewallRules: [{B57BA80C-1636-441C-8C33-C22C14702955}] => (Allow) C:\Program Files (x86)\adslTV\adsltv.exe
FirewallRules: [{B0D45F17-FEB6-4EDE-B06A-C75870EB4C18}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [{E3175B67-D3D2-4A4D-88A1-53FB3F941BAA}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [TCP Query User{036CDE35-88EC-4C1B-85AC-FE7485C974BF}C:\cygwin\bin\xwin.exe] => (Block) C:\cygwin\bin\xwin.exe
FirewallRules: [uDP Query User{DB083F48-D793-4D59-A9FE-FAB561FA3E75}C:\cygwin\bin\xwin.exe] => (Block) C:\cygwin\bin\xwin.exe
FirewallRules: [{BF3B140B-525B-4AD4-B14B-ACDD0A31881B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{45716AE1-AE8B-4CBF-9716-E93092F88446}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{21C759E5-B805-4580-98BF-12D7C8C9FA6A}C:\jeux\proun\proun.exe] => (Allow) C:\jeux\proun\proun.exe
FirewallRules: [uDP Query User{886D632F-B1A9-4CE6-B8A1-C6932C15D4D5}C:\jeux\proun\proun.exe] => (Allow) C:\jeux\proun\proun.exe
FirewallRules: [{2A47D8CD-0481-4208-BA15-D4EC5C2E598F}] => (Allow) C:\Jeux\Super Street Fighter IV\SSFIV.exe
FirewallRules: [{1769F51B-FB4E-4C50-81B0-0C7377E8C57B}] => (Allow) C:\Jeux\Super Street Fighter IV\SSFIV.exe
FirewallRules: [TCP Query User{F9E1B0AE-2D28-4928-A204-47AF81EBF1A9}C:\program files (x86)\pidgin\pidgin.exe] => (Allow) C:\program files (x86)\pidgin\pidgin.exe
FirewallRules: [uDP Query User{0C72A353-9C50-4EDE-BDB3-462BD8EBE08C}C:\program files (x86)\pidgin\pidgin.exe] => (Allow) C:\program files (x86)\pidgin\pidgin.exe
FirewallRules: [TCP Query User{0EF6D7E7-441C-48DD-B24B-99EBC241D1C8}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [uDP Query User{588AEF40-EB65-4BE3-964D-09D692B0A492}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [{B1029CF0-7F5B-4B67-A8F1-B5C8C597275B}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{53824C8C-CEFE-4B65-A124-EB708073C3DD}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{9B3965AC-67B0-450F-980E-99AD26FF3100}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{7A0DE607-E9EF-4C12-A8C7-517F89E52402}C:\jeux\torchlight ii\torchlight2.exe] => (Allow) C:\jeux\torchlight ii\torchlight2.exe
FirewallRules: [uDP Query User{CBEC6BC9-7ECD-466A-A81C-41F0E82FC42D}C:\jeux\torchlight ii\torchlight2.exe] => (Allow) C:\jeux\torchlight ii\torchlight2.exe
FirewallRules: [{C3628AF4-30BB-4E3A-97B4-39B6717C355F}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{60214C35-FF4F-4290-BE30-B0D9C4C8EB49}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{D3EE406D-8A18-4A57-8EC1-A43E1BEF8B88}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{AE25E333-F913-4189-8E64-EE9808F28CE0}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{CDDF78D7-061D-47F1-B1B7-32104945C5A7}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{2BEC06C6-EDAF-4019-A5B7-B5E0AEE46849}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{220E765B-4753-4720-B50F-8D6B038F3D23}] => (Allow) C:\Program Files\Autodesk\3ds Max 2009\3dsmax.exe
FirewallRules: [{78F1956E-2441-4016-B5FF-B98E980FBDE4}] => (Allow) C:\Program Files\Autodesk\3ds Max 2009\3dsmax.exe
FirewallRules: [{F5186601-C691-4044-A0C6-9B97708B97AD}] => (Allow) C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe
FirewallRules: [{FB7B6DA3-021E-42E1-A86E-295D71F3C770}] => (Allow) C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe
FirewallRules: [{F301C470-1EC8-4736-9993-8E5D152E7CD3}] => (Allow) C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe
FirewallRules: [{F50F637F-C805-4BF0-8C04-E6BDC0882DE4}] => (Allow) C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe
FirewallRules: [{317C0D0B-6B97-4B16-9B55-35C150C2775B}] => (Allow) C:\Program Files (x86)\Lexmark\NetworkTwain\LMZZZ_32__bc.dll
FirewallRules: [{B9C6D3AA-9A3A-4CB3-8432-2961D6AAC3D0}] => (Allow) C:\Program Files (x86)\Lexmark\NetworkTwain\LMZZZ_32__bc.dll
FirewallRules: [{F3CF28EB-0F7F-4FCA-A252-53BE51C510F5}] => (Allow) C:\Program Files (x86)\Lexmark\NetworkTwain\LMzzz_32serv.dll
FirewallRules: [{81D0FB2B-DB1E-4970-8262-648CE9FFAB4E}] => (Allow) C:\Program Files (x86)\Lexmark\NetworkTwain\LMzzz_32serv.dll
FirewallRules: [{6C7971B1-A996-4D4D-8DFC-E12598BD8242}] => (Allow) C:\Program Files (x86)\Lexmark\NetworkTwain\lextwprotocol.dll
FirewallRules: [{2C58B12E-47A3-4669-8A60-F03914F0D261}] => (Allow) C:\Program Files (x86)\Lexmark\NetworkTwain\lextwprotocol.dll
FirewallRules: [{AEB4C836-FCD7-4074-8E81-722C3947CD6B}] => (Allow) C:\Windows\twain_32\Lexmark\NetworkTwain\lexnetworkds.ds
FirewallRules: [{3D8308D5-A211-4DF9-A955-1414E5CAAB2A}] => (Allow) C:\Windows\twain_32\Lexmark\NetworkTwain\lexnetworkds.ds
FirewallRules: [{FCC7BCA0-EC23-4ABE-B701-FA19771B7BCE}] => (Allow) C:\Windows\system32\LMabcoms.exe
FirewallRules: [TCP Query User{1EBE0022-BD15-491E-AD35-C552CB424F12}C:\program files (x86)\tsoft\midwavi pro\freecapture.exe] => (Allow) C:\program files (x86)\tsoft\midwavi pro\freecapture.exe
FirewallRules: [uDP Query User{389DE9D5-37C3-4336-9AF9-152F1A3C9269}C:\program files (x86)\tsoft\midwavi pro\freecapture.exe] => (Allow) C:\program files (x86)\tsoft\midwavi pro\freecapture.exe
FirewallRules: [TCP Query User{5FE1A7DE-A7A4-4E4E-977A-E952C16435F3}C:\program files\charles\charles.exe] => (Allow) C:\program files\charles\charles.exe
FirewallRules: [uDP Query User{59A79447-F83C-40DD-B9FC-800FE12FA484}C:\program files\charles\charles.exe] => (Allow) C:\program files\charles\charles.exe
FirewallRules: [TCP Query User{406631A2-6791-4848-936F-3BA3AD962BBC}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [uDP Query User{11A51E0F-A6A2-4EBE-90C9-D4DE7856EF35}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [TCP Query User{EB565C63-C4FE-4498-A41B-43CD5DCFF694}C:\jeux\the stanley parable\stanley.exe] => (Allow) C:\jeux\the stanley parable\stanley.exe
FirewallRules: [uDP Query User{1935AABB-BEB6-47B8-B0B2-B9297A187AFE}C:\jeux\the stanley parable\stanley.exe] => (Allow) C:\jeux\the stanley parable\stanley.exe
FirewallRules: [TCP Query User{67C23B89-6ECE-4232-8D33-A1BEE68AF782}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [uDP Query User{6A0992F1-2186-477D-82C4-7A97B38BB54B}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [TCP Query User{417356A4-6BC7-4ED3-A643-F5FAF2B72C0F}C:\program files (x86)\orpalis\paperscan 2 free edition\paperscan.exe] => (Allow) C:\program files (x86)\orpalis\paperscan 2 free edition\paperscan.exe
FirewallRules: [uDP Query User{274AA9D5-77E2-49AF-AFD5-9A594FB2A3D0}C:\program files (x86)\orpalis\paperscan 2 free edition\paperscan.exe] => (Allow) C:\program files (x86)\orpalis\paperscan 2 free edition\paperscan.exe
FirewallRules: [TCP Query User{EEAE0C04-0CAB-40FB-8D11-D8685CC6DC38}C:\program files\adobe scout cc\scout.exe] => (Block) C:\program files\adobe scout cc\scout.exe
FirewallRules: [uDP Query User{0A3086D9-B09F-4389-9C52-CD546C73438B}C:\program files\adobe scout cc\scout.exe] => (Block) C:\program files\adobe scout cc\scout.exe
FirewallRules: [TCP Query User{EB05BAE5-4174-448F-94EF-50B150A3F347}C:\jeux\super motherload\supermotherloadgl.exe] => (Block) C:\jeux\super motherload\supermotherloadgl.exe
FirewallRules: [uDP Query User{394D4D92-808A-4198-8235-EABBF18F5722}C:\jeux\super motherload\supermotherloadgl.exe] => (Block) C:\jeux\super motherload\supermotherloadgl.exe
FirewallRules: [TCP Query User{211F1DB5-BDE6-4755-9AD5-32E4BD5416AD}C:\jeux\space run\ospacegame.exe] => (Block) C:\jeux\space run\ospacegame.exe
FirewallRules: [uDP Query User{BBCCC9D8-61C3-439E-9C50-A4BD55F50162}C:\jeux\space run\ospacegame.exe] => (Block) C:\jeux\space run\ospacegame.exe
FirewallRules: [TCP Query User{7BAB7AD1-C9AE-4CFD-90B5-47F226D5D1C8}C:\jeux\geometry wars 3 dimensions\gw3.exe] => (Block) C:\jeux\geometry wars 3 dimensions\gw3.exe
FirewallRules: [uDP Query User{2F749C74-DCBC-4085-ADD2-40AEDAD6D37A}C:\jeux\geometry wars 3 dimensions\gw3.exe] => (Block) C:\jeux\geometry wars 3 dimensions\gw3.exe
FirewallRules: [TCP Query User{B9EE7D1A-4D1F-42FC-977B-28EAF9C60D62}C:\program files\adobe scout cc\scout.exe] => (Allow) C:\program files\adobe scout cc\scout.exe
FirewallRules: [uDP Query User{4202A13F-8278-4E1A-8C73-73F63F1DA805}C:\program files\adobe scout cc\scout.exe] => (Allow) C:\program files\adobe scout cc\scout.exe
FirewallRules: [{3F898122-4342-408D-83D5-CE0455A793BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DAE0DAE9-9321-40CC-AE9F-047D52FEB827}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A821DA5C-478A-478D-B147-FC99C8C5E544}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe
FirewallRules: [{B7090BE3-4F2C-4E76-BDE2-75DDD394470E}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe
FirewallRules: [TCP Query User{C4957B37-9DF7-4FDD-891C-B1FE4639F68C}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [uDP Query User{4820952A-08DD-4319-980E-08A5155F85B5}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{87499513-0147-4C8C-B612-0D51FA5DCB4D}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [uDP Query User{A7E493ED-ED64-4814-B527-ADDDC945621E}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{BE2C0D1C-EFF0-4D50-80E3-EC79664B5BB0}C:\program files (x86)\jetbrains\phpstorm 8.0.1\bin\phpstorm.exe] => (Block) C:\program files (x86)\jetbrains\phpstorm 8.0.1\bin\phpstorm.exe
FirewallRules: [uDP Query User{1F831478-E8CA-4479-8EE0-E2AED2F954C1}C:\program files (x86)\jetbrains\phpstorm 8.0.1\bin\phpstorm.exe] => (Block) C:\program files (x86)\jetbrains\phpstorm 8.0.1\bin\phpstorm.exe
FirewallRules: [TCP Query User{EC60AD31-22B1-440F-9B02-06FDFE25F001}C:\nginx-1.9.3\nginx.exe] => (Allow) C:\nginx-1.9.3\nginx.exe
FirewallRules: [uDP Query User{16B32DA5-7262-4FAE-84E7-927A17E1C7D5}C:\nginx-1.9.3\nginx.exe] => (Allow) C:\nginx-1.9.3\nginx.exe
FirewallRules: [TCP Query User{DEDE3BF1-E3E1-4C97-9747-C4436B7CE215}C:\program files\oracle\virtualbox\vboxheadless.exe] => (Allow) C:\program files\oracle\virtualbox\vboxheadless.exe
FirewallRules: [uDP Query User{B71C56CF-0F3B-4C9F-8799-23D08A8DF2F0}C:\program files\oracle\virtualbox\vboxheadless.exe] => (Allow) C:\program files\oracle\virtualbox\vboxheadless.exe
FirewallRules: [TCP Query User{E532333D-8B1B-4283-8FD0-08CF237C6358}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [uDP Query User{553704A6-EFA4-4C8A-9DA5-6B2DEC2B387F}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [{0EDDB365-19E7-4E96-A8F9-A1147E58A335}] => (Allow) C:\Users\MICKA\AppData\Local\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Faulty Device Manager Devices =============
 
Name: SCSI/RAID Host Controller
Description: SCSI/RAID Host Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: 
Service: adgc7z1u
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/10/2015 07:35:45 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
 
Error: (08/10/2015 06:35:45 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
 
Error: (08/10/2015 05:35:45 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
 
Error: (08/10/2015 04:35:45 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
 
Error: (08/10/2015 03:35:44 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
 
Error: (08/10/2015 02:35:44 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
 
Error: (08/10/2015 01:35:44 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
 
Error: (08/10/2015 12:35:44 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
 
Error: (08/10/2015 11:35:44 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
 
Error: (08/10/2015 10:35:44 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
 
 
System errors:
=============
Error: (08/10/2015 11:35:44 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
 
Error: (08/09/2015 11:35:41 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
 
Error: (08/09/2015 10:13:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (08/09/2015 10:13:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (08/09/2015 10:13:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Client Virtualization Handler service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/09/2015 10:13:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Application Virtualization Client service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/09/2015 10:13:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Security Center Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (08/09/2015 10:13:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (08/09/2015 10:13:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Application Virtualization Service Agent service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/09/2015 10:13:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Serveur Média service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office:
=========================
Error: (08/10/2015 07:35:45 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
 
Error: (08/10/2015 06:35:45 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
 
Error: (08/10/2015 05:35:45 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
 
Error: (08/10/2015 04:35:45 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
 
Error: (08/10/2015 03:35:44 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
 
Error: (08/10/2015 02:35:44 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
 
Error: (08/10/2015 01:35:44 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
 
Error: (08/10/2015 12:35:44 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
 
Error: (08/10/2015 11:35:44 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
 
Error: (08/10/2015 10:35:44 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
 
 
CodeIntegrity:
===================================
  Date: 2011-05-10 08:35:44.460
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-05-10 08:35:44.438
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-05-03 21:22:00.948
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hidusbf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-05-03 21:22:00.923
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hidusbf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-05-03 21:11:10.873
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hidusbf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-05-03 21:11:10.857
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hidusbf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-04-11 04:33:54.957
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hidusbf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-04-11 04:33:54.942
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hidusbf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-04-11 04:33:54.926
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hidusbf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-04-11 04:33:54.895
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hidusbf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: AMD Phenom II X6 1100T Processor
Percentage of memory in use: 58%
Total physical RAM: 12286.18 MB
Available physical RAM: 5134.15 MB
Total Virtual: 24570.57 MB
Available Virtual: 15830.25 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:279.36 GB) (Free:84.77 GB) NTFS
Drive d: (Storage) (Fixed) (Total:1863.01 GB) (Free:1583.58 GB) NTFS
Drive e: (Storage2) (Fixed) (Total:3726.02 GB) (Free:3107.9 GB) NTFS
Drive g: () (Fixed) (Total:120 GB) (Free:113.27 GB) NTFS
Drive h: () (Fixed) (Total:345.75 GB) (Free:215.96 GB) NTFS
Drive j: (Ubuntu-Server 14) (CDROM) (Total:0.57 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 15AD9DD9)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 0C8E0C8D)
Partition 1: (Active) - (Size=120 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=345.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 279.5 GB) (Disk ID: B0C894DA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=279.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (Size: 3726 GB) (Disk ID: 02FE75FC)
 
Partition: GPT.
 
==================== End of log ============================
Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Step 1

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Step 2

Please update Malwarebytes Anti-Malware and perform a threat scan. Post your log file here.

In your next reply, post the following log files:

  • FRST log
  • Malwarebytes' Anti-Malware log

fixlist.txt

Link to post
Share on other sites
Kicker93

Kicker93

Posted
  • Author
Posted

Hello, here are the logs:

 

Fix result of Farbar Recovery Scan Tool (x64) Version:11-08-2015

Ran by MICKA (2015-08-11 20:41:03) Run:1
Running from C:\Users\MICKA\Desktop\FRST
Loaded Profiles: MICKA (Available Profiles: MICKA)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
AlternateDataStreams: C:\ProgramData\Temp:ADF211B1
FirewallRules: [TCP Query User{406631A2-6791-4848-936F-3BA3AD962BBC}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [uDP Query User{11A51E0F-A6A2-4EBE-90C9-D4DE7856EF35}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
GroupPolicyScripts\User: Group Policy detected <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
U3 adgc7z1u; no ImagePath
U3 aofgnj94; C:\Windows\System32\Drivers\aofgnj94.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <===== ATTENTION
Hosts:
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
end
*****************
 
Error: (0) Failed to create a restore point.
Processes closed successfully.
C:\ProgramData\Temp => ":ADF211B1" ADS removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{406631A2-6791-4848-936F-3BA3AD962BBC}C:\windows\explorer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{11A51E0F-A6A2-4EBE-90C9-D4DE7856EF35}C:\windows\explorer.exe => value removed successfully
C:\Windows\system32\GroupPolicy\User => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
adgc7z1u => service removed successfully
aofgnj94 => service removed successfully
 
The operation completed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1594525578-2187793927-1167310059-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {6D799BC1-F6CA-4D15-8636-E149BF1FC3E0}.
0 out of 1 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 1.2 GB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 20:41:33 ====

 

 

Malwarebytes Anti-Malware

www.malwarebytes.org
 
Scan Date: 11/08/2015
Scan Time: 21:06
Logfile: AMAppLog.txt
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.08.11.07
Rootkit Database: v2015.08.06.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: MICKA
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 428006
Time Elapsed: 11 min, 29 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Well done!

Step 1

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 2

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
Step 3

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • In your next reply, post the following log files:
    • Junkware Removal Tool log
    • AdwCleaner log
    • ESET Online Scanner log
Link to post
Share on other sites
Kicker93

Kicker93

Posted
  • Author
Posted

Hello,

Here are the logs:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 7 Ultimate x64
Ran by MICKA on 12/08/2015 at 22:38:06,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Users\MICKA\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage
Successfully deleted: [File] C:\Users\MICKA\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage-journal
 
 
 
~~~ Folders
 
 
 
~~~ FireFox
 
Successfully deleted the following from C:\Users\MICKA\AppData\Roaming\mozilla\firefox\profiles\bvx05aa1.default\prefs.js
 
user_pref(CT2504091.searchProtector.notifyChanges, {\dataType\:\string\,\data\:\false\});
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\MICKA\Appdata\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
 
[C:\Users\MICKA\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\MICKA\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
gkojfkhlekighikafcpjkiklfbnlmeio
 
[C:\Users\MICKA\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\MICKA\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  gkojfkhlekighikafcpjkiklfbnlmeio
]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/08/2015 at 22:42:36,81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

# AdwCleaner v4.208 - Logfile created 12/08/2015 at 22:55:42

# Updated 09/07/2015 by Xplode
# Database : 2015-08-12.1 [server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : MICKA - MICKA-PC
# Running from : C:\Program Files (x86)\adwcleaner_4.208.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v0.0.0.0
 
 
-\\ Mozilla Firefox v36.0.4 (x86 fr)
 
 
-\\ Google Chrome v
 
[C:\Users\MICKA\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : 
[C:\Users\MICKA\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [startup_URLs] : 4E7CDA98FA5C978DF99E90C713D9BFDD163DDCCEE9EEB1040D89FFED72F07D7F"},"software_reporter":{"prompt_reason":"0289136B26E46C3FA15D3F33048EE6370CB75BE0963A8D42FC64126841F90855","prompt_seed":"D6FFFBEDD938DC5A7B8E53E5E1C27734827F56752FD1FEDC965AC28237E5B623","prompt_version":"9F2E758C9541F67C56CA6F9FAFD8215C561982AF3E6872BA5AC85696A4A0B068"},"sync":{"remaining_rollback_tries":"8DC8D6BB70108C2B34AA64CF5CA5AE8E434069027621E3A80C9E9B6FEFD17464"}},"super_mac":"3A914CA598DC2987111B81B56B498AA771915884A1EFE9F2819FDFCB2D0D5695"},"session":{"restore_on_startup":1,"startup_urls":["hxxps://apps.facebook.com/kartriderdash/?fb_source=canvasbookmark&count=0","hxxp://start.mysearchdial.com/?f=1&a=telemsd1103&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDyB0E0DtC0CzzyC0D0A0BtN0D0Tzu0SyCzyzztN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=601244447&ir=
 
-\\ Chromium v
 
 
*************************
 
AdwCleaner[R0].txt - [32558 bytes] - [09/08/2015 02:08:42]
AdwCleaner[R1].txt - [7219 bytes] - [12/08/2015 22:46:30]
AdwCleaner[R2].txt - [7278 bytes] - [12/08/2015 22:52:41]
AdwCleaner[s0].txt - [23101 bytes] - [09/08/2015 02:11:58]
AdwCleaner[s1].txt - [1942 bytes] - [12/08/2015 22:55:42]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [2001  bytes] ##########
 

(I had already runned it as you can see)

As for ESET... well, it did go very well.
It deleted many things it shouldn't have, and completely wiped my hosts file :/

Link to post
Share on other sites
  • 4 months later...
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept