Unremovable Adware on my browsers. (If you help me, I'll make you my deity).

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

tourage

Thread Starter
Joined
Feb 28, 2015
Messages
4


Can you see it? It's a black square with the "X - close" option on the upper-right corner... it always appears on the same place in lots of websites.

Here are some facts that may help you out help me out.
1- It happens in both Google Chrome and Internet Explorer.

2- If I turn my Adblock off, the advertisement appears inside the borderline(square).

3- I have 4 extensions on chrome, but I've tried deactivating and nothing changes.(since it happens in IE also, this may not be the problem).

4- I've tried using Avast scan, Malwarebyte, Adwcleaner, SUPERantispyware, but didn't help at all.

5- I've searched for something weird installed on my PC in "Programs and Features" and also with the Revouninstaller, but didn't find anything.

6- My last resort was to use a Restore Point... After I restored the black borderlines weren't showing up, but after some time they started appearing... tried restoring 2 times, but the same thing happened.


Please Help me, I don't feel like formating my PC because of this crap. But if it persists I'll have too.

halpppp
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Welcome. :)

Lets give it a try.

First, reset your browsers to default. For instructions read here.

If resetting your browser wont help, lets take a look at your settings:

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also produce another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.
 

tourage

Thread Starter
Joined
Feb 28, 2015
Messages
4
Welcome. :)

Lets give it a try.

First, reset your browsers to default. For instructions read here.

If resetting your browser wont help, lets take a look at your settings:

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also produce another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.
FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015
Ran by Tourage (administrator) on ARTHUR on 28-02-2015 20:56:53
Running from C:\Users\Tourage\Downloads
Loaded Profiles: Tourage (Available profiles: Tourage)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(My Digital Life Forums) C:\Users\Tourage\AppData\Local\Temp\BEDB.tmp\KMSServerService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Windows\DAODx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\livecomm.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-125 revA\AirNCFG.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [D-Link D-Link DWA-125] => C:\Program Files (x86)\D-Link\DWA-125 revA\AirNCFG.exe [1079600 2013-01-28] (D-Link Corp.)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
HKU\S-1-5-21-2282366063-3535502615-78405977-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-18] (Valve Corporation)
HKU\S-1-5-21-2282366063-3535502615-78405977-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-22] (SUPERAntiSpyware)
HKU\S-1-5-21-2282366063-3535502615-78405977-1001\...\MountPoints2: {3a5eadba-81fe-11e3-824c-806e6f6e6963} - "E:\.\Bin\ASSETUP.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2282366063-3535502615-78405977-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pt-br/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1754664 2014-07-31] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.0.1
Tcpip\..\Interfaces\{303AF7F5-671A-4915-973F-518C02E62199}: [NameServer] 201.10.128.2,201.10.120.2

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-2282366063-3535502615-78405977-1001: gastecnologia.com.br/sf/bb -> C:\Users\Tourage\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-2282366063-3535502615-78405977-1001: gastecnologia.com.br/sf/gas64 -> C:\Users\Tourage\AppData\Local\GAS Tecnologia\GBBD\npsf_gas_64.dll No File

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "", "hxxp://www.google.com", "hxxp://www.google.com/"
CHR Profile: C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-20]
CHR Extension: (Google Drive) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-20]
CHR Extension: (YouTube) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-20]
CHR Extension: (Google Search) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-20]
CHR Extension: (Adblock Super) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-02-27]
CHR Extension: (Dota 2 Lounge Auto Bump & Price) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpmkcegkpahigpmpdeiakkcndihnaekc [2014-10-09]
CHR Extension: (GBBD Banco do Brasil) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkeabchhfifpaaoefpockjhaphjmoapp [2014-04-28]
CHR Extension: (Google Wallet) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-20]
CHR Extension: (Gmail) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-05-05] (Perfect World Entertainment Inc)
R2 D_Link_DWA-125_WPS; C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe [53248 2010-07-12] () [File not signed]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [546104 2014-07-21] (GAS Tecnologia)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 KMSServerService; C:\Users\Tourage\AppData\Local\Temp\BEDB.tmp\KMSServerService.exe [260608 2014-11-17] (My Digital Life Forums) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 TunMirror; "C:\Users\Tourage\AppData\Local\Temp\BEDB.tmp\TunMirror.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 anodlwf; C:\Windows\system32\DRIVERS\anodlwfx.sys [15872 2010-05-29] ()
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R3 netr28ux; C:\Windows\system32\DRIVERS\Dnetr28ux.sys [1979464 2012-09-28] (Ralink Technology Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-28 20:56 - 2015-02-28 20:57 - 00015586 _____ () C:\Users\Tourage\Downloads\FRST.txt
2015-02-28 20:49 - 2015-02-28 20:56 - 00000000 ____D () C:\FRST
2015-02-28 20:45 - 2015-02-28 20:48 - 02092544 _____ (Farbar) C:\Users\Tourage\Downloads\FRST64.exe
2015-02-28 19:17 - 2015-02-28 19:52 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-02-28 19:17 - 2015-02-28 19:17 - 00001820 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-02-28 19:17 - 2015-02-28 19:17 - 00000000 ____D () C:\Users\Tourage\AppData\Roaming\SUPERAntiSpyware.com
2015-02-28 19:17 - 2015-02-28 19:17 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-02-28 19:17 - 2015-02-28 19:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-02-28 19:06 - 2015-02-28 19:07 - 21037696 _____ (SUPERAntiSpyware) C:\Users\Tourage\Downloads\SUPERAntiSpyware.exe
2015-02-28 15:48 - 2015-02-28 16:57 - 342850041 _____ () C:\Users\Tourage\Downloads\[HorribleSubs] Magic Kaito 1412 - 04 [720p].mkv
2015-02-28 15:46 - 2015-02-28 16:57 - 343401598 _____ () C:\Users\Tourage\Downloads\[HorribleSubs] Magic Kaito 1412 - 03 [720p].mkv
2015-02-28 15:46 - 2015-02-28 16:57 - 342653341 _____ () C:\Users\Tourage\Downloads\[HorribleSubs] Magic Kaito 1412 - 02 [720p].mkv
2015-02-28 15:45 - 2015-02-28 16:57 - 343144824 _____ () C:\Users\Tourage\Downloads\[HorribleSubs] Magic Kaito 1412 - 01 [720p].mkv
2015-02-28 15:43 - 2015-02-28 16:34 - 337729596 ____R () C:\Users\Tourage\Downloads\[HorribleSubs] Aldnoah Zero - 20 [720p].mkv
2015-02-28 15:43 - 2015-02-28 16:19 - 350756369 ____R () C:\Users\Tourage\Downloads\[HorribleSubs] Log Horizon 2 - 21 [720p].mkv
2015-02-28 04:46 - 2015-02-28 04:55 - 00000000 ____D () C:\Users\Tourage\Downloads\How.to.Get.Away.with.Murder.S01E09.HDTV.x264-LOL[ettv]
2015-02-28 04:45 - 2015-02-28 06:20 - 255321232 _____ () C:\Users\Tourage\Downloads\How.to.Get.Away.with.Murder.S01E10.HDTV.x264-LOL.mp4
2015-02-28 04:45 - 2015-02-28 06:20 - 220977590 _____ () C:\Users\Tourage\Downloads\How.to.Get.Away.with.Murder.S01E08.HDTV.x264-LOL.mp4
2015-02-27 22:32 - 2015-02-27 23:43 - 00000000 ____D () C:\Users\Tourage\Downloads\House.of.Cards.2013.S02.720p.BluRay.x264-DEMAND
2015-02-27 18:53 - 2015-02-27 22:32 - 325735757 ____R () C:\Users\Tourage\Downloads\[HorribleSubs] Saekano - 07 [720p].mkv
2015-02-27 18:53 - 2015-02-27 19:09 - 327443139 ____R () C:\Users\Tourage\Downloads\[HorribleSubs] Shigatsu wa Kimi no Uso - 19 [720p].mkv
2015-02-27 13:45 - 2015-02-27 13:45 - 00000197 _____ () C:\Windows\system32\2015-02-27-16-45-05.048-AvastVBoxSVC.exe-4136.log
2015-02-27 13:34 - 2015-02-27 13:40 - 00000000 ____D () C:\AdwCleaner
2015-02-27 08:48 - 2015-02-27 08:50 - 00000197 _____ () C:\Windows\system32\2015-02-27-11-48-21.016-AvastVBoxSVC.exe-3004.log
2015-02-27 03:57 - 2015-02-27 03:57 - 00000247 _____ () C:\Windows\system32\2015-02-27-06-57-09.058-aswFe.exe-5296.log
2015-02-27 03:51 - 2015-02-27 03:57 - 00000247 _____ () C:\Windows\system32\2015-02-27-06-51-36.061-aswFe.exe-3804.log
2015-02-27 03:51 - 2015-02-27 03:51 - 00000197 _____ () C:\Windows\system32\2015-02-27-06-51-34.000-AvastVBoxSVC.exe-7372.log
2015-02-27 01:28 - 2015-02-27 01:28 - 00000000 ____D () C:\Users\Tourage\AppData\Roaming\AVAST Software
2015-02-27 01:22 - 2015-02-27 13:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-27 01:22 - 2015-02-27 01:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-27 01:22 - 2015-02-27 01:22 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-27 01:20 - 2015-02-27 01:22 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-26 15:01 - 2015-02-27 01:59 - 00000000 ____D () C:\Users\Tourage\Downloads\The.100.S02E14.720p.HDTV.x264-KILLERS [GloDLS]
2015-02-26 14:59 - 2015-02-27 01:59 - 00000000 ____D () C:\Users\Tourage\Downloads\Suits.S04E15.720p.HDTV.x264-KILLERS [GloDLS]
2015-02-25 22:53 - 2015-02-26 02:43 - 00000000 ____D () C:\Users\Tourage\Downloads\How To Get Away With Murder S01E07 HDTV x264-LOL[ettv]
2015-02-25 22:53 - 2015-02-26 02:43 - 00000000 ____D () C:\Users\Tourage\Downloads\How To Get Away With Murder S01E05 HDTV x264-LOL[ettv]
2015-02-23 13:46 - 2015-02-27 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-23 13:46 - 2015-02-23 13:46 - 00001765 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-23 13:45 - 2015-02-27 17:38 - 00000000 ____D () C:\Program Files\iTunes
2015-02-23 13:45 - 2015-02-27 17:37 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-23 13:45 - 2015-02-27 17:37 - 00000000 ____D () C:\Program Files\iPod
2015-02-23 13:45 - 2015-02-27 17:37 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-19 15:21 - 2015-02-19 15:21 - 00000000 ____D () C:\Users\Tourage\AppData\Local\Steam
2015-02-15 19:20 - 2015-02-15 19:20 - 00002149 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-02-15 19:19 - 2015-02-05 14:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-02-15 19:18 - 2015-02-05 18:01 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 17253848 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-15 19:18 - 2015-02-05 18:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 00833680 _____ () C:\Windows\system32\nvmcumd.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 00399504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-15 19:18 - 2015-02-05 18:01 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-28 20:18 - 2014-01-20 15:28 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-28 20:18 - 2014-01-20 15:28 - 00001086 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-28 20:11 - 2014-01-20 15:15 - 01736233 _____ () C:\Windows\WindowsUpdate.log
2015-02-28 20:00 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-28 19:57 - 2014-01-20 15:50 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-28 19:56 - 2014-01-20 15:29 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2282366063-3535502615-78405977-1001
2015-02-28 19:51 - 2014-01-20 15:29 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-28 19:47 - 2014-02-08 16:12 - 00000000 ____D () C:\ProgramData\GbPlugin
2015-02-28 19:47 - 2013-08-22 11:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-28 19:46 - 2014-06-01 00:32 - 00000000 ____D () C:\Program Files (x86)\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst
2015-02-28 19:46 - 2014-01-20 15:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-28 19:46 - 2014-01-20 15:11 - 00012220 _____ () C:\Windows\PFRO.log
2015-02-28 19:46 - 2013-08-22 10:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-28 16:57 - 2014-01-20 15:51 - 00000000 ____D () C:\Users\Tourage\AppData\Roaming\uTorrent
2015-02-27 23:30 - 2014-02-08 16:11 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2015-02-27 17:39 - 2014-01-20 15:22 - 00000000 ____D () C:\Users\Tourage
2015-02-27 17:38 - 2014-02-08 16:12 - 00000000 ____D () C:\Program Files (x86)\GbPlugin
2015-02-27 17:37 - 2014-12-29 16:18 - 00000000 ____D () C:\Users\Tourage\AppData\Local\Hero_Siege
2015-02-27 17:37 - 2014-01-20 15:54 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-27 17:37 - 2014-01-20 15:52 - 00000000 ____D () C:\Users\Tourage\AppData\Roaming\vlc
2015-02-27 17:37 - 2014-01-20 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-27 17:37 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\AppCompat
2015-02-27 17:31 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\registration
2015-02-27 17:29 - 2014-08-20 00:02 - 00000000 ____D () C:\Users\Tourage\AppData\Local\GAS Tecnologia
2015-02-27 00:40 - 2014-02-08 16:11 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-02-25 16:03 - 2013-08-22 11:46 - 00018158 _____ () C:\Windows\setupact.log
2015-02-19 14:20 - 2014-01-20 15:32 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-15 19:20 - 2014-01-20 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-02-15 19:13 - 2014-01-20 15:28 - 00004062 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-15 19:13 - 2014-01-20 15:28 - 00003826 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 18:01 - 2014-11-24 15:58 - 02902784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-02-05 18:01 - 2014-06-20 13:44 - 16017040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-02-05 18:01 - 2014-01-20 15:43 - 18575880 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-02-05 18:01 - 2014-01-20 15:43 - 14119744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-02-05 18:01 - 2014-01-20 15:43 - 03299512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-02-05 18:01 - 2014-01-20 15:43 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-02-05 16:07 - 2014-01-20 15:46 - 06861128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-02-05 16:07 - 2014-01-20 15:46 - 03517584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-02-05 16:07 - 2014-01-20 15:46 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-02-05 16:07 - 2014-01-20 15:46 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-02-05 16:07 - 2014-01-20 15:46 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-02-05 16:06 - 2014-01-20 15:46 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-02-05 09:50 - 2014-01-20 15:46 - 04236870 _____ () C:\Windows\system32\nvcoproc.bin

==================== Files in the root of some directories =======

2014-05-20 14:46 - 2014-12-05 00:26 - 0000253 _____ () C:\Users\Tourage\AppData\Roaming\ANICONFIG_{303AF7F5-671A-4915-973F-518C02E62199}.ini
2014-08-20 00:02 - 2014-08-20 00:02 - 0016863 _____ () C:\Users\Tourage\AppData\Roaming\unins000.dat
2014-08-20 00:02 - 2014-08-20 00:02 - 0813217 _____ () C:\Users\Tourage\AppData\Roaming\unins000.exe
2014-01-24 14:59 - 2014-01-24 14:59 - 0000038 ___SH () C:\Users\Tourage\AppData\Local\30cb054b51a6e2f65d62f4.62716000

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-26 02:26






Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-02-2015
Ran by Tourage at 2015-02-28 20:57:50
Running from C:\Users\Tourage\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2282366063-3535502615-78405977-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
Afterfall InSanity Extended Edition (HKLM-x32\...\Steam App 224420) (Version: - Intoxicate Studios)
AMD Catalyst Install Manager (HKLM\...\{5DDB9EF7-1BC0-C9C1-9829-6B9CF68AC357}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Ares 2.2.6 (HKLM-x32\...\Ares) (Version: 2.2.6-Build#3050 - Seekar Ltd)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
Bleed (HKLM-x32\...\Steam App 239800) (Version: - Ian Campbell)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CPUID CPU-Z 1.68 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Defy Gravity (HKLM-x32\...\Steam App 96100) (Version: - Fish Factory Games)
D-Link DWA-125 (HKLM-x32\...\{E45CACFE-0576-4375-A84F-C34B99A7B652}) (Version: - D-Link)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dungeons & Dragons: Chronicles of Mystara (HKLM-x32\...\Steam App 229480) (Version: - Iron Galaxy Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gun Monkeys (HKLM-x32\...\Steam App 239450) (Version: - Size Five Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hero Siege (HKLM-x32\...\Steam App 269210) (Version: - Elias Viglione)
Injustice: Gods Among Us Ultimate Edition (HKLM-x32\...\Steam App 242700) (Version: - NetherRealm Studios)
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version: - )
Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.11.0.1 - )
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\TkFSVVRPU0hJUFBVREVOVWx0aW1hdGVOaW5qYVNUT1JNM0Z1~D4302771_is1) (Version: 1 - )
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.52 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
One Finger Death Punch 1.0 (HKLM-x32\...\One Finger Death Punch 1.0) (Version: 1.0 - Cat-A-Cat)
One Way Heroics (HKLM-x32\...\Steam App 266210) (Version: - Smoking WOLF)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 6.0.0 (HKLM-x32\...\RTSS) (Version: 6.0.0 - Unwinder)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Super Hexagon (HKLM-x32\...\Super Hexagon_is1) (Version: 1.0 - compiled by testncrash)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
System Requirements Lab CYRI (HKLM-x32\...\{1110A014-1471-4B66-BFDC-E8EED120CC59}) (Version: 6.0.20.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Teleglitch: Die More Edition (HKLM-x32\...\Steam App 234390) (Version: - Test3 Projects)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2282366063-3535502615-78405977-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Tourage\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-2282366063-3535502615-78405977-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Tourage\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)

==================== Restore Points =========================

30-01-2015 02:01:12 Scheduled Checkpoint
16-02-2015 06:00:18 Scheduled Checkpoint
24-02-2015 14:16:20 Scheduled Checkpoint
27-02-2015 01:12:43 Revo Uninstaller Pro's restore point - TAP-Windows 9.9.2
27-02-2015 01:14:29 Revo Uninstaller Pro's restore point - TAP-Windows 9.9.2
27-02-2015 13:58:57 Restore Operation

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 10:25 - 2015-02-27 17:38 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {6FAAB507-6688-49FD-BD8C-2F14EA7DC397} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-20] (Google Inc.)
Task: {793A3BC5-890B-4FD9-96FC-8A91E42B462D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-20] (Google Inc.)
Task: {D27197E1-F755-43CA-814E-355C80F032FA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F28010EB-E934-45F0-BF95-13101A585614} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-01-20 15:46 - 2015-02-05 16:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 21:35 - 2015-01-20 21:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 21:35 - 2015-01-20 21:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-21 00:55 - 2010-07-12 13:39 - 00053248 _____ () C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
2014-01-20 15:27 - 2009-03-30 03:32 - 00032768 ____R () C:\Windows\DAODx.exe
2013-08-22 16:11 - 2013-08-22 16:11 - 00180224 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-05-24 14:28 - 2015-02-27 17:53 - 00289672 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
2014-01-20 15:54 - 2014-11-11 15:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 18:23 - 2014-12-01 21:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-22 13:44 - 2015-02-18 20:51 - 02360000 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-19 18:23 - 2014-12-01 21:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 18:23 - 2014-12-01 21:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-28 19:06 - 2014-12-01 18:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-28 19:06 - 2014-12-01 18:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-28 19:06 - 2014-12-01 18:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-28 19:06 - 2014-12-01 18:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-28 19:06 - 2014-12-01 18:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-01-20 15:54 - 2015-02-18 20:51 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-01-21 00:55 - 2012-12-05 09:40 - 00303104 _____ () C:\Program Files (x86)\D-Link\DWA-125 revA\WlanApp.dll
2014-01-21 00:55 - 2014-01-21 00:55 - 00315392 _____ () C:\Program Files (x86)\D-Link\DWA-125 revA\ANPDApi.dll
2014-01-20 15:54 - 2015-01-27 22:30 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-02-19 14:20 - 2015-02-17 19:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-19 14:20 - 2015-02-17 19:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-19 14:20 - 2015-02-17 19:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2015-02-19 14:20 - 2015-02-17 19:44 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll
2014-08-14 14:05 - 2015-01-27 22:30 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-06-30 21:45 - 2015-02-27 17:52 - 00224136 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\launcher.dll
2014-05-24 14:28 - 2015-02-27 17:52 - 00414088 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\tier0.dll
2014-06-30 21:37 - 2015-02-27 17:53 - 00344968 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\vstdlib.dll
2014-06-30 21:37 - 2015-02-27 17:52 - 00402312 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\filesystem_stdio.dll
2014-06-30 21:37 - 2015-02-27 17:52 - 05968776 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\engine.dll
2014-06-30 21:37 - 2015-02-27 17:52 - 01019272 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\networksystem.dll
2014-06-30 21:46 - 2015-02-27 17:52 - 00905096 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\inputsystem.dll
2014-06-30 21:37 - 2015-02-27 17:52 - 01179016 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\materialsystem.dll
2014-06-30 21:37 - 2015-02-27 17:52 - 00496008 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\datacache.dll
2014-06-30 21:37 - 2015-02-27 17:52 - 00638344 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\studiorender.dll
2014-06-30 21:46 - 2015-02-27 17:52 - 00179592 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\soundemittersystem.dll
2014-06-30 21:37 - 2015-02-27 17:53 - 01184136 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vphysics.dll
2014-06-30 21:37 - 2015-02-27 17:53 - 00928648 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vscript.dll
2014-06-30 21:37 - 2015-02-27 17:53 - 01442184 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vguimatsurface.dll
2014-06-30 21:37 - 2015-02-27 17:53 - 00475528 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vgui2.dll
2014-06-30 21:37 - 2015-02-27 17:52 - 05618568 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\scaleformui_4.dll
2014-06-30 21:37 - 2015-02-27 17:52 - 00978312 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\shaderapidx9.dll
2014-06-30 21:46 - 2015-02-27 17:52 - 00158600 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\localize.dll
2014-06-30 21:46 - 2015-02-27 17:52 - 00244616 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\stdshader_dbg.dll
2014-06-30 21:37 - 2015-02-27 17:52 - 01142152 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\stdshader_dx9.dll
2014-06-30 21:37 - 2015-02-27 17:53 - 21856648 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\bin\client.dll
2014-06-30 21:37 - 2015-02-27 17:53 - 19149192 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\bin\server.dll
2014-06-30 21:46 - 2015-02-27 17:52 - 00197000 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\scenefilecache.dll
2014-06-30 21:45 - 2015-02-27 17:53 - 00106888 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vaudio_miles.dll
2014-05-24 15:49 - 2014-05-24 15:49 - 00071680 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\mssmp3.asi
2014-05-24 15:49 - 2014-05-24 15:49 - 00153088 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\mssvoice.asi
2014-05-24 15:49 - 2014-05-24 15:49 - 00013312 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\mssds3d.flt
2014-05-24 15:49 - 2014-05-24 15:49 - 00055808 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\msseax.flt

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Tourage\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Tourage\SkyDrive.old:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2282366063-3535502615-78405977-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tourage\Pictures\dragwolf.jpg
DNS Servers: 201.10.128.2 - 201.10.120.2

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

==================== Accounts: =============================

Administrator (S-1-5-21-2282366063-3535502615-78405977-500 - Administrator - Disabled)
Guest (S-1-5-21-2282366063-3535502615-78405977-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2282366063-3535502615-78405977-1003 - Limited - Enabled)
Tourage (S-1-5-21-2282366063-3535502615-78405977-1001 - Administrator - Enabled) => C:\Users\Tourage

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/28/2015 05:33:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TunMirror.exe, version: 1.0.0.0, time stamp: 0x52808f30
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
Exception code: 0xe0434352
Fault offset: 0x00012f71
Faulting process id: 0x8a4
Faulting application start time: 0xTunMirror.exe0
Faulting application path: TunMirror.exe1
Faulting module path: TunMirror.exe2
Report Id: TunMirror.exe3
Faulting package full name: TunMirror.exe4
Faulting package-relative application ID: TunMirror.exe5

Error: (02/28/2015 05:33:27 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: TunMirror.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.OperationCanceledException
Stack:
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.FileStream.EndRead(System.IAsyncResult)
at TUN_TAP.TunTap.ReadDataCallback(System.IAsyncResult)
at System.IO.FileStreamAsyncResult.AsyncFSCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (02/27/2015 02:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1480) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Windows\system32\SRU\SRU02462.log.

Error: (02/27/2015 01:43:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TunMirror.exe, version: 1.0.0.0, time stamp: 0x52808f30
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
Exception code: 0xe0434352
Fault offset: 0x00012f71
Faulting process id: 0xbfc
Faulting application start time: 0xTunMirror.exe0
Faulting application path: TunMirror.exe1
Faulting module path: TunMirror.exe2
Report Id: TunMirror.exe3
Faulting package full name: TunMirror.exe4
Faulting package-relative application ID: TunMirror.exe5

Error: (02/27/2015 01:43:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: TunMirror.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentException
Stack:
at System.IO.FileStream..ctor(Microsoft.Win32.SafeHandles.SafeFileHandle, System.IO.FileAccess, Int32, Boolean)
at System.IO.FileStream..ctor(IntPtr, System.IO.FileAccess, Boolean, Int32, Boolean)
at TUN_TAP.TunTap.ThreadLoop()
at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (02/27/2015 01:22:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4438

Error: (02/27/2015 01:22:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4438

Error: (02/27/2015 10:08:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/27/2015 08:46:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TunMirror.exe, version: 1.0.0.0, time stamp: 0x52808f30
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
Exception code: 0xe0434352
Fault offset: 0x00012f71
Faulting process id: 0x9fc
Faulting application start time: 0xTunMirror.exe0
Faulting application path: TunMirror.exe1
Faulting module path: TunMirror.exe2
Report Id: TunMirror.exe3
Faulting package full name: TunMirror.exe4
Faulting package-relative application ID: TunMirror.exe5

Error: (02/27/2015 08:46:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: TunMirror.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentException
Stack:
at System.IO.FileStream..ctor(Microsoft.Win32.SafeHandles.SafeFileHandle, System.IO.FileAccess, Int32, Boolean)
at System.IO.FileStream..ctor(IntPtr, System.IO.FileAccess, Boolean, Int32, Boolean)
at TUN_TAP.TunTap.ThreadLoop()
at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()


System errors:
=============
Error: (02/28/2015 07:47:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TunMirror service failed to start due to the following error:
%%2

Error: (02/28/2015 05:33:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The TunMirror service terminated unexpectedly. It has done this 1 time(s).

Error: (02/28/2015 06:10:30 AM) (Source: DCOM) (EventID: 10010) (User: ARTHUR)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/28/2015 06:10:00 AM) (Source: DCOM) (EventID: 10010) (User: ARTHUR)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (02/28/2015 04:58:45 AM) (Source: DCOM) (EventID: 10010) (User: ARTHUR)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/28/2015 04:58:15 AM) (Source: DCOM) (EventID: 10010) (User: ARTHUR)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (02/27/2015 01:43:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The TunMirror service terminated unexpectedly. It has done this 1 time(s).

Error: (02/27/2015 09:09:38 AM) (Source: DCOM) (EventID: 10010) (User: ARTHUR)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (02/27/2015 08:46:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The TunMirror service terminated unexpectedly. It has done this 1 time(s).

Error: (02/27/2015 08:45:25 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 04:34:46 on ‎27/‎02/‎2015 was unexpected.


Microsoft Office Sessions:
=========================
Error: (02/28/2015 05:33:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TunMirror.exe1.0.0.052808f30KERNELBASE.dll6.3.9600.1727853eeb460e043435200012f718a401d052cd792d00e5C:\Users\Tourage\AppData\Local\Temp\BEDB.tmp\TunMirror.exeC:\Windows\SYSTEM32\KERNELBASE.dll0ca659dd-bf89-11e4-8306-74d02b31ae14

Error: (02/28/2015 05:33:27 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: TunMirror.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.OperationCanceledException
Stack:
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.FileStream.EndRead(System.IAsyncResult)
at TUN_TAP.TunTap.ReadDataCallback(System.IAsyncResult)
at System.IO.FileStreamAsyncResult.AsyncFSCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (02/27/2015 02:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost1480SRUJet: C:\Windows\system32\SRU\SRU02462.log-1811 (0xfffff8ed)

Error: (02/27/2015 01:43:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TunMirror.exe1.0.0.052808f30KERNELBASE.dll6.3.9600.1727853eeb460e043435200012f71bfc01d052ac605486e7C:\Users\Tourage\AppData\Local\Temp\BEDB.tmp\TunMirror.exeC:\Windows\SYSTEM32\KERNELBASE.dllb3311eee-be9f-11e4-8307-74d02b31ae14

Error: (02/27/2015 01:43:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: TunMirror.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentException
Stack:
at System.IO.FileStream..ctor(Microsoft.Win32.SafeHandles.SafeFileHandle, System.IO.FileAccess, Int32, Boolean)
at System.IO.FileStream..ctor(IntPtr, System.IO.FileAccess, Boolean, Int32, Boolean)
at TUN_TAP.TunTap.ThreadLoop()
at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (02/27/2015 01:22:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4438

Error: (02/27/2015 01:22:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4438

Error: (02/27/2015 10:08:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/27/2015 08:46:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: TunMirror.exe1.0.0.052808f30KERNELBASE.dll6.3.9600.1727853eeb460e043435200012f719fc01d05282f6a55173C:\Users\Tourage\AppData\Local\Temp\BEDB.tmp\TunMirror.exeC:\Windows\SYSTEM32\KERNELBASE.dll3e5437c2-be76-11e4-8306-34080428ca7c

Error: (02/27/2015 08:46:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: TunMirror.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentException
Stack:
at System.IO.FileStream..ctor(Microsoft.Win32.SafeHandles.SafeFileHandle, System.IO.FileAccess, Int32, Boolean)
at System.IO.FileStream..ctor(IntPtr, System.IO.FileAccess, Boolean, Int32, Boolean)
at TUN_TAP.TunTap.ThreadLoop()
at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()


CodeIntegrity Errors:
===================================
Date: 2014-12-18 05:31:38.857
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Microsoft signing level requirements.

Date: 2014-12-18 05:31:38.796
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Microsoft signing level requirements.

Date: 2014-12-18 05:31:38.740
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 47%
Total physical RAM: 8091.78 MB
Available physical RAM: 4213.88 MB
Total Pagefile: 10139.78 MB
Available Pagefile: 4962.21 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.42 GB) (Free:209.89 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 670FDBE9)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================






SHORTCUT:



Users shortcut scan result (x64) Version: 29-02-2015
Ran by Tourage at 2015-02-28 20:58:47
Running from C:\Users\Tourage\Downloads
Boot Mode: Normal
==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst.lnk -> C:\Program Files (x86)\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Alternate Start.lnk -> C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE (SUPERAdBlocker.com and SUPERAntiSpyware.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Free Edition.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Hexagon\Super Hexagon.lnk -> C:\Program Files (x86)\Super Hexagon\superhexagon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Hexagon\Uninstall Super Hexagon.lnk -> C:\Program Files (x86)\Super Hexagon\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro Help.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo Uninstaller Pro Help.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (VS Revo Group)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Uninstall Revo Uninstaller Pro.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Game Booster\Razer Game Booster.lnk -> C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe (Razer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Arc.lnk -> C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcLauncher.exe (Perfect World Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Reparar Arc.lnk -> C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcRepair.exe (Perfect World Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest\NCLauncher\Uninstall - NCLauncher.lnk -> C:\Program Files (x86)\NCWest\NCLauncher\Uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Middle Earth Shadow of Mordor\Middle Earth Shadow of Mordor.lnk -> C:\Program Files (x86)\Middle Earth Shadow of Mordor\x64\ShadowOfMordor.exe (WB Games, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Middle Earth Shadow of Mordor\Uninstall.lnk -> C:\Program Files (x86)\Middle Earth Shadow of Mordor\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Sobre o iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\pt.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone\Hearthstone.lnk -> C:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-125 revA\Connection Wizard.lnk -> C:\Program Files (x86)\D-Link\DWA-125 revA\D-Link Wizard.exe (D-Link Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-125 revA\Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-125 revA\AirNCFG.exe (D-Link Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Uninstall CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Ares.lnk -> C:\Program Files (x86)\Ares\Ares.exe (Seekar Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Homepage.lnk -> C:\Program Files (x86)\Ares\data\Homepage.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Host Chatroom.lnk -> C:\Program Files (x86)\Ares\chatServer.exe (Ares Development Group)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Uninstall.lnk -> C:\Program Files (x86)\Ares\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Tourage\Documents ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Tourage\Pictures ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\Users\Public\Desktop\Arc.lnk -> C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcLauncher.exe (Perfect World Entertainment)
Shortcut: C:\Users\Public\Desktop\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Public\Desktop\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Hearthstone.lnk -> C:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst.lnk -> C:\Program Files (x86)\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB.exe ()
Shortcut: C:\Users\Public\Desktop\Razer Game Booster.lnk -> C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe (Razer Inc.)
Shortcut: C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (VS Revo Group)
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\Public\Desktop\Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-125 revA\AirNCFG.exe (D-Link Corp.)
Shortcut: C:\Users\Tourage\Links\Desktop.lnk -> C:\Users\Tourage\Desktop ()
Shortcut: C:\Users\Tourage\Links\Downloads.lnk -> C:\Users\Tourage\Downloads ()
Shortcut: C:\Users\Tourage\Downloads\Music - Shortcut.lnk -> C:\Users\Tourage\Music ()
Shortcut: C:\Users\Tourage\Desktop\Middle Earth Shadow of Mordor.lnk -> C:\Program Files (x86)\Middle Earth Shadow of Mordor\x64\ShadowOfMordor.exe (WB Games, Inc.)
Shortcut: C:\Users\Tourage\Desktop\One Finger Death Punch.lnk -> C:\Games\One Finger Death Punch\One Finger Death Punch.exe (Silver Dollar Games)
Shortcut: C:\Users\Tourage\Desktop\Super Hexagon.lnk -> C:\Program Files (x86)\Super Hexagon\superhexagon.exe ()
Shortcut: C:\Users\Tourage\Desktop\µTorrent.lnk -> C:\Users\Tourage\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Tourage\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloads.lnk -> C:\Users\Tourage\Downloads ()
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\ReadMe.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\Doc\ReadMe.pdf ()
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\RivaTuner Statistics Server.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ()
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\Uninstall.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\Uninstall.exe ()
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\RivaTuner Statistics Server localization reference.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\SDK\Doc\Localization reference.pdf ()
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\RivaTuner Statistics Server skin format reference.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\SDK\Doc\USF skin format reference.pdf ()
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\Samples.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\SDK\Samples ()
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\One Finger Death Punch 1.0\Cat-A-Cat GAMES.lnk -> C:\Games\One Finger Death Punch\d.url ()
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\One Finger Death Punch 1.0\One Finger Death Punch.lnk -> C:\Games\One Finger Death Punch\One Finger Death Punch.exe (Silver Dollar Games)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\One Finger Death Punch 1.0\Uninstall.lnk -> C:\Games\One Finger Death Punch\Uninstall.exe ()
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\Tourage\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Hearthstone.lnk -> C:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk -> C:\Users\Tourage\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Registration-Activation.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware) -> /register
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Desinstalar Arc.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{CED8E25B-122A-4E80-B612-7F99B93284B3}\setup.exe (Perfect World Entertainment) -> -runfromtemp -l0x0416 -removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-125 revA\Uninstall.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{E45CACFE-0576-4375-A84F-C34B99A7B652}\setup.exe (Macrovision Corporation) -> -runfromtemp -l0x0816
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro on the Web.url -> hxxp://www.revouninstallerpro.com/
InternetURL: C:\Users\Tourage\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Tourage\Desktop\Counter-Strike Source.url -> steam://rungameid/240
InternetURL: C:\Users\Tourage\Desktop\Dota 2.url -> steam://rungameid/570
InternetURL: C:\Users\Tourage\Desktop\Left 4 Dead 2.url -> steam://rungameid/550
InternetURL: C:\Users\Tourage\Desktop\leak\Victoria Justice\Как установить моды и карты для Beamng Drive.url -> 0

==================== End of log =============================
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Those logs are clear. Did you reset your browsers? Does the issue continue?
 

tourage

Thread Starter
Joined
Feb 28, 2015
Messages
4
Those logs are clear. Did you reset your browsers? Does the issue continue?
yeah, reseted my browser and it still isn't fixed... that Ad borderline is showing up even in websites that I used to use everyday. I also did 2 restore system, in the beginning it looked like it was fixed, but it started appearing again.

I'm running out of options. I really didn't want to resort to format my pc
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Download the latest AdwCleaner from here. Save the file to the desktop.

NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.
  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:

  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be deleted.
  • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this

  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

Update Malwarebytes Antimalware and perform a scan:
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.

Post the MBAM Scan report.
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Also:

Download SuperAntiSpyware
  • Load SuperAntiSpyware and click the Check for updates button.
  • Once the update is finished click the Scan your computer button.
  • Check Perform Complete Scan and then next.
  • SuperAntiSpyware will now scan your computer and when its finished it will list all the infections it has found.
  • Make sure that they all have a check next to them and press next.
  • Click finish and you will be taken back to the main interface.
  • Click Preferences and then click the statistics/logs tab. Click the dated log and press view log and a text file will appear.
  • Copy and paste the log onto the forum.
 

tourage

Thread Starter
Joined
Feb 28, 2015
Messages
4
thanks for all the help, I've tried all the program, but I'll format the PC tomorrow.
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Thanks for the feedback.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top