1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Probable Hidden Firewall, need help badly

Discussion in 'Virus & Other Malware Removal' started by FlounderHawk, Feb 26, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. FlounderHawk

    FlounderHawk Thread Starter

    Joined:
    Feb 26, 2015
    Messages:
    17
    """"""Probable Hidden Firewall Hi,

    I restored my computer last month, and since then, I have been unable to connect to servers with applications that aren't internet browsers. I cannot use Skype or Google Talk, and iTunes updates don't work, so I have to go through the browser to download the new one. Google says I may have a firewall blocking, but I don't even have virus protection at the moment. Windows Firewall has been turned on and off, to no avail.

    I really need to be able to connect to things, I can't even connect to a network printer right now. I've tried working this on through 4 different ISPs, so I'm thinking it's my computer. Please help!

    Thank a ton,
    Carlos""""""

    ---------I am having the exact same problem as this guy, Could I do what you guys told him to do and you help me out by any chance?-------

    Link to the old form here > I would have posted there but it said it was closed.
    http://forums.techguy.org/general-security/904496-probable-hidden-firewall.html
     
  2. FlounderHawk

    FlounderHawk Thread Starter

    Joined:
    Feb 26, 2015
    Messages:
    17
    I am currently doing a full scan on Microsoft Security Essentials, though I had just ran this yesterday. I would like to keep whoever is willing to help me up to date.
     
  3. lunarlander

    lunarlander

    Joined:
    Sep 21, 2007
    Messages:
    11,821
    It is better to say things in your own words. So you too have re-installed Windows, and your web browsers connect to the internet, while some other applications cannot. ?

    Can you give us the names of the applications that don't work ?
     
  4. FlounderHawk

    FlounderHawk Thread Starter

    Joined:
    Feb 26, 2015
    Messages:
    17


    Some applications that do not work are Steam, and Smite.

    I'm willing to download and try an application of your choice as a test.
     
  5. FlounderHawk

    FlounderHawk Thread Starter

    Joined:
    Feb 26, 2015
    Messages:
    17
    I just downloaded malwarebytes, ran it and quarantined 300+ items.

    I also tried Trojan Remover.

    After all of this, the problem is still there.
     
  6. valis

    valis Moderator

    Joined:
    Sep 24, 2004
    Messages:
    77,587
    Go here, then click the large blue "Download Now @ Bleeping Computer" button to download and save AdwCleaner.exe to your desktop.

    Close all open windows first, then double-click AdwCleaner.exe to load its main window.

    Click the Scan button, then allow the scanning process to finish.
    (Note: There may be several seconds delay before the progress bar appears, so be patient.)

    Click the Report button.

    When the log appears, save it.

    Return here to your thread, then copy-and-paste the ENTIRE log here.
     
  7. FlounderHawk

    FlounderHawk Thread Starter

    Joined:
    Feb 26, 2015
    Messages:
    17
    # AdwCleaner v4.111 - Logfile created 26/02/2015 at 12:55:46
    # Updated 18/02/2015 by Xplode
    # Database : 2015-02-18.3 [Server]
    # Operating system : Windows 7 Ultimate Service Pack 1 (x64)
    # Username : Matthew - MATTHEW-PC
    # Running from : C:\Users\Matthew\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****

    Service Found : SCBackService

    ***** [ Files / Folders ] *****

    File Found : C:\END
    File Found : C:\Users\Matthew\AppData\LocalLow\SkwConfig.bin
    File Found : C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
    File Found : C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\ta918mac.default\user.js
    File Found : C:\Users\test\AppData\LocalLow\SkwConfig.bin
    File Found : C:\windows\System32\ImhxxpComm.dll
    Folder Found : C:\Program Files (x86)\Conduit
    Folder Found : C:\Program Files (x86)\Tbccint
    Folder Found : C:\ProgramData\Ask
    Folder Found : C:\ProgramData\baidu
    Folder Found : C:\ProgramData\Conduit
    Folder Found : C:\Users\Matthew\AppData\Local\Conduit
    Folder Found : C:\Users\Matthew\AppData\Local\cool_mirage
    Folder Found : C:\Users\Matthew\AppData\Local\CrashRpt
    Folder Found : C:\Users\Matthew\AppData\Local\iLivid
    Folder Found : C:\Users\Matthew\AppData\LocalLow\Conduit
    Folder Found : C:\windows\System32\ljkb
    Folder Found : C:\windows\SysWOW64\ARFC
    Folder Found : C:\windows\SysWOW64\WNLT

    ***** [ Scheduled tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
    Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer
    Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
    Key Found : HKCU\Software\AppDataLow\Toolbar
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\ilivid
    Key Found : HKCU\Software\IM
    Key Found : HKCU\Software\ImInstaller
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{11A88B19-BDD6-4A7A-A03D-7E704B94C043}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B4837D5A-35F4-4CA6-A425-110544261D69}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
    Key Found : HKCU\Software\Tbccint_HKLM
    Key Found : [x64] HKCU\Software\Conduit
    Key Found : [x64] HKCU\Software\ilivid
    Key Found : [x64] HKCU\Software\IM
    Key Found : [x64] HKCU\Software\ImInstaller
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{11A88B19-BDD6-4A7A-A03D-7E704B94C043}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B4837D5A-35F4-4CA6-A425-110544261D69}
    Key Found : [x64] HKCU\Software\Tbccint_HKLM
    Key Found : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
    Key Found : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
    Key Found : HKLM\SOFTWARE\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{B2B7E0CD-E169-43B3-A233-E129610EE314}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
    Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{0DEC13F0-5C8C-4147-8329-6CDFAD9755B7}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E97F0FA-3B44-4634-A87E-8B0D5CFD6365}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{951F5841-FD1E-4F1D-8607-67B174DBD753}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{D1CCB0CC-DA45-4797-93D3-DEE7A13F8177}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DCE24E28-D8EF-49BE-BC01-A1DD3B58FCE3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E4F7F1A5-490E-4884-A9E3-CBD6A25749E1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
    Key Found : HKLM\SOFTWARE\Classes\PutLockerDownloader
    Key Found : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink
    Key Found : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink.1
    Key Found : HKLM\SOFTWARE\Classes\STC.OptionMenu
    Key Found : HKLM\SOFTWARE\Classes\STC.OptionMenu.1
    Key Found : HKLM\SOFTWARE\Classes\STC.Protocol
    Key Found : HKLM\SOFTWARE\Classes\STC.Protocol.1
    Key Found : HKLM\SOFTWARE\Classes\STC.VisualBookmark
    Key Found : HKLM\SOFTWARE\Classes\STC.VisualBookmark.1
    Key Found : HKLM\SOFTWARE\Classes\STC.WebObject
    Key Found : HKLM\SOFTWARE\Classes\STC.WebObject.1
    Key Found : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper
    Key Found : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper.1
    Key Found : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP
    Key Found : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP.1
    Key Found : HKLM\SOFTWARE\Classes\STCHelper.Protocol
    Key Found : HKLM\SOFTWARE\Classes\STCHelper.Protocol.1
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3313053
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A1A533A8-E106-422B-AE29-D0025269AF83}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
    Key Found : HKLM\SOFTWARE\Conduit
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80ED3EBC-CC05-4336-ABCC-295798855718}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\SOFTWARE\WNLT
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}]
    Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}]
    Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}]
    Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{d9284e50-81fc-11da-a72b-0800200c9a66}]

    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17631


    -\\ Mozilla Firefox v35.0.1 (x86 en-US)

    [ta918mac.default] - Line Found : user_pref("searchreset.backup.keyword.URL", "hxxp://mysearch.sweetpacks.com?src=6&barid=&crg=3.5000006.10042&st=23&st=23&q=");

    -\\ Google Chrome v38.0.2125.104

    [C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
    [C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

    -\\ Chromium v

    *************************

    AdwCleaner[R0].txt - [9843 bytes] - [26/02/2015 12:55:46]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9902 bytes] ##########
     
  8. valis

    valis Moderator

    Joined:
    Sep 24, 2004
    Messages:
    77,587
    I'm going to say you are infected. Let's wait for a malware expert to show up.

    thanks,

    v
     
  9. FlounderHawk

    FlounderHawk Thread Starter

    Joined:
    Feb 26, 2015
    Messages:
    17
    Well thank you for your help valis
     
  10. dbreeze

    dbreeze Malware Specialist

    Joined:
    Oct 5, 2014
    Messages:
    431
    First Name:
    David
    Hi FlounderHawk,

    Welcome to Tech Support Guy. My name is dbreeze and I'll be helping you with this problem. Before I get into the removal of malware / correction of your problem, I need you to be aware of the following:
    • Please read all of my response through at least once before attempting to follow the procedures described.I would recommend printing them out, if you can, as you can check off each step as you complete it. Also, as some of the cleaning may be done in Safe Mode and there will be no internet connection then, you will find that having the steps printed for reference speeds the cleaning process along. If there's anything you don't understand or isn't totally clear to you, please come back to me for clarification before you start those steps.
    • All of the assistants and staff at Tech Support Guy are here on a volunteer basis; please respect our time given to the cause of helping others.If you are going to be away for more than 4 days, please let me know here. (I will do the same for you.) We do realize that 'life happens' and situations arise unexpectedly; we just ask that you keep us up to date.
    • Malware removal is a complex, multiple step process; please stay with me on this thread (don't start another thread) until I declare that your logs are clean and you are good to go. The absence of apparent issues does not mean your system is clean; I will tell you when everything looks good for you to go and help you remove the tools we have used.
    • If any of the security programs on your system should give any warnings about the software tools I ask you to download and use, please do not be alarmed.All of the tools I will have you use are safe to use (as instructed) and malware free.
    • While we strive to disrupt your system as little as possible, things happen.If you can, it would be best to back up your personal files now (if you do not already have a backup). You can store these on a CD/DVD, USB drive or stick, anywhere but on your same system. This will save you from possible anguish later if something unforeseen happens.
    • Please do not run any other tools or scanners than what I ask you to.Some of the openly available software made for malware removal can make changes to your system that interfere with the cleaning of the malware, or even destroy your system. I will use only what the situation calls for and direct you in the proper use of that software.
    • Please do not attach any log files to your replies unless I specifically ask you.Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.

      - Save ALL Tools to your Desktop-
      All the tools that I will have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

      Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
      [​IMG]Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.[​IMG] Choose Settings. at the bottom of the screen click the
      "Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
      [​IMG]Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. [​IMG] Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
      and the click the "Select Folder" button. Click OK to get out of the Options menu.
      [​IMG]Internet Explorer - Click the Tools menu in the upper right-corner of the browser. [​IMG] Select View downloads. Select the Options link in the lower left of the window. Click Browse and
      select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
      NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
    Let's get started....

    Please download Farbar Recovery Scan Tool 64bit and save it to your Desktop.

    • Right click the FRST file on your desktop and select "Run as Administrator..." (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • If an update is available, the program will inform you and download the update. Allow it do this please.
    • Once the tool shows "The tool is ready to use." message, please press the Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
     
  11. valis

    valis Moderator

    Joined:
    Sep 24, 2004
    Messages:
    77,587
    thanks dbreeze. :)
     
  12. dbreeze

    dbreeze Malware Specialist

    Joined:
    Oct 5, 2014
    Messages:
    431
    First Name:
    David
    You are welcome; just need the logs and will get going on it.
     
  13. FlounderHawk

    FlounderHawk Thread Starter

    Joined:
    Feb 26, 2015
    Messages:
    17
    Hello and thank you so much for your time dbreeze. I've read over your instructions, and am now following them as you say. I'll now post both the FRST.txt and the addition.txt here.




    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
    Ran by Matthew (administrator) on MATTHEW-PC on 28-02-2015 06:02:52
    Running from C:\Users\Matthew\Desktop
    Loaded Profiles: Matthew (Available profiles: Matthew & test)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    () C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
    (New Softwares.net) C:\Windows\SysWOW64\WinFLService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Sitecom\RT2870 Flash Install Wireless LAN Card\AutoInstSvc\RaAutoInstSrv.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
    () C:\Windows\SysWOW64\WinService.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Microsoft Corporation) C:\Windows\System32\dinotify.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    ( New Softwares.net) C:\Windows\SysWOW64\WinFLTray.exe
    (New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
    ( New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServ.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
    (Azureus Software, Inc) C:\Program Files\Vuze\Azureus.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12632168 2011-07-19] (Realtek Semiconductor)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
    HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
    HKLM-x32\...\Run: [STCAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe [776064 2011-03-04] (Splashtop Inc.)
    HKLM-x32\...\Run: [ZyngaGamesAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [841544 2010-11-15] (Splashtop Inc.)
    HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1791856 2014-10-16] (Simply Super Software)
    HKU\S-1-5-21-298899731-1277183411-3383363015-1000\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-298899731-1277183411-3383363015-1000\...\Run: [WinFLTray] => C:\Windows\SysWow64\WinFLTray.exe [321736 2014-02-20] ( New Softwares.net)
    HKU\S-1-5-21-298899731-1277183411-3383363015-1000\...\Run: [FLBackup] => C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [275656 2014-02-20] (New Softwares.net)
    HKU\S-1-5-21-298899731-1277183411-3383363015-1000\...\MountPoints2: {7aec06c4-d89d-11e3-a490-50e549d0656d} - D:\VerizonSWUpgradeAssistantLauncher.exe
    HKU\S-1-5-21-298899731-1277183411-3383363015-1000\...\MountPoints2: {807c1191-9cb7-11e1-8961-50e549d0656d} - E:\AutoInst.exe
    HKU\S-1-5-21-298899731-1277183411-3383363015-1000\...\MountPoints2: {91282802-aebf-11e1-b841-50e549d0656d} - E:\autorun.exe
    HKU\S-1-5-21-298899731-1277183411-3383363015-1000\...\MountPoints2: {91282816-aebf-11e1-b841-50e549d0656d} - F:\YDKJAutorun.exe
    HKU\S-1-5-21-298899731-1277183411-3383363015-1000\...\MountPoints2: {d32d6529-4e63-11e2-a182-f68f6741ce6d} - D:\setup.exe -a
    HKU\S-1-5-21-298899731-1277183411-3383363015-1000\...\Winlogon: [Shell] C:\windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
    ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => No File
    ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => No File
    ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => No File
    ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => No File
    ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => No File
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKU\S-1-5-21-298899731-1277183411-3383363015-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=COSP&ptag=D022215-ABA01A7CCEB2146F8A7F&form=CONMHP&conlogo=CT3330961
    HKU\S-1-5-21-298899731-1277183411-3383363015-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
    URLSearchHook: HKU\S-1-5-21-298899731-1277183411-3383363015-1000 - Splashtop Connect SearchHook - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.)
    SearchScopes: HKLM-x32 -> DefaultScope {11A88B19-BDD6-4A7A-A03D-7E704B94C043} URL =
    SearchScopes: HKU\S-1-5-21-298899731-1277183411-3383363015-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?pc=COSP&ptag=D022215-ABA01A7CCEB2146F8A7F&form=CONBDF&conlogo=CT3330961&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-298899731-1277183411-3383363015-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?pc=COSP&ptag=D022215-ABA01A7CCEB2146F8A7F&form=CONBDF&conlogo=CT3330961&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-298899731-1277183411-3383363015-1000 -> {11A88B19-BDD6-4A7A-A03D-7E704B94C043} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3313053&CUI=UN28787459561955343&UM=2
    SearchScopes: HKU\S-1-5-21-298899731-1277183411-3383363015-1000 -> {25838620-B46E-4b82-8CDE-1AA65F43C89E} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
    SearchScopes: HKU\S-1-5-21-298899731-1277183411-3383363015-1000 -> {B4837D5A-35F4-4CA6-A425-110544261D69} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=9C63BABE-82EC-44EE-829B-2E79F5B4BDCF&apn_sauid=1F2E9016-9BA6-45A0-8BAD-BA1F6C2A2390
    SearchScopes: HKU\S-1-5-21-298899731-1277183411-3383363015-1000 -> {D4394539-5450-4f44-BDA4-CB47E69D1D7E} URL = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
    BHO: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
    BHO-x32: Splashtop Connect VisualBookmark -> {0E5680D1-BF44-4929-94AF-FD30D784AD1D} -> C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    Toolbar: HKU\S-1-5-21-298899731-1277183411-3383363015-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
    ShellExecuteHooks: - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
    Winsock: Catalog9 01 C:\windows\SysWOW64\LavasoftTcpService.dll [326240] (Lavasoft Limited)
    Winsock: Catalog9 02 C:\windows\SysWOW64\LavasoftTcpService.dll [326240] (Lavasoft Limited)
    Winsock: Catalog9 03 C:\windows\SysWOW64\LavasoftTcpService.dll [326240] (Lavasoft Limited)
    Winsock: Catalog9 04 C:\windows\SysWOW64\LavasoftTcpService.dll [326240] (Lavasoft Limited)
    Winsock: Catalog9 15 C:\windows\SysWOW64\LavasoftTcpService.dll [326240] (Lavasoft Limited)
    Winsock: Catalog9-x64 01 C:\windows\system32\LavasoftTcpService64.dll [372264] (Lavasoft Limited)
    Winsock: Catalog9-x64 02 C:\windows\system32\LavasoftTcpService64.dll [372264] (Lavasoft Limited)
    Winsock: Catalog9-x64 03 C:\windows\system32\LavasoftTcpService64.dll [372264] (Lavasoft Limited)
    Winsock: Catalog9-x64 04 C:\windows\system32\LavasoftTcpService64.dll [372264] (Lavasoft Limited)
    Winsock: Catalog9-x64 15 C:\windows\system32\LavasoftTcpService64.dll [372264] (Lavasoft Limited)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
    Tcpip\..\Interfaces\{2077297B-E844-44DA-B85A-117FBAB5DA0E}: [NameServer] 24.247.24.53,66.189.0.100,24.178.162.3

    FireFox:
    ========
    FF ProfilePath: C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\ta918mac.default
    FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D022215-ABA01A7CCEB2146F8A7F&form=CONMHP&conlogo=CT3330961
    FF DefaultSearchEngine: Bing
    FF SelectedSearchEngine: Bing
    FF Homepage: www.google.com
    FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll (Unity Technologies ApS)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
    FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
    FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
    FF Plugin HKU\S-1-5-21-298899731-1277183411-3383363015-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Matthew\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin HKU\S-1-5-21-298899731-1277183411-3383363015-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF user.js: detected! => C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\ta918mac.default\user.js
    FF Extension: Super Start - C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\ta918mac.default\Extensions\[email protected] [2015-01-04]
    FF HKLM-x32\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}
    FF Extension: Splashtop Connect Companion - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2014-10-23]
    FF HKLM-x32\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}
    FF Extension: Splashtop Connect - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2014-10-23]
    FF HKLM-x32\...\Firefox\Extensions: [{d9284e50-81fc-11da-a72b-0800200c9a66}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66}
    FF Extension: Yoono - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2014-10-23]

    Chrome:
    =======
    CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=ME0DF7B26-00E2-4985-9EAA-51AE53293ACA&SearchSource=55&CUI=&UM=6&UP=SP18614FE1-AB4B-48FB-9F22-365A97CD5743&SSPV="
    CHR Profile: C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-23]
    CHR Extension: (Google Wallet) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-23]
    CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\mjcm\SweetNT.crx [2014-10-23]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
    R2 D_Link_DWA-125_WPS; C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe [53248 2010-07-12] () [File not signed]
    S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [182304 2014-12-26] (EasyAntiCheat Ltd)
    R2 FLService; C:\Windows\SysWow64\WinFLService.exe [92360 2014-02-20] (New Softwares.net)
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
    U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-02-24] (Hi-Rez Studios) [File not signed]
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
    S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4981488 2013-05-02] (INCA Internet Co., Ltd.) [File not signed]
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-04] ()
    R2 RaAutoInstSrv_RT2870; C:\Program Files (x86)\Sitecom\RT2870 Flash Install Wireless LAN Card\AutoInstSvc\RaAutoInstSrv.exe [20480 2008-09-11] (Ralink Technology, Corp.) [File not signed]
    R2 SCBackService; C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe [477000 2010-11-15] (Splashtop Inc.)
    R2 SCM_Service; C:\Windows\SysWOW64\WinService.exe [186848 2010-05-10] ()
    R2 WCUService_STC_FF; C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [493384 2011-03-23] (Splashtop Inc.)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    S2 yoyoyo; C:\Users\Matthew\Desktop\Space Engineers\Space Engineers\DedicatedServer\SpaceEngineersDedicated.exe [126904 2014-11-14] (Keen Software House)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2010-05-29] ()
    R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
    S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-28] (Atheros Communications, Inc.)
    S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2015-02-13] (Echobit, LLC)
    S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-27] ()
    R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-28] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
    S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [115272 2012-03-25] (MotioninJoy) [File not signed]
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
    S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2012-03-26] (Apple Inc.) [File not signed]
    R2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2014-02-20] ()
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
    S3 NPF; C:\Windows\SysWOW64\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
    S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2015-01-26] (The OpenVPN Project)
    S3 RTL8187; C:\Windows\System32\DRIVERS\wg111v2.sys [450048 2010-04-06] (NETGEAR Inc.)
    S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]
    R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [34816 2014-02-20] ()
    R2 WinVDEDrv; C:\Windows\SysWow64\WinVDEdrv.sys [225680 2014-02-20] (NewSoftwares.net, Inc.)
    S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
    S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-28 06:02 - 2015-02-28 06:03 - 00024067 _____ () C:\Users\Matthew\Desktop\FRST.txt
    2015-02-28 06:02 - 2015-02-28 06:02 - 02087936 _____ (Farbar) C:\Users\Matthew\Desktop\FRST64.exe
    2015-02-28 06:02 - 2015-02-28 06:02 - 00000000 ____D () C:\FRST
    2015-02-27 11:57 - 2015-02-27 11:57 - 00001602 _____ () C:\Users\test\Desktop\Besiege_v0.01.lnk
    2015-02-27 11:57 - 2015-02-27 11:57 - 00001602 _____ () C:\Users\Matthew\Desktop\Besiege_v0.01.lnk
    2015-02-26 23:40 - 2015-02-26 23:40 - 00001224 _____ () C:\Users\Matthew\Desktop\Total War - Rome II.lnk
    2015-02-26 23:40 - 2015-02-26 23:40 - 00000000 ____D () C:\Users\Matthew\AppData\Roaming\Total War - Rome II
    2015-02-26 13:25 - 2015-02-26 13:26 - 00000000 ____D () C:\Users\Matthew\Desktop\DD7740
    2015-02-26 12:55 - 2015-02-26 12:57 - 00000000 ____D () C:\AdwCleaner
    2015-02-26 12:54 - 2015-02-26 12:54 - 02126848 _____ () C:\Users\Matthew\Downloads\AdwCleaner.exe
    2015-02-26 11:38 - 2015-02-26 11:38 - 00000000 ____D () C:\Users\Matthew\Documents\Simply Super Software
    2015-02-26 11:37 - 2015-02-26 11:37 - 00001085 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk
    2015-02-26 11:37 - 2015-02-26 11:37 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
    2015-02-26 11:35 - 2015-02-26 11:36 - 31390952 _____ (Simply Super Software ) C:\Users\Matthew\Downloads\trjsetup691.exe
    2015-02-26 10:50 - 2015-02-28 00:09 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
    2015-02-26 10:49 - 2015-02-26 10:49 - 00001088 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-02-26 10:49 - 2015-02-26 10:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-02-26 10:49 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
    2015-02-26 10:49 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
    2015-02-26 10:49 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
    2015-02-26 10:47 - 2015-02-26 10:47 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Matthew\Downloads\mbam-setup-2.0.4.1028.exe
    2015-02-26 00:35 - 2015-02-26 00:35 - 00509440 _____ (Tech Support Guy System) C:\Users\Matthew\Downloads\SysInfo.exe
    2015-02-25 14:44 - 2015-02-26 12:08 - 00000770 _____ () C:\windows\DirectX.log
    2015-02-25 14:12 - 2015-02-25 14:12 - 00002025 _____ () C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
    2015-02-25 14:12 - 2015-02-25 14:12 - 00002006 _____ () C:\Users\Public\Desktop\Smite.lnk
    2015-02-25 14:10 - 2015-02-25 14:11 - 46660304 _____ (Hi-Rez Studios) C:\Users\Matthew\Downloads\InstallSmite.exe
    2015-02-25 11:42 - 2015-02-25 11:43 - 00008008 _____ () C:\Users\Matthew\Desktop\chat with xfinity.txt
    2015-02-25 09:09 - 2015-02-25 09:09 - 00109296 _____ () C:\Users\Matthew\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-02-25 09:06 - 2015-02-26 21:01 - 00000728 _____ () C:\windows\setupact.log
    2015-02-25 09:06 - 2015-02-26 12:38 - 00097264 _____ () C:\windows\PFRO.log
    2015-02-25 09:06 - 2015-02-25 09:06 - 05026560 _____ () C:\windows\system32\FNTCACHE.DAT
    2015-02-25 09:06 - 2015-02-25 09:06 - 00000000 _____ () C:\windows\setuperr.log
    2015-02-25 06:45 - 2015-02-28 05:59 - 00000000 ____D () C:\Users\Matthew\AppData\Roaming\Azureus
    2015-02-25 06:45 - 2015-02-25 06:45 - 00001758 _____ () C:\Users\Public\Desktop\Vuze.lnk
    2015-02-25 06:45 - 2015-02-25 06:45 - 00000000 ____D () C:\Program Files\Vuze
    2015-02-25 06:42 - 2015-02-25 06:42 - 00072008 _____ (Azureus Software, Inc.) C:\Users\Matthew\Downloads\VuzeBittorrentClientInstaller.exe
    2015-02-25 05:52 - 2015-02-25 05:52 - 00003324 _____ () C:\windows\System32\Tasks\{943CB9E7-3E95-476F-9C53-8AD20E209918}
    2015-02-25 04:32 - 2015-02-25 04:32 - 00000222 _____ () C:\Users\Matthew\Desktop\No More Room in Hell.url
    2015-02-25 04:15 - 2015-02-27 11:20 - 00000943 _____ () C:\Users\Public\Desktop\Steam.lnk
    2015-02-25 04:15 - 2015-02-27 11:19 - 00000000 ____D () C:\Program Files (x86)\Steam
    2015-02-25 04:14 - 2015-02-25 04:14 - 01142128 _____ () C:\Users\Matthew\Downloads\SteamSetup(2).exe
    2015-02-25 04:05 - 2015-02-25 04:05 - 00000000 ____D () C:\Users\Matthew\Downloads\The Hunger Games Mockingjay Part 1 2014 1080p BRRip x264 AC3-JYK
    2015-02-25 03:36 - 2015-02-25 03:36 - 00000852 _____ () C:\Users\test\Desktop\µTorrent.lnk
    2015-02-25 03:36 - 2015-02-25 03:36 - 00000832 _____ () C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
    2015-02-25 03:35 - 2015-02-25 03:38 - 00000000 ____D () C:\Users\test\AppData\Roaming\uTorrent
    2015-02-25 03:07 - 2015-02-25 03:07 - 00000000 ____D () C:\Users\test\AppData\Local\Steam
    2015-02-25 03:06 - 2015-02-25 03:06 - 00002377 _____ () C:\Users\test\Documents\MumbleAutomaticCertificateBackup.p12
    2015-02-25 03:05 - 2015-02-25 03:05 - 00000000 ____D () C:\Users\test\AppData\Local\SWDS
    2015-02-25 03:00 - 2015-02-25 03:07 - 00000000 ____D () C:\Users\test\AppData\Roaming\Mumble
    2015-02-25 03:00 - 2015-01-08 18:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
    2015-02-25 03:00 - 2015-01-08 18:43 - 00419936 _____ () C:\windows\system32\locale.nls
    2015-02-25 02:58 - 2015-02-25 02:58 - 00000000 __SHD () C:\Users\test\AppData\Local\EmieUserList
    2015-02-25 02:58 - 2015-02-25 02:58 - 00000000 __SHD () C:\Users\test\AppData\Local\EmieSiteList
    2015-02-25 02:58 - 2015-02-25 02:58 - 00000000 __SHD () C:\Users\test\AppData\Local\EmieBrowserModeList
    2015-02-25 02:57 - 2015-02-25 02:57 - 00109296 _____ () C:\Users\test\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-02-25 02:57 - 2015-02-25 02:57 - 00001416 _____ () C:\Users\test\Desktop\Games.lnk
    2015-02-25 02:57 - 2015-02-25 02:57 - 00001416 _____ () C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
    2015-02-25 02:57 - 2015-02-25 02:57 - 00000000 ____D () C:\Users\test\AppData\Roaming\Splashtop
    2015-02-25 02:57 - 2015-02-25 02:57 - 00000000 ____D () C:\Users\test\AppData\Local\NVIDIA Corporation
    2015-02-25 02:56 - 2015-02-25 02:56 - 00002227 _____ () C:\Users\test\Desktop\Google Chrome.lnk
    2015-02-25 02:56 - 2015-02-25 02:56 - 00001385 _____ () C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2015-02-25 02:56 - 2015-02-25 02:56 - 00000020 ___SH () C:\Users\test\ntuser.ini
    2015-02-25 02:56 - 2015-02-25 02:56 - 00000000 ____D () C:\Users\test\AppData\Roaming\Adobe
    2015-02-25 02:56 - 2015-02-25 02:56 - 00000000 ____D () C:\Users\test\AppData\Local\NVIDIA
    2015-02-25 02:56 - 2015-02-25 02:56 - 00000000 ____D () C:\Users\test\AppData\Local\Google
    2015-02-25 02:56 - 2015-02-25 02:56 - 00000000 ____D () C:\Users\test
    2015-02-25 02:56 - 2014-10-23 10:50 - 00000000 ____D () C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2015-02-25 02:56 - 2014-10-23 10:50 - 00000000 ____D () C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-02-25 02:56 - 2014-10-23 09:58 - 00000000 ____D () C:\Users\test\AppData\Roaming\Macromedia
    2015-02-25 01:25 - 2015-02-25 01:25 - 01142128 _____ () C:\Users\Matthew\Downloads\SteamSetup(1).exe
    2015-02-24 05:06 - 2015-02-24 05:41 - 00000000 ____D () C:\Users\Matthew\Desktop\TPPI server
    2015-02-24 00:17 - 2015-02-24 00:17 - 00001624 _____ () C:\Users\Public\Desktop\Terraria.lnk
    2015-02-24 00:15 - 2015-02-24 00:15 - 109184312 _____ (GOG.com ) C:\Users\Matthew\Downloads\setup_terraria_2.0.0.1.exe
    2015-02-24 00:01 - 2015-02-25 06:52 - 00000000 ____D () C:\Users\Matthew\AppData\Roaming\uTorrent
    2015-02-24 00:01 - 2015-02-24 00:01 - 01742416 _____ (BitTorrent Inc.) C:\Users\Matthew\Downloads\uTorrent.exe
    2015-02-22 22:22 - 2015-02-22 22:27 - 00000000 ____D () C:\Users\Matthew\Desktop\Darkest Dungeon
    2015-02-22 07:39 - 2015-02-22 21:45 - 00005280 _____ () C:\windows\SysWOW64\LavasoftTcpService.ini
    2015-02-22 07:39 - 2015-02-22 21:45 - 00002976 _____ () C:\windows\SysWOW64\LavasoftTcpServiceOff.ini
    2015-02-22 07:39 - 2015-02-22 21:45 - 00002976 _____ () C:\windows\system32\LavasoftTcpServiceOff.ini
    2015-02-22 07:39 - 2015-02-22 07:39 - 00000000 ____D () C:\Users\Matthew\AppData\Local\Lavasoft
    2015-02-22 07:39 - 2015-02-18 11:55 - 00372264 _____ (Lavasoft Limited) C:\windows\system32\LavasoftTcpService64.dll
    2015-02-22 07:39 - 2015-02-18 11:55 - 00326240 _____ (Lavasoft Limited) C:\windows\SysWOW64\LavasoftTcpService.dll
    2015-02-22 07:38 - 2015-02-22 07:38 - 00000000 ____D () C:\Users\Matthew\Documents\My Cheat Tables
    2015-02-22 01:47 - 2015-02-22 01:49 - 00000000 ____D () C:\Users\Matthew\Downloads\3DMGAME-Darkest.Dungeon.Build.7635.Cracked-3DM
    2015-02-19 02:38 - 2015-02-19 02:38 - 00000000 ____D () C:\Users\Matthew\AppData\Local\Steam
    2015-02-19 00:08 - 2015-02-19 00:09 - 00000000 ____D () C:\Users\Matthew\Desktop\TheMadPack_200Beta12
    2015-02-18 06:32 - 2015-02-23 23:38 - 00000000 ____D () C:\Users\Matthew\Downloads\Family.Guy.S13E04.Brian.the.Closer.720p.WEB-DL.x264.AAC
    2015-02-18 06:31 - 2015-02-23 23:38 - 00000000 ____D () C:\Users\Matthew\Downloads\Family.Guy.S13E03.Baking.Bad.720p.WEB-DL.x264.AAC
    2015-02-18 06:31 - 2015-02-23 23:38 - 00000000 ____D () C:\Users\Matthew\Downloads\Family.Guy.S13E02.Book.of.Joe.WEB-DL.x264.AAC
    2015-02-17 17:01 - 2015-02-23 23:38 - 00000000 ____D () C:\Users\Matthew\Downloads\Family.Guy.S13E01.The.Simpsons.Guy.1080p.WEB-DL.DD5.1.H.264-CtrlHD[rarbg]
    2015-02-16 02:07 - 2015-02-23 23:38 - 00000000 ____D () C:\Users\Matthew\Downloads\Alexander and the Terrible, Horrible, No Good, Very Bad Day (2014)
    2015-02-16 01:59 - 2015-02-23 23:38 - 00000000 ____D () C:\Users\Matthew\Downloads\Playing It Cool (2014)
    2015-02-16 00:49 - 2015-02-16 00:49 - 00000000 ____D () C:\Users\Matthew\AppData\Local\Doctor Entertainment AB
    2015-02-14 21:15 - 2015-02-23 23:38 - 00000000 ____D () C:\Users\Matthew\Downloads\John Doe Vigilante (2014)
    2015-02-14 00:50 - 2015-02-14 00:56 - 00000000 ____D () C:\Users\Matthew\Downloads\Evolve [R.G.Origins]
    2015-02-13 17:14 - 2015-02-13 17:14 - 00021656 _____ (Echobit, LLC) C:\windows\system32\Drivers\evolve.sys
    2015-02-13 17:12 - 2015-02-13 17:12 - 00000000 ____D () C:\Users\Matthew\AppData\Local\Echobit
    2015-02-13 17:11 - 2015-02-13 17:12 - 03258328 _____ (Echobit LLC) C:\Users\Matthew\Downloads\EvolveSetup.exe
    2015-02-13 02:52 - 2015-02-17 18:11 - 00000000 ____D () C:\Users\Matthew\.matplotlib
    2015-02-13 02:52 - 2015-02-13 02:52 - 00001077 _____ () C:\Users\Public\Desktop\FA Forever Lobby.lnk
    2015-02-13 02:52 - 2015-02-13 02:52 - 00000000 ____D () C:\Program Files (x86)\Forged Alliance Forever
    2015-02-13 02:50 - 2015-02-13 02:51 - 44579328 _____ () C:\Users\Matthew\Downloads\FAForeverLobby-0.10.122.msi
    2015-02-13 02:48 - 2015-02-13 02:48 - 00002606 _____ () C:\Users\Public\Desktop\Forged Alliance.lnk
    2015-02-13 02:38 - 2015-02-13 02:38 - 00000000 ____D () C:\Program Files (x86)\THQ
    2015-02-13 02:12 - 2015-02-13 02:21 - 00000000 ____D () C:\Users\Matthew\Downloads\Supreme.Commander.Forged.Alliance-RELOADED
    2015-02-12 23:54 - 2015-02-13 01:30 - 00000000 ____D () C:\Program Files (x86)\OpenVPN Technologies
    2015-02-12 23:53 - 2015-02-12 23:53 - 27410776 _____ (OpenVPN Technologies) C:\Users\Matthew\Downloads\privatetunnel-win-2.4.exe
    2015-02-12 03:42 - 2015-02-22 03:49 - 00000077 _____ () C:\Users\Matthew\.atl.properties
    2015-02-12 03:42 - 2015-02-22 03:48 - 00000000 ____D () C:\Users\Matthew\Desktop\AtL
    2015-02-12 02:25 - 2015-02-12 02:25 - 00000000 ____D () C:\Users\Matthew\AppData\Local\LogMeIn
    2015-02-12 02:24 - 2015-02-12 02:24 - 08536064 _____ () C:\Users\Matthew\Downloads\Hamachi.msi
    2015-02-11 21:31 - 2015-01-22 23:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
    2015-02-11 21:31 - 2015-01-22 22:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
    2015-02-11 21:31 - 2015-01-22 22:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
    2015-02-11 21:30 - 2015-01-22 23:42 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
    2015-02-11 13:54 - 2015-02-11 13:54 - 00000000 ____D () C:\Users\Matthew\AppData\Local\My Games
    2015-02-11 13:43 - 2015-02-18 21:29 - 00000000 ____D () C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
    2015-02-11 13:43 - 2015-02-11 13:43 - 00001040 _____ () C:\Users\Public\Desktop\Sid Meiers Civilization Beyond Earth.lnk
    2015-02-11 13:33 - 2015-02-11 13:34 - 00000000 ____D () C:\Users\Matthew\Downloads\Sid.Meiers.Civilization.Beyond.Earth-RELOADED[rarbg]
    2015-02-11 08:22 - 2015-02-11 08:22 - 00001151 _____ () C:\Users\Matthew\Desktop\Evolve.lnk
    2015-02-11 08:05 - 2015-02-11 08:23 - 00000000 ____D () C:\Program Files (x86)\Evolve
    2015-02-11 08:01 - 2015-02-27 12:42 - 00003758 _____ () C:\windows\System32\Tasks\AutoKMS
    2015-02-11 02:32 - 2015-01-14 00:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
    2015-02-11 02:32 - 2015-01-14 00:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
    2015-02-11 02:32 - 2015-01-11 22:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
    2015-02-11 02:32 - 2015-01-11 22:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
    2015-02-11 02:32 - 2015-01-11 21:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
    2015-02-11 02:32 - 2015-01-11 21:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
    2015-02-11 02:32 - 2015-01-11 21:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
    2015-02-11 02:32 - 2015-01-11 21:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
    2015-02-11 02:32 - 2015-01-11 21:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
    2015-02-11 02:32 - 2015-01-11 21:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
    2015-02-11 02:32 - 2015-01-11 21:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
    2015-02-11 02:32 - 2015-01-11 21:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
    2015-02-11 02:32 - 2015-01-11 21:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
    2015-02-11 02:32 - 2015-01-11 21:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
    2015-02-11 02:32 - 2015-01-11 21:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
    2015-02-11 02:32 - 2015-01-11 20:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
    2015-02-11 02:32 - 2015-01-11 20:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
    2015-02-11 02:32 - 2015-01-11 20:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-02-11 02:32 - 2015-01-11 20:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
    2015-02-11 02:32 - 2015-01-11 20:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
    2015-02-11 02:32 - 2015-01-11 20:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
    2015-02-11 02:32 - 2015-01-11 20:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
    2015-02-11 02:32 - 2015-01-11 20:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
    2015-02-11 02:32 - 2015-01-11 19:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
    2015-02-11 02:32 - 2015-01-11 19:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
    2015-02-11 02:32 - 2015-01-10 01:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
    2015-02-11 02:32 - 2015-01-10 01:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
    2015-02-11 02:32 - 2015-01-10 01:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
    2015-02-11 02:32 - 2015-01-10 01:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
    2015-02-11 02:32 - 2015-01-10 01:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
    2015-02-11 02:32 - 2015-01-10 01:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
    2015-02-11 02:32 - 2015-01-10 01:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
    2015-02-11 02:32 - 2015-01-10 01:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
    2015-02-11 02:32 - 2015-01-10 01:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
    2015-02-11 02:32 - 2015-01-10 01:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
    2015-02-11 02:32 - 2015-01-10 01:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
    2015-02-11 02:32 - 2015-01-10 01:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
    2015-02-11 02:32 - 2015-01-10 01:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
    2015-02-11 02:32 - 2015-01-10 01:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
    2015-02-11 02:32 - 2014-12-12 00:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
    2015-02-11 02:32 - 2014-12-12 00:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
    2015-02-11 02:32 - 2014-07-06 21:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
    2015-02-11 02:32 - 2014-07-06 21:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
    2015-02-11 02:32 - 2014-07-06 20:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
    2015-02-11 02:32 - 2014-07-06 20:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
    2015-02-11 02:31 - 2015-01-15 03:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
    2015-02-11 02:31 - 2015-01-15 03:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
    2015-02-11 02:31 - 2015-01-15 03:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
    2015-02-11 02:31 - 2015-01-15 03:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
    2015-02-11 02:31 - 2015-01-15 03:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
    2015-02-11 02:31 - 2015-01-15 03:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
    2015-02-11 02:31 - 2015-01-15 03:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
    2015-02-11 02:31 - 2015-01-15 03:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
    2015-02-11 02:31 - 2015-01-15 03:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
    2015-02-11 02:31 - 2015-01-15 03:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
    2015-02-11 02:31 - 2015-01-15 03:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
    2015-02-11 02:31 - 2015-01-15 02:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
    2015-02-11 02:31 - 2015-01-15 02:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
    2015-02-11 02:31 - 2015-01-15 02:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
    2015-02-11 02:31 - 2015-01-15 02:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
    2015-02-11 02:31 - 2015-01-15 02:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
    2015-02-11 02:31 - 2015-01-15 02:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
    2015-02-11 02:31 - 2015-01-14 23:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
    2015-02-11 02:31 - 2015-01-12 22:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
    2015-02-11 02:31 - 2015-01-12 21:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
    2015-02-11 02:31 - 2015-01-11 22:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
    2015-02-11 02:31 - 2015-01-11 21:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
    2015-02-11 02:31 - 2015-01-11 21:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
    2015-02-11 02:31 - 2015-01-11 21:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
    2015-02-11 02:31 - 2015-01-11 21:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
    2015-02-11 02:31 - 2015-01-11 21:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
    2015-02-11 02:31 - 2015-01-11 21:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
    2015-02-11 02:31 - 2015-01-11 21:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
    2015-02-11 02:31 - 2015-01-11 21:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
    2015-02-11 02:31 - 2015-01-11 21:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
    2015-02-11 02:31 - 2015-01-11 21:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
    2015-02-11 02:31 - 2015-01-11 21:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
    2015-02-11 02:31 - 2015-01-11 21:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
    2015-02-11 02:31 - 2015-01-11 21:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
    2015-02-11 02:31 - 2015-01-11 20:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
    2015-02-11 02:31 - 2015-01-11 20:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
    2015-02-11 02:31 - 2015-01-11 20:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
    2015-02-11 02:31 - 2015-01-11 20:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
    2015-02-11 02:31 - 2015-01-11 20:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
    2015-02-11 02:31 - 2015-01-11 20:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
    2015-02-11 02:31 - 2015-01-11 20:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
    2015-02-11 02:31 - 2015-01-11 20:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
    2015-02-11 02:31 - 2015-01-11 20:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
    2015-02-11 02:31 - 2015-01-11 20:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
    2015-02-11 02:31 - 2015-01-11 20:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
    2015-02-11 02:31 - 2015-01-11 20:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
    2015-02-11 02:31 - 2015-01-11 20:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
    2015-02-11 02:30 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
    2015-02-11 02:30 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
    2015-02-11 02:30 - 2014-11-25 22:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
    2015-02-11 02:30 - 2014-11-25 22:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
    2015-02-11 02:30 - 2014-10-03 21:10 - 03722752 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
    2015-02-11 02:30 - 2014-10-03 20:42 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
    2015-02-11 02:30 - 2014-10-03 20:42 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
    2015-02-11 02:29 - 2015-01-14 01:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
    2015-02-11 02:29 - 2015-01-14 01:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
    2015-02-11 02:29 - 2015-01-14 01:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
    2015-02-11 02:29 - 2015-01-14 01:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
    2015-02-11 02:29 - 2015-01-14 00:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
    2015-02-11 02:29 - 2015-01-14 00:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
    2015-02-11 02:29 - 2015-01-14 00:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
    2015-02-11 02:29 - 2015-01-08 21:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
    2015-02-10 22:40 - 2015-02-10 23:14 - 00000000 ____D () C:\Users\Matthew\Downloads\Evolve-CODEX
    2015-02-09 08:42 - 2015-02-13 01:31 - 00000663 _____ () C:\Users\Matthew\Documents\Uninstall STAR WARS The Old Republic.log
    2015-02-09 08:36 - 2015-02-09 08:36 - 01142128 _____ () C:\Users\Matthew\Downloads\SteamSetup.exe
    2015-02-08 20:30 - 2015-02-08 21:06 - 00000000 ____D () C:\Users\Matthew\Desktop\Agrarian Skies
    2015-02-07 18:31 - 2015-02-10 22:38 - 00000000 ____D () C:\Users\Matthew\Downloads\The Wizard of Oz (2939) [1080p]
    2015-02-05 08:42 - 2015-02-05 08:42 - 05070512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
    2015-02-05 02:51 - 2015-02-05 02:51 - 00000000 ____D () C:\Users\Matthew\AppData\Roaming\Trove
    2015-02-05 02:44 - 2015-02-05 02:44 - 00001833 _____ () C:\Users\Matthew\Desktop\Trove.lnk
    2015-02-05 02:31 - 2015-02-25 12:09 - 00000000 ____D () C:\Program Files (x86)\Glyph
    2015-02-05 02:31 - 2015-02-05 02:31 - 00000969 _____ () C:\Users\Matthew\Desktop\Glyph.lnk
    2015-02-05 02:31 - 2015-02-05 02:31 - 00000000 ____D () C:\Users\Matthew\AppData\Local\Glyph
    2015-02-03 06:31 - 2015-02-03 06:34 - 00000000 ____D () C:\Users\Matthew\AppData\Roaming\SpaceEngineers
    2015-02-03 06:27 - 2015-02-03 06:28 - 00000000 ____D () C:\Users\Matthew\Desktop\Space Engineers

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-28 06:02 - 2014-10-23 09:40 - 00000000 ____D () C:\Users\Matthew\AppData\Roaming\Mumble
    2015-02-28 06:01 - 2014-10-23 08:29 - 01538942 _____ () C:\windows\WindowsUpdate.log
    2015-02-28 05:57 - 2014-10-23 08:39 - 00000900 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-02-28 05:50 - 2014-10-23 09:07 - 00003942 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{842692F8-5C9B-4602-9D23-70958F310300}
    2015-02-28 05:42 - 2014-10-23 08:39 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
    2015-02-28 04:40 - 2014-10-23 08:34 - 00020640 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-02-28 04:40 - 2014-10-23 08:34 - 00020640 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-02-27 22:57 - 2014-10-23 08:39 - 00000896 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-02-27 11:57 - 2014-10-23 08:28 - 00000000 ____D () C:\Games
    2015-02-26 22:55 - 2014-10-30 12:59 - 00000000 ____D () C:\Program Files (x86)\R.G. Mechanics
    2015-02-26 12:41 - 2014-10-23 08:28 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
    2015-02-26 12:39 - 2014-10-23 08:39 - 00000006 ____H () C:\windows\Tasks\SA.DAT
    2015-02-26 12:37 - 2014-10-23 08:35 - 00000000 ____D () C:\windows\system32\NDF
    2015-02-26 11:13 - 2014-10-23 23:07 - 00000000 ____D () C:\windows\AutoKMS
    2015-02-26 11:12 - 2014-10-23 08:39 - 00000000 ____D () C:\windows\SysWOW64\WNLT
    2015-02-26 11:11 - 2014-10-23 09:40 - 00000000 ____D () C:\Users\Matthew\AppData\Local\CRE
    2015-02-26 10:51 - 2014-10-23 08:37 - 00000000 ____D () C:\windows\SysWOW64\ARFC
    2015-02-26 06:37 - 2014-10-23 08:37 - 00000000 ____D () C:\windows\SysWOW64\directx
    2015-02-26 05:59 - 2014-10-23 08:29 - 00000000 ____D () C:\windows\msdownld.tmp
    2015-02-25 14:12 - 2014-11-11 05:28 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
    2015-02-25 14:11 - 2014-10-23 08:28 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2015-02-25 08:11 - 2015-01-10 10:15 - 00000000 ____D () C:\Program Files (x86)\CCleaner
    2015-02-25 06:33 - 2014-10-23 09:40 - 00000000 ____D () C:\Users\Matthew\AppData\Roaming\TeamViewer
    2015-02-25 04:11 - 2014-10-23 10:47 - 00000000 ____D () C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2015-02-25 04:11 - 2014-10-23 10:47 - 00000000 ____D () C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
    2015-02-25 00:59 - 2014-10-23 08:35 - 00000003 _____ () C:\windows\system32\HRUPPROG.TXT
    2015-02-24 05:46 - 2014-11-04 21:09 - 00000000 ____D () C:\Users\Matthew\AppData\Local\ftblauncher
    2015-02-24 05:42 - 2014-11-04 21:10 - 00000000 ____D () C:\Users\Matthew\Desktop\FTB
    2015-02-24 00:25 - 2014-10-23 09:02 - 00000000 ____D () C:\Users\Matthew\Documents\My Games
    2015-02-24 00:15 - 2014-10-23 08:28 - 00000000 ____D () C:\GOG Games
    2015-02-14 21:48 - 2014-10-23 08:29 - 00000000 ____D () C:\windows\rescache
    2015-02-14 21:13 - 2014-12-22 19:36 - 00000000 ____D () C:\Users\Matthew\AppData\Roaming\Curse Client
    2015-02-14 11:22 - 2014-10-23 09:40 - 00000000 ____D () C:\Users\Matthew\AppData\Roaming\Tunngle
    2015-02-13 17:36 - 2014-12-25 01:22 - 00000000 ____D () C:\Users\Matthew\AppData\Local\Gas Powered Games
    2015-02-13 02:52 - 2014-10-23 08:29 - 00000000 ____D () C:\Users\Matthew
    2015-02-13 02:48 - 2014-10-24 02:29 - 00000000 ____D () C:\Temp
    2015-02-12 02:54 - 2014-10-23 09:40 - 00000000 ____D () C:\Users\Matthew\AppData\Roaming\.technic
    2015-02-12 02:54 - 2014-10-23 09:02 - 04629952 _____ () C:\Users\Matthew\Desktop\Technic Launcher.exe
    2015-02-11 03:36 - 2014-10-23 08:29 - 00000000 ____D () C:\windows\PolicyDefinitions
    2015-02-11 03:16 - 2014-10-23 08:39 - 00778744 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
    2015-02-11 03:16 - 2014-10-23 08:36 - 00778744 _____ () C:\windows\system32\PerfStringBackup.INI
    2015-02-11 03:09 - 2014-10-30 15:20 - 00000000 ____D () C:\Program Files\Microsoft Security Client
    2015-02-11 03:09 - 2014-10-30 15:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
    2015-02-11 03:09 - 2014-10-23 08:29 - 00001945 _____ () C:\windows\epplauncher.mif
    2015-02-11 03:08 - 2014-10-23 08:35 - 00000000 ____D () C:\windows\system32\MRT
    2015-02-11 03:01 - 2014-10-23 08:35 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
    2015-02-09 08:43 - 2014-12-13 22:36 - 00000000 ____D () C:\Program Files (x86)\Lara Croft and the Temple of Osiris
    2015-02-09 08:42 - 2014-11-06 18:45 - 00000000 ____D () C:\Program Files (x86)\Ryse Son of Rome
    2015-02-09 08:03 - 2014-10-23 08:39 - 00032576 _____ () C:\windows\Tasks\SCHEDLGU.TXT
    2015-02-06 19:40 - 2014-12-19 16:13 - 00000000 ____D () C:\Users\Matthew\Desktop\Movies
    2015-02-05 08:42 - 2014-10-23 09:07 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
    2015-02-05 08:42 - 2014-10-23 08:38 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2015-02-05 08:42 - 2014-10-23 08:38 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-02-04 04:34 - 2014-10-23 09:40 - 00000000 ____D () C:\Users\Matthew\AppData\Local\SKIDROW

    ==================== Files in the root of some directories =======

    2014-12-27 04:52 - 2014-12-19 12:13 - 0000225 _____ () C:\Program Files (x86)\update-armaIII.bat
    2014-10-23 08:28 - 2012-05-20 09:01 - 0000073 _____ () C:\Program Files (x86)\update-kll-floor.bat
    2014-10-23 09:40 - 2012-08-26 11:33 - 0000132 _____ () C:\Users\Matthew\AppData\Roaming\Adobe GIF Format CS5 Prefs
    2014-10-23 09:40 - 2013-03-03 14:04 - 0000258 _____ () C:\Users\Matthew\AppData\Roaming\ANICONFIG_{CEE98A9C-0FE7-4B85-948B-CE46F9879A52}.ini
    2014-12-30 04:34 - 2014-12-30 04:34 - 0000098 _____ () C:\Users\Matthew\AppData\Roaming\LauncherSettings_live.cfg
    2014-10-23 09:40 - 2014-01-17 21:35 - 0045270 _____ () C:\Users\Matthew\AppData\Roaming\room_v3.dat
    2014-10-23 09:40 - 2014-10-01 14:51 - 0000098 _____ () C:\Users\Matthew\AppData\Roaming\settings.xml
    2014-10-23 09:40 - 2012-07-17 12:02 - 0042496 ___SH () C:\Users\Matthew\AppData\Roaming\Thumbs.db
    2014-12-16 21:56 - 2014-12-16 21:56 - 0000000 ___SH () C:\Users\Matthew\AppData\Local\LumaEmu
    2014-10-23 09:40 - 2012-07-24 16:40 - 0007597 _____ () C:\Users\Matthew\AppData\Local\Resmon.ResmonCfg
    2014-10-23 09:40 - 2014-02-20 23:46 - 0000700 ___SH () C:\Users\Matthew\AppData\Local\systemFL7.dat
    2014-10-23 09:40 - 2014-02-20 21:52 - 0001213 ___SH () C:\Users\Matthew\AppData\Local\win_fldb_sys.dat
    2014-10-23 09:40 - 2014-02-20 23:46 - 0003465 ___SH () C:\Users\Matthew\AppData\Local\win_stlthdb_sys.dat
    2014-10-23 08:28 - 2012-08-06 05:44 - 3432461 _____ () C:\ProgramData\emaillog.html
    2014-10-23 08:28 - 2012-08-06 04:57 - 0002846 ____H () C:\ProgramData\emopts.dat
    2014-10-23 08:28 - 2014-10-26 22:01 - 0606822 _____ () C:\ProgramData\events.log
    2014-10-23 08:28 - 2012-12-26 22:19 - 0001668 ____H () C:\ProgramData\saopts.dat
    2014-10-23 08:28 - 2014-07-31 23:03 - 0001473 ____H () C:\ProgramData\satmp.tmp
    2014-10-23 08:28 - 2014-10-26 22:01 - 0004784 ____H () C:\ProgramData\sneopts.dat
    2014-10-23 08:28 - 2012-08-06 05:27 - 0013631 ____H () C:\ProgramData\sys001.log
    2014-10-23 08:28 - 2012-08-06 05:27 - 0850612 ____H () C:\ProgramData\sys002.log
    2014-10-23 08:28 - 2012-08-06 05:27 - 10845449 ____H () C:\ProgramData\sys003.log
    2014-10-23 08:28 - 2012-08-06 05:44 - 0185084 ____H () C:\ProgramData\sys004.log
    2014-10-23 08:28 - 2012-08-06 05:27 - 105970567 ____H () C:\ProgramData\sys005.log
    2014-10-23 08:28 - 2012-08-06 05:44 - 0000004 ____H () C:\ProgramData\sys006.log
    2014-10-23 08:28 - 2012-08-06 05:44 - 0066657 ____H () C:\ProgramData\sys007.log
    2014-10-23 08:28 - 2012-08-06 05:44 - 0022378 ____H () C:\ProgramData\sys008.log
    2014-10-23 08:28 - 2012-08-06 05:44 - 141419333 ____H () C:\ProgramData\sys011.log
    2014-10-23 08:29 - 2012-08-06 05:44 - 0007181 ____H () C:\ProgramData\sys012.log
    2014-10-23 08:29 - 2012-08-06 05:44 - 237201310 ____H () C:\ProgramData\sys013.log
    2014-10-23 08:29 - 2012-08-06 05:44 - 0026661 ____H () C:\ProgramData\sys014.log
    2014-10-23 08:29 - 2012-08-06 05:44 - 0103700 ____H () C:\ProgramData\sys016.log
    2014-10-23 08:29 - 2012-12-27 21:09 - 0000164 _____ () C:\ProgramData\winsys
    2014-10-23 08:29 - 2014-02-20 23:46 - 0002568 ___SH () C:\ProgramData\win_mpwd_sys.dat

    Some content of TEMP:
    ====================
    C:\Users\Matthew\AppData\Local\Temp\BRSVC_7498671_hlp.exe
    C:\Users\Matthew\AppData\Local\Temp\hcuninstaller_20150225_020721_4680.exe
    C:\Users\Matthew\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
    C:\Users\Matthew\AppData\Local\Temp\HiRezLauncherControls.dll
    C:\Users\Matthew\AppData\Local\Temp\i4jdel0.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-02-23 10:21

    ==================== End Of Log ============================








    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01
    Ran by Matthew at 2015-02-28 06:03:45
    Running from C:\Users\Matthew\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
    AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.12 - GIGABYTE)
    7stacks 1.5 beta 2 (HKLM-x32\...\{EF6E933E-760B-40EA-8E00-E6DE3482F472}_is1) (Version: 1.4.24 - Alastria Software)
    Ad-Aware Web Companion (x32 Version: 1.1.885.1766 - Lavasoft) Hidden
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
    Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
    Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
    Among Ripples (HKLM-x32\...\Steam App 341720) (Version: - Eat Create Sleep)
    AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
    AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
    Banished 1.0 (HKLM-x32\...\Banished 1.0) (Version: 1.0 - Cat-A-Cat)
    Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
    Belkin Wireless USB Utility (HKLM-x32\...\InstallShield_{A6359CCF-215D-43D9-8366-479D231F2A72}) (Version: 6.3.2.16 - Belkin)
    Belkin Wireless USB Utility (x32 Version: 6.3.2.16 - Belkin) Hidden
    BLOCKADE 3D (HKLM-x32\...\Steam App 302830) (Version: - Shumkov Dmitriy)
    CCleaner, &#1074;&#1077;&#1088;&#1089;&#1080;&#1103; 4.14.4808 (HKLM-x32\...\{80BD3FC0-9C5F-4ADA-83C7-91DC8E24D0B2}_is1) (Version: 4.14.4808 - Salat Production)
    CL NUI Platform (HKLM-x32\...\CL NUI Platform) (Version: 1.0.0.1210 - Code Laboratories, Inc.)
    CL-Eye Driver (HKLM-x32\...\CL-Eye Driver) (Version: 5.1.1.0177 - Code Laboratories, Inc.)
    Contagion (HKLM-x32\...\Steam App 238430) (Version: - Monochrome, Inc)
    CraftTheWorld 1.0 (HKLM-x32\...\CraftTheWorld 1.0) (Version: 1.0 - Èãðû íà Cat-A-Cat.NET)
    Cry of Fear (HKLM-x32\...\Steam App 223710) (Version: - Team Psykskallar)
    Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Damned (HKLM-x32\...\Steam App 251170) (Version: - 9heads Game Studios)
    Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
    Dear Esther (HKLM-x32\...\Steam App 203810) (Version: - thechineseroom & Robert Briscoe)
    Defiance (HKLM-x32\...\Steam App 224600) (Version: - Trion Worlds, Inc.)
    D-Link DWA-125 (HKLM-x32\...\{E45CACFE-0576-4375-A84F-C34B99A7B652}) (Version: - D-Link)
    Double Action: Boogaloo (HKLM-x32\...\Steam App 317360) (Version: - Double Action Factory)
    Dying Light (HKLM-x32\...\RHlpbmdMaWdodA==_is1) (Version: 1 - )
    Easy Tune 6 B11.0722.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
    Easy Tune 6 B11.0722.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
    ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
    Evolve (HKLM-x32\...\Evolve_is1) (Version: - )
    F.E.A.R. Online (HKLM-x32\...\Steam App 223650) (Version: - InPlay Interactive)
    Final Fantasy XIII (HKLM-x32\...\RmluYWxGYW50YXN5WElJSQ==_is1) (Version: 1 - )
    Forged Alliance Forever (HKLM-x32\...\{EF37C7C0-1281-4452-8A3F-D71215478D63}) (Version: 240.10.122 - FAF Community)
    gamelauncher-code4344-beta (HKU\S-1-5-21-298899731-1277183411-3383363015-1000\...\SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2 Beta) (Version: - Sony Online Entertainment)
    Gauntlet (HKLM-x32\...\Gauntlet_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
    Gear Up (HKLM-x32\...\Steam App 214420) (Version: - Doctor Entertainment AB)
    Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    Hedgewars (HKLM-x32\...\hedgewars) (Version: 0.9.20 - Hedgewars Project)
    Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
    Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
    Killing Floor (HKLM-x32\...\Killing Floor_is1) (Version: Killing Floor V.1064 - ZM)
    L.A.Noire (HKLM-x32\...\L.A.Noire_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
    LavasoftTcpService (x32 Version: 2.3.2.7 - Lavasoft) Hidden
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - &#1050;&#1086;&#1088;&#1087;&#1086;&#1088;&#1072;&#1094;&#1080;&#1103; &#1052;&#1072;&#1081;&#1082;&#1088;&#1086;&#1089;&#1086;&#1092;&#1090;)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    Minecraft (HKLM-x32\...\{34D9106C-A947-47ED-B4AB-764736350769}) (Version: 1.6.1 - MINECRAFTinstall.net)
    Minecraft 1.4.5 (HKLM-x32\...\Minecraft 1.4.5) (Version: - )
    Minecraft1.4.7 (HKLM-x32\...\Minecraft1.4.7) (Version: - )
    Minecraft1.6.1 (HKLM-x32\...\Minecraft1.6.1) (Version: - )
    MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0a1 - Mozilla)
    MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Mumble 1.2.3 (HKLM-x32\...\{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}) (Version: 1.2.3 - Thorvald Natvig)
    NETGEAR WG111v2 wireless USB 2.0 adapter (HKLM-x32\...\{4102037D-E8E0-48E0-B203-E521D194FB71}) (Version: 1.0.0.133 - NETGEAR)
    NETGEAR WNDA4100 (x32 Version: 1.2.0.10 - NETGEAR) Hidden
    Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version: - )
    No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version: - No More Room in Hell Team)
    Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 141218.99200 - Square Enix Ltd)
    NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.25 - NVIDIA Corporation)
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
    NVIDIA Graphics Driver 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
    Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
    Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
    Panzar (HKLM-x32\...\Steam App 240320) (Version: - Troxit Service)
    PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
    PlanetSide 2 (HKU\S-1-5-21-298899731-1277183411-3383363015-1000\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
    Portal 2 (HKLM-x32\...\AC7F4E43-1023-443F-9746-58A93E04D896_is1) (Version: 1.0.0.0 - )
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
    Python 2.7.6 (HKLM-x32\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E2}) (Version: 2.7.6150 - Python Software Foundation)
    RADical ROACH Deluxe Edition (HKLM-x32\...\Steam App 301750) (Version: - Decaying Logic)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6418 - Realtek Semiconductor Corp.)
    Reus (HKLM-x32\...\GOGPACKREUS_is1) (Version: 2.0.0.10 - GOG.com)
    Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
    Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.6.1 - Rockstar Games)
    SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
    Sid Meiers Civilization Beyond Earth (HKLM-x32\...\U2lkTWVpZXJzQ2l2aWxpemF0aW9uQmV5b25kRWFydGg=_is1) (Version: 1 - )
    Sir, You Are Being Hunted (HKLM-x32\...\GOGPACKSIRYOUAREBEINGHUNTED_is1) (Version: 2.1.0.4 - GOG.com)
    Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.1.2598.1 - Hi-Rez Studios)
    Splashtop Connect for Firefox (HKLM-x32\...\{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}) (Version: 1.1.8.4 - Splashtop Inc.)
    Splashtop Connect IE (HKLM-x32\...\{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}) (Version: 1.1.13.1 - Splashtop Inc.)
    Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Supreme Commander - Forged Alliance (HKLM-x32\...\{31D95937-B237-405D-920C-A3EF4E482395}) (Version: 1.00.0000 - Gas Powered Games)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    sZone-Online (HKLM-x32\...\Steam App 316390) (Version: - Cybertime System)
    Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.0.0.1 - GOG.com)
    The Talos Principle v.3.0.3.0 (HKLM-x32\...\The Talos Principle_is1) (Version: - )
    Thief (HKLM-x32\...\VGhpZWY=_is1) (Version: 1 - )
    Tom Clancy's Ghost Recon Phantoms - NA (HKLM-x32\...\Steam App 243870) (Version: - Ubisoft Singapore)
    Total War - Rome II (HKLM-x32\...\Total War - Rome II_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
    Trojan Remover 6.9.1 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1 - Simply Super Software)
    Trove (HKLM-x32\...\Glyph Trove) (Version: - Trion Worlds, Inc.)
    Uninstall - Sitecom WL-324 (HKLM-x32\...\Sitecom Wireless Network 300N USB Adapter WL-324_is1) (Version: - )
    Unity Web Player (HKU\S-1-5-21-298899731-1277183411-3383363015-1000\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
    Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
    Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
    VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
    Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    WinRAR 4.00 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.3 - win.rar GmbH)
    XSplit Broadcaster (HKLM-x32\...\{6459F338-FE52-4034-BCA7-74772DA0F24D}) (Version: 1.3.1403.1202 - SplitMediaLabs)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


    ==================== Restore Points =========================

    25-02-2015 14:06:57 Removed Hi-Rez Studios Games
    25-02-2015 14:11:39 Installed Hi-Rez Studios Games
    25-02-2015 14:44:24 Installed DirectX
    26-02-2015 06:37:21 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
    26-02-2015 09:19:03 Windows Update
    26-02-2015 12:08:25 Installed DirectX
    26-02-2015 23:39:37 Installed DirectX

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2014-10-23 09:49 - 2014-02-20 21:49 - 00001106 ____A C:\windows\system32\Drivers\etc\hosts
    127.0.0.1 bir3yk.net
    127.0.0.1 bir3yk.net
    127.0.0.1 bir3yk.net
    127.0.0.1 bir3yk.net
    127.0.0.1 bir3yk.net
    127.0.0.1 www.password-protect-folders.net
    127.0.0.1 www.newsoftwares.net
    127.0.0.1 www.password-protect-folders.net
    127.0.0.1 www.newsoftwares.net


    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {00B6108E-E729-4631-90E4-513C5CB60B4F} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
    Task: {013F8264-D7B3-4375-B047-A572EC81EBED} - System32\Tasks\{8C129CAF-28FD-4301-84E9-28AC846F4F15} => pcalua.exe -a E:\autorun.exe -d E:\
    Task: {0BFB0A71-9328-4A9F-8506-FF33E0B3BC15} - System32\Tasks\{2B064B91-A0B9-4AEF-BCB4-2FED387F8CC6} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/65800
    Task: {41DD6341-BCC0-4840-9D32-2CECE75EF659} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
    Task: {48D9ADF8-C628-488E-9D2C-33DA7FFD392C} - System32\Tasks\{066BF60F-8F30-426F-97C9-657B30655BBD} => pcalua.exe -a "C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\Uninstaller.exe" -d "C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2"
    Task: {78CFD6FF-4A3F-47B4-B7F2-2395FFED2725} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {81DED6CE-5A28-430B-8ACD-585CBB469CC4} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [2014-10-23] ()
    Task: {97BB009C-AA14-42E1-BE9F-D8951E792B85} - System32\Tasks\{943CB9E7-3E95-476F-9C53-8AD20E209918} => pcalua.exe -a "C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.2.7\LavasoftLSPInstaller.exe" -d "C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.2.7"
    Task: {A7C7BB13-5E1F-4320-B2C0-7ECA9C65C00F} - System32\Tasks\{9AD73AAB-2645-4481-AB9C-AD681AF695C2} => pcalua.exe -a "C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 Beta\Uninstaller.exe"
    Task: {E0743664-8A10-4F28-94C5-0AEC4C97FE99} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: {E3E0780C-CC4B-4FA4-8BB0-A372A2CE38D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) ==============

    2014-10-23 08:46 - 2015-01-09 18:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2014-10-23 08:46 - 2010-07-12 17:39 - 00053248 _____ () C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
    2014-10-23 08:39 - 2013-10-04 20:55 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
    2014-10-23 08:39 - 2010-05-10 14:14 - 00186848 _____ () C:\Windows\SysWOW64\WinService.exe
    2014-10-23 08:29 - 2010-12-17 20:14 - 00164352 _____ () C:\Program Files\WinRAR\rarext.dll
    2015-02-25 06:45 - 2014-04-15 09:26 - 00097592 _____ () C:\Program Files\Vuze\aereg64.dll
    2015-02-25 06:45 - 2014-06-24 14:12 - 00217600 _____ () C:\Users\Matthew\AppData\Roaming\Azureus\plugins\azitunes\jacob-1.17-M2-x64.dll
    2015-02-25 06:45 - 2014-06-24 14:12 - 00015840 _____ () C:\Users\Matthew\AppData\Roaming\Azureus\plugins\azitunes\libProcessAccess64.dll
    2010-01-09 19:18 - 2010-01-09 19:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\office.odf
    2014-10-23 09:37 - 2010-01-21 00:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2015-01-27 01:07 - 2015-01-27 01:08 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    2015-02-05 08:42 - 2015-02-05 08:42 - 16852144 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-298899731-1277183411-3383363015-1000\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 75.75.76.76 - 75.75.75.75

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WG111v2 Smart Wizard.lnk => C:\Windows\pss\NETGEAR WG111v2 Smart Wizard.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Sitecom Wireless Utility.lnk => C:\Windows\pss\Sitecom Wireless Utility.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^Matthew^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\windows\pss\Curse.lnk.Startup
    MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: BackgroundContainerV2 => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Matthew\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
    MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    MSCONFIG\startupreg: D-Link D-Link DWA-125 => C:\Program Files (x86)\D-Link\DWA-125 revA\AirNCFG.exe
    MSCONFIG\startupreg: DS3 Tool => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe -mini
    MSCONFIG\startupreg: EvolveClient => C:\Program Files\Echobit\Evolve\EvolveClient.exe -autorun
    MSCONFIG\startupreg: Facebook Update => "C:\Users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    MSCONFIG\startupreg: GarenaPlus => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
    MSCONFIG\startupreg: HTTPServer => C:\Program Files (x86)\Spytech Software\SpyAnywhere\SpyAnywhere.exe
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
    MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    MSCONFIG\startupreg: Spotify => "C:\Users\Matthew\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
    MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Matthew\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
    MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    MSCONFIG\startupreg: System32 => C:\Program Files (x86)\Spytech Software\Spytech SpyAgent\sysdiag.exe
    MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
    MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

    ==================== Accounts: =============================

    Administrator (S-1-5-21-298899731-1277183411-3383363015-500 - Administrator - Disabled)
    Guest (S-1-5-21-298899731-1277183411-3383363015-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-298899731-1277183411-3383363015-1006 - Limited - Enabled)
    Matthew (S-1-5-21-298899731-1277183411-3383363015-1000 - Administrator - Enabled) => C:\Users\Matthew
    test (S-1-5-21-298899731-1277183411-3383363015-1007 - Administrator - Enabled) => C:\Users\test

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/26/2015 00:40:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/26/2015 11:45:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/26/2015 11:15:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/25/2015 09:08:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    System errors:
    =============
    Error: (02/28/2015 02:03:03 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service.

    Error: (02/28/2015 02:03:03 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {D44CBB4F-743E-4818-8077-C47F666CA7EE}

    Error: (02/27/2015 00:49:40 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
    %%5

    Error: (02/27/2015 00:49:19 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for Start with the following error:
    %%5

    Error: (02/26/2015 00:50:21 PM) (Source: bowser) (EventID: 8003) (User: )
    Description: The master browser has received a server announcement from the computer ROUTER
    that believes that it is the master browser for the domain on transport NetBT_Tcpip_{F127199E-6A33-4105-B3A6-2F8058AA2B0A}.
    The master browser is stopping or an election is being forced.

    Error: (02/26/2015 00:49:21 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
    %%5

    Error: (02/26/2015 00:49:18 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for Start with the following error:
    %%5

    Error: (02/26/2015 00:41:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The yoyoyo service terminated unexpectedly. It has done this 1 time(s).

    Error: (02/26/2015 00:40:39 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The yoyoyo service hung on starting.

    Error: (02/26/2015 00:39:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Offline Files service terminated with the following error:
    %%3


    Microsoft Office Sessions:
    =========================
    Error: (02/26/2015 00:40:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/26/2015 11:45:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/26/2015 11:15:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/25/2015 09:08:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    CodeIntegrity Errors:
    ===================================
    Date: 2014-08-25 03:28:58.092
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-08-25 03:28:58.032
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: AMD FX(tm)-6100 Six-Core Processor
    Percentage of memory in use: 32%
    Total physical RAM: 8190.46 MB
    Available physical RAM: 5533.45 MB
    Total Pagefile: 16379.12 MB
    Available Pagefile: 13338.27 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.78 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:931.51 GB) (Free:298.41 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2DE0ADD4)
    Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  14. dbreeze

    dbreeze Malware Specialist

    Joined:
    Oct 5, 2014
    Messages:
    431
    First Name:
    David
    FIRST STEP >>>>

    Please go to START (Windows Orb) >> Control Panel >> Uninstall a Program or Programs and Features and remove the following (if listed):

    CCleaner (not the official version from Piriform.com)
    Ad-Aware Web Companion - if you did not want AdAware on your system; should have been removed with AdAware AntiVirus uninstall
    LavasoftTcpService - same as above


    To do so, left clicking on the name once and then click Uninstall/Change at the bar above the list window.

    Follow the prompts of the uninstaller BUT please read carefully any questions it asks before answering; some uninstallers will try and deceive you into keeping the software.

    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

    SECOND STEP >>>>

    Download the attached fixlist.txt file and save it to the Desktop.

    NOTE. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST64 by right clicking on the FRST64.exe file, selecting "Run as Administrator..". The User Account Control may open up; if it does, select Yes to continue to let FRST open and load.

    The tool will check for an updated version of itself every time it loads; please allow it to do this and the program will either inform you it is downloading an updated copy (and to wait until it is safe to continue) or show that it is ready to use (meaning there is no update found) and you can continue on. Press the Fix button just once and wait. The tool will create a restore point, process the script and ask for a restart of your system.

    [​IMG]

    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post the log in your next reply.

    +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


    Information to Reply with >>>>
    • How did the uninstalls go and did you uninstall the Lavasoft products?
    • The Fixlog.txt log file text.
    • Any questions or concerns you may have.
    • How is your system running now?
     

    Attached Files:

  15. FlounderHawk

    FlounderHawk Thread Starter

    Joined:
    Feb 26, 2015
    Messages:
    17
    Before I run the Fixlog.txt, I looked in my "Programs and Features" for the Ad-Aware Web Companion and the LavasoftTcpService are not to be found. Do I skip these steps and try to run the fix?
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1143800

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice