1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Unremovable Adware on my browsers. (If you help me, I'll make you my deity).

Discussion in 'Virus & Other Malware Removal' started by tourage, Feb 28, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. tourage

    tourage Thread Starter

    Joined:
    Feb 28, 2015
    Messages:
    4
    [​IMG]

    Can you see it? It's a black square with the "X - close" option on the upper-right corner... it always appears on the same place in lots of websites.

    Here are some facts that may help you out help me out.
    1- It happens in both Google Chrome and Internet Explorer.

    2- If I turn my Adblock off, the advertisement appears inside the borderline(square).

    3- I have 4 extensions on chrome, but I've tried deactivating and nothing changes.(since it happens in IE also, this may not be the problem).

    4- I've tried using Avast scan, Malwarebyte, Adwcleaner, SUPERantispyware, but didn't help at all.

    5- I've searched for something weird installed on my PC in "Programs and Features" and also with the Revouninstaller, but didn't find anything.

    6- My last resort was to use a Restore Point... After I restored the black borderlines weren't showing up, but after some time they started appearing... tried restoring 2 times, but the same thing happened.


    Please Help me, I don't feel like formating my PC because of this crap. But if it persists I'll have too.

    halpppp
     
  2. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Welcome. :)

    Lets give it a try.

    First, reset your browsers to default. For instructions read here.

    If resetting your browser wont help, lets take a look at your settings:

    Please download Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The tool will also produce another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.
     
  3. tourage

    tourage Thread Starter

    Joined:
    Feb 28, 2015
    Messages:
    4
    FRST:

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015
    Ran by Tourage (administrator) on ARTHUR on 28-02-2015 20:56:53
    Running from C:\Users\Tourage\Downloads
    Loaded Profiles: Tourage (Available profiles: Tourage)
    Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    () C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (My Digital Life Forums) C:\Users\Tourage\AppData\Local\Temp\BEDB.tmp\KMSServerService.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
    () C:\Windows\DAODx.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\livecomm.exe
    (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    (D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-125 revA\AirNCFG.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    () C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
    HKLM-x32\...\Run: [D-Link D-Link DWA-125] => C:\Program Files (x86)\D-Link\DWA-125 revA\AirNCFG.exe [1079600 2013-01-28] (D-Link Corp.)
    Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
    HKU\S-1-5-21-2282366063-3535502615-78405977-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-18] (Valve Corporation)
    HKU\S-1-5-21-2282366063-3535502615-78405977-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-22] (SUPERAntiSpyware)
    HKU\S-1-5-21-2282366063-3535502615-78405977-1001\...\MountPoints2: {3a5eadba-81fe-11e3-824c-806e6f6e6963} - "E:\.\Bin\ASSETUP.exe"

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-2282366063-3535502615-78405977-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pt-br/?ocid=iehp
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
    BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1754664 2014-07-31] (Banco do Brasil)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.0.1
    Tcpip\..\Interfaces\{303AF7F5-671A-4915-973F-518C02E62199}: [NameServer] 201.10.128.2,201.10.120.2

    FireFox:
    ========
    FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin HKU\S-1-5-21-2282366063-3535502615-78405977-1001: gastecnologia.com.br/sf/bb -> C:\Users\Tourage\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
    FF Plugin HKU\S-1-5-21-2282366063-3535502615-78405977-1001: gastecnologia.com.br/sf/gas64 -> C:\Users\Tourage\AppData\Local\GAS Tecnologia\GBBD\npsf_gas_64.dll No File

    Chrome:
    =======
    CHR HomePage: Default ->
    CHR StartupUrls: Default -> "", "hxxp://www.google.com", "hxxp://www.google.com/"
    CHR Profile: C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Docs) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-20]
    CHR Extension: (Google Drive) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-20]
    CHR Extension: (YouTube) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-20]
    CHR Extension: (Google Search) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-20]
    CHR Extension: (Adblock Super) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-02-27]
    CHR Extension: (Dota 2 Lounge Auto Bump & Price) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpmkcegkpahigpmpdeiakkcndihnaekc [2014-10-09]
    CHR Extension: (GBBD Banco do Brasil) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkeabchhfifpaaoefpockjhaphjmoapp [2014-04-28]
    CHR Extension: (Google Wallet) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-20]
    CHR Extension: (Gmail) - C:\Users\Tourage\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-20]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
    S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-05-05] (Perfect World Entertainment Inc)
    R2 D_Link_DWA-125_WPS; C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe [53248 2010-07-12] () [File not signed]
    R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [546104 2014-07-21] (GAS Tecnologia)
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
    R2 KMSServerService; C:\Users\Tourage\AppData\Local\Temp\BEDB.tmp\KMSServerService.exe [260608 2014-11-17] (My Digital Life Forums) [File not signed]
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
    R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
    S2 TunMirror; "C:\Users\Tourage\AppData\Local\Temp\BEDB.tmp\TunMirror.exe" [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R1 anodlwf; C:\Windows\system32\DRIVERS\anodlwfx.sys [15872 2010-05-29] ()
    R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
    R3 netr28ux; C:\Windows\system32\DRIVERS\Dnetr28ux.sys [1979464 2012-09-28] (Ralink Technology Corp.)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
    R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
    S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-28 20:56 - 2015-02-28 20:57 - 00015586 _____ () C:\Users\Tourage\Downloads\FRST.txt
    2015-02-28 20:49 - 2015-02-28 20:56 - 00000000 ____D () C:\FRST
    2015-02-28 20:45 - 2015-02-28 20:48 - 02092544 _____ (Farbar) C:\Users\Tourage\Downloads\FRST64.exe
    2015-02-28 19:17 - 2015-02-28 19:52 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2015-02-28 19:17 - 2015-02-28 19:17 - 00001820 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    2015-02-28 19:17 - 2015-02-28 19:17 - 00000000 ____D () C:\Users\Tourage\AppData\Roaming\SUPERAntiSpyware.com
    2015-02-28 19:17 - 2015-02-28 19:17 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
    2015-02-28 19:17 - 2015-02-28 19:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2015-02-28 19:06 - 2015-02-28 19:07 - 21037696 _____ (SUPERAntiSpyware) C:\Users\Tourage\Downloads\SUPERAntiSpyware.exe
    2015-02-28 15:48 - 2015-02-28 16:57 - 342850041 _____ () C:\Users\Tourage\Downloads\[HorribleSubs] Magic Kaito 1412 - 04 [720p].mkv
    2015-02-28 15:46 - 2015-02-28 16:57 - 343401598 _____ () C:\Users\Tourage\Downloads\[HorribleSubs] Magic Kaito 1412 - 03 [720p].mkv
    2015-02-28 15:46 - 2015-02-28 16:57 - 342653341 _____ () C:\Users\Tourage\Downloads\[HorribleSubs] Magic Kaito 1412 - 02 [720p].mkv
    2015-02-28 15:45 - 2015-02-28 16:57 - 343144824 _____ () C:\Users\Tourage\Downloads\[HorribleSubs] Magic Kaito 1412 - 01 [720p].mkv
    2015-02-28 15:43 - 2015-02-28 16:34 - 337729596 ____R () C:\Users\Tourage\Downloads\[HorribleSubs] Aldnoah Zero - 20 [720p].mkv
    2015-02-28 15:43 - 2015-02-28 16:19 - 350756369 ____R () C:\Users\Tourage\Downloads\[HorribleSubs] Log Horizon 2 - 21 [720p].mkv
    2015-02-28 04:46 - 2015-02-28 04:55 - 00000000 ____D () C:\Users\Tourage\Downloads\How.to.Get.Away.with.Murder.S01E09.HDTV.x264-LOL[ettv]
    2015-02-28 04:45 - 2015-02-28 06:20 - 255321232 _____ () C:\Users\Tourage\Downloads\How.to.Get.Away.with.Murder.S01E10.HDTV.x264-LOL.mp4
    2015-02-28 04:45 - 2015-02-28 06:20 - 220977590 _____ () C:\Users\Tourage\Downloads\How.to.Get.Away.with.Murder.S01E08.HDTV.x264-LOL.mp4
    2015-02-27 22:32 - 2015-02-27 23:43 - 00000000 ____D () C:\Users\Tourage\Downloads\House.of.Cards.2013.S02.720p.BluRay.x264-DEMAND
    2015-02-27 18:53 - 2015-02-27 22:32 - 325735757 ____R () C:\Users\Tourage\Downloads\[HorribleSubs] Saekano - 07 [720p].mkv
    2015-02-27 18:53 - 2015-02-27 19:09 - 327443139 ____R () C:\Users\Tourage\Downloads\[HorribleSubs] Shigatsu wa Kimi no Uso - 19 [720p].mkv
    2015-02-27 13:45 - 2015-02-27 13:45 - 00000197 _____ () C:\Windows\system32\2015-02-27-16-45-05.048-AvastVBoxSVC.exe-4136.log
    2015-02-27 13:34 - 2015-02-27 13:40 - 00000000 ____D () C:\AdwCleaner
    2015-02-27 08:48 - 2015-02-27 08:50 - 00000197 _____ () C:\Windows\system32\2015-02-27-11-48-21.016-AvastVBoxSVC.exe-3004.log
    2015-02-27 03:57 - 2015-02-27 03:57 - 00000247 _____ () C:\Windows\system32\2015-02-27-06-57-09.058-aswFe.exe-5296.log
    2015-02-27 03:51 - 2015-02-27 03:57 - 00000247 _____ () C:\Windows\system32\2015-02-27-06-51-36.061-aswFe.exe-3804.log
    2015-02-27 03:51 - 2015-02-27 03:51 - 00000197 _____ () C:\Windows\system32\2015-02-27-06-51-34.000-AvastVBoxSVC.exe-7372.log
    2015-02-27 01:28 - 2015-02-27 01:28 - 00000000 ____D () C:\Users\Tourage\AppData\Roaming\AVAST Software
    2015-02-27 01:22 - 2015-02-27 13:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-02-27 01:22 - 2015-02-27 01:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2015-02-27 01:22 - 2015-02-27 01:22 - 00000000 ____D () C:\Program Files\AVAST Software
    2015-02-27 01:20 - 2015-02-27 01:22 - 00000000 ____D () C:\ProgramData\AVAST Software
    2015-02-26 15:01 - 2015-02-27 01:59 - 00000000 ____D () C:\Users\Tourage\Downloads\The.100.S02E14.720p.HDTV.x264-KILLERS [GloDLS]
    2015-02-26 14:59 - 2015-02-27 01:59 - 00000000 ____D () C:\Users\Tourage\Downloads\Suits.S04E15.720p.HDTV.x264-KILLERS [GloDLS]
    2015-02-25 22:53 - 2015-02-26 02:43 - 00000000 ____D () C:\Users\Tourage\Downloads\How To Get Away With Murder S01E07 HDTV x264-LOL[ettv]
    2015-02-25 22:53 - 2015-02-26 02:43 - 00000000 ____D () C:\Users\Tourage\Downloads\How To Get Away With Murder S01E05 HDTV x264-LOL[ettv]
    2015-02-23 13:46 - 2015-02-27 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2015-02-23 13:46 - 2015-02-23 13:46 - 00001765 _____ () C:\Users\Public\Desktop\iTunes.lnk
    2015-02-23 13:45 - 2015-02-27 17:38 - 00000000 ____D () C:\Program Files\iTunes
    2015-02-23 13:45 - 2015-02-27 17:37 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
    2015-02-23 13:45 - 2015-02-27 17:37 - 00000000 ____D () C:\Program Files\iPod
    2015-02-23 13:45 - 2015-02-27 17:37 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2015-02-19 15:21 - 2015-02-19 15:21 - 00000000 ____D () C:\Users\Tourage\AppData\Local\Steam
    2015-02-15 19:20 - 2015-02-15 19:20 - 00002149 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
    2015-02-15 19:19 - 2015-02-05 14:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
    2015-02-15 19:18 - 2015-02-05 18:01 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 17253848 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
    2015-02-15 19:18 - 2015-02-05 18:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 00833680 _____ () C:\Windows\system32\nvmcumd.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 00399504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
    2015-02-15 19:18 - 2015-02-05 18:01 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-28 20:18 - 2014-01-20 15:28 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-02-28 20:18 - 2014-01-20 15:28 - 00001086 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-02-28 20:11 - 2014-01-20 15:15 - 01736233 _____ () C:\Windows\WindowsUpdate.log
    2015-02-28 20:00 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\system32\sru
    2015-02-28 19:57 - 2014-01-20 15:50 - 00000000 ____D () C:\Program Files (x86)\Steam
    2015-02-28 19:56 - 2014-01-20 15:29 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2282366063-3535502615-78405977-1001
    2015-02-28 19:51 - 2014-01-20 15:29 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-02-28 19:47 - 2014-02-08 16:12 - 00000000 ____D () C:\ProgramData\GbPlugin
    2015-02-28 19:47 - 2013-08-22 11:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-02-28 19:46 - 2014-06-01 00:32 - 00000000 ____D () C:\Program Files (x86)\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst
    2015-02-28 19:46 - 2014-01-20 15:46 - 00000000 ____D () C:\ProgramData\NVIDIA
    2015-02-28 19:46 - 2014-01-20 15:11 - 00012220 _____ () C:\Windows\PFRO.log
    2015-02-28 19:46 - 2013-08-22 10:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
    2015-02-28 16:57 - 2014-01-20 15:51 - 00000000 ____D () C:\Users\Tourage\AppData\Roaming\uTorrent
    2015-02-27 23:30 - 2014-02-08 16:11 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
    2015-02-27 17:39 - 2014-01-20 15:22 - 00000000 ____D () C:\Users\Tourage
    2015-02-27 17:38 - 2014-02-08 16:12 - 00000000 ____D () C:\Program Files (x86)\GbPlugin
    2015-02-27 17:37 - 2014-12-29 16:18 - 00000000 ____D () C:\Users\Tourage\AppData\Local\Hero_Siege
    2015-02-27 17:37 - 2014-01-20 15:54 - 00000000 ____D () C:\Program Files\Common Files\Apple
    2015-02-27 17:37 - 2014-01-20 15:52 - 00000000 ____D () C:\Users\Tourage\AppData\Roaming\vlc
    2015-02-27 17:37 - 2014-01-20 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-02-27 17:37 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\AppCompat
    2015-02-27 17:31 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\registration
    2015-02-27 17:29 - 2014-08-20 00:02 - 00000000 ____D () C:\Users\Tourage\AppData\Local\GAS Tecnologia
    2015-02-27 00:40 - 2014-02-08 16:11 - 00000000 ____D () C:\ProgramData\boost_interprocess
    2015-02-25 16:03 - 2013-08-22 11:46 - 00018158 _____ () C:\Windows\setupact.log
    2015-02-19 14:20 - 2014-01-20 15:32 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2015-02-15 19:20 - 2014-01-20 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2015-02-15 19:13 - 2014-01-20 15:28 - 00004062 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-02-15 19:13 - 2014-01-20 15:28 - 00003826 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-02-05 18:01 - 2014-11-24 15:58 - 02902784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2015-02-05 18:01 - 2014-06-20 13:44 - 16017040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2015-02-05 18:01 - 2014-01-20 15:43 - 18575880 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
    2015-02-05 18:01 - 2014-01-20 15:43 - 14119744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
    2015-02-05 18:01 - 2014-01-20 15:43 - 03299512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
    2015-02-05 18:01 - 2014-01-20 15:43 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
    2015-02-05 16:07 - 2014-01-20 15:46 - 06861128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2015-02-05 16:07 - 2014-01-20 15:46 - 03517584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
    2015-02-05 16:07 - 2014-01-20 15:46 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2015-02-05 16:07 - 2014-01-20 15:46 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    2015-02-05 16:07 - 2014-01-20 15:46 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2015-02-05 16:06 - 2014-01-20 15:46 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2015-02-05 09:50 - 2014-01-20 15:46 - 04236870 _____ () C:\Windows\system32\nvcoproc.bin

    ==================== Files in the root of some directories =======

    2014-05-20 14:46 - 2014-12-05 00:26 - 0000253 _____ () C:\Users\Tourage\AppData\Roaming\ANICONFIG_{303AF7F5-671A-4915-973F-518C02E62199}.ini
    2014-08-20 00:02 - 2014-08-20 00:02 - 0016863 _____ () C:\Users\Tourage\AppData\Roaming\unins000.dat
    2014-08-20 00:02 - 2014-08-20 00:02 - 0813217 _____ () C:\Users\Tourage\AppData\Roaming\unins000.exe
    2014-01-24 14:59 - 2014-01-24 14:59 - 0000038 ___SH () C:\Users\Tourage\AppData\Local\30cb054b51a6e2f65d62f4.62716000

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-02-26 02:26






    Addition

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-02-2015
    Ran by Tourage at 2015-02-28 20:57:50
    Running from C:\Users\Tourage\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-2282366063-3535502615-78405977-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
    Afterfall InSanity Extended Edition (HKLM-x32\...\Steam App 224420) (Version: - Intoxicate Studios)
    AMD Catalyst Install Manager (HKLM\...\{5DDB9EF7-1BC0-C9C1-9829-6B9CF68AC357}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
    Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
    Ares 2.2.6 (HKLM-x32\...\Ares) (Version: 2.2.6-Build#3050 - Seekar Ltd)
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
    Bleed (HKLM-x32\...\Steam App 239800) (Version: - Ian Campbell)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
    Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
    CPUID CPU-Z 1.68 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
    Defy Gravity (HKLM-x32\...\Steam App 96100) (Version: - Fish Factory Games)
    D-Link DWA-125 (HKLM-x32\...\{E45CACFE-0576-4375-A84F-C34B99A7B652}) (Version: - D-Link)
    Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
    Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
    Dungeons & Dragons: Chronicles of Mystara (HKLM-x32\...\Steam App 229480) (Version: - Iron Galaxy Studios)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    Gun Monkeys (HKLM-x32\...\Steam App 239450) (Version: - Size Five Games)
    Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
    Hero Siege (HKLM-x32\...\Steam App 269210) (Version: - Elias Viglione)
    Injustice: Gods Among Us Ultimate Edition (HKLM-x32\...\Steam App 242700) (Version: - NetherRealm Studios)
    Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
    iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
    Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
    Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
    Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
    Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version: - )
    Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.11.0.1 - )
    NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\TkFSVVRPU0hJUFBVREVOVWx0aW1hdGVOaW5qYVNUT1JNM0Z1~D4302771_is1) (Version: 1 - )
    NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
    NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
    NVIDIA Miracast Virtual Audio 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.52 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    One Finger Death Punch 1.0 (HKLM-x32\...\One Finger Death Punch 1.0) (Version: 1.0 - Cat-A-Cat)
    One Way Heroics (HKLM-x32\...\Steam App 266210) (Version: - Smoking WOLF)
    Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
    Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
    RivaTuner Statistics Server 6.0.0 (HKLM-x32\...\RTSS) (Version: 6.0.0 - Unwinder)
    SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
    Super Hexagon (HKLM-x32\...\Super Hexagon_is1) (Version: 1.0 - compiled by testncrash)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
    Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
    Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
    System Requirements Lab CYRI (HKLM-x32\...\{1110A014-1471-4B66-BFDC-E8EED120CC59}) (Version: 6.0.20.0 - Husdawg, LLC)
    TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
    Teleglitch: Die More Edition (HKLM-x32\...\Steam App 234390) (Version: - Test3 Projects)
    The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
    Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte)
    VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
    WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-2282366063-3535502615-78405977-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Tourage\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
    CustomCLSID: HKU\S-1-5-21-2282366063-3535502615-78405977-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Tourage\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)

    ==================== Restore Points =========================

    30-01-2015 02:01:12 Scheduled Checkpoint
    16-02-2015 06:00:18 Scheduled Checkpoint
    24-02-2015 14:16:20 Scheduled Checkpoint
    27-02-2015 01:12:43 Revo Uninstaller Pro's restore point - TAP-Windows 9.9.2
    27-02-2015 01:14:29 Revo Uninstaller Pro's restore point - TAP-Windows 9.9.2
    27-02-2015 13:58:57 Restore Operation

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 10:25 - 2015-02-27 17:38 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {6FAAB507-6688-49FD-BD8C-2F14EA7DC397} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-20] (Google Inc.)
    Task: {793A3BC5-890B-4FD9-96FC-8A91E42B462D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-20] (Google Inc.)
    Task: {D27197E1-F755-43CA-814E-355C80F032FA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {F28010EB-E934-45F0-BF95-13101A585614} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) ==============

    2014-01-20 15:46 - 2015-02-05 16:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2015-01-20 21:35 - 2015-01-20 21:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-01-20 21:35 - 2015-01-20 21:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-01-21 00:55 - 2010-07-12 13:39 - 00053248 _____ () C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
    2014-01-20 15:27 - 2009-03-30 03:32 - 00032768 ____R () C:\Windows\DAODx.exe
    2013-08-22 16:11 - 2013-08-22 16:11 - 00180224 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\ErrorReporting.dll
    2014-05-24 14:28 - 2015-02-27 17:53 - 00289672 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
    2014-01-20 15:54 - 2014-11-11 15:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
    2015-01-19 18:23 - 2014-12-01 21:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
    2014-05-22 13:44 - 2015-02-18 20:51 - 02360000 _____ () C:\Program Files (x86)\Steam\video.dll
    2015-01-19 18:23 - 2014-12-01 21:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
    2015-01-19 18:23 - 2014-12-01 21:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
    2014-08-28 19:06 - 2014-12-01 18:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
    2014-08-28 19:06 - 2014-12-01 18:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
    2014-08-28 19:06 - 2014-12-01 18:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
    2014-08-28 19:06 - 2014-12-01 18:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
    2014-08-28 19:06 - 2014-12-01 18:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
    2014-01-20 15:54 - 2015-02-18 20:51 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
    2014-01-21 00:55 - 2012-12-05 09:40 - 00303104 _____ () C:\Program Files (x86)\D-Link\DWA-125 revA\WlanApp.dll
    2014-01-21 00:55 - 2014-01-21 00:55 - 00315392 _____ () C:\Program Files (x86)\D-Link\DWA-125 revA\ANPDApi.dll
    2014-01-20 15:54 - 2015-01-27 22:30 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
    2015-02-19 14:20 - 2015-02-17 19:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
    2015-02-19 14:20 - 2015-02-17 19:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
    2015-02-19 14:20 - 2015-02-17 19:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
    2015-02-19 14:20 - 2015-02-17 19:44 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll
    2014-08-14 14:05 - 2015-01-27 22:30 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
    2014-06-30 21:45 - 2015-02-27 17:52 - 00224136 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\launcher.dll
    2014-05-24 14:28 - 2015-02-27 17:52 - 00414088 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\tier0.dll
    2014-06-30 21:37 - 2015-02-27 17:53 - 00344968 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\vstdlib.dll
    2014-06-30 21:37 - 2015-02-27 17:52 - 00402312 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\filesystem_stdio.dll
    2014-06-30 21:37 - 2015-02-27 17:52 - 05968776 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\engine.dll
    2014-06-30 21:37 - 2015-02-27 17:52 - 01019272 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\networksystem.dll
    2014-06-30 21:46 - 2015-02-27 17:52 - 00905096 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\inputsystem.dll
    2014-06-30 21:37 - 2015-02-27 17:52 - 01179016 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\materialsystem.dll
    2014-06-30 21:37 - 2015-02-27 17:52 - 00496008 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\datacache.dll
    2014-06-30 21:37 - 2015-02-27 17:52 - 00638344 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\studiorender.dll
    2014-06-30 21:46 - 2015-02-27 17:52 - 00179592 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\soundemittersystem.dll
    2014-06-30 21:37 - 2015-02-27 17:53 - 01184136 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vphysics.dll
    2014-06-30 21:37 - 2015-02-27 17:53 - 00928648 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vscript.dll
    2014-06-30 21:37 - 2015-02-27 17:53 - 01442184 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vguimatsurface.dll
    2014-06-30 21:37 - 2015-02-27 17:53 - 00475528 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vgui2.dll
    2014-06-30 21:37 - 2015-02-27 17:52 - 05618568 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\scaleformui_4.dll
    2014-06-30 21:37 - 2015-02-27 17:52 - 00978312 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\shaderapidx9.dll
    2014-06-30 21:46 - 2015-02-27 17:52 - 00158600 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\localize.dll
    2014-06-30 21:46 - 2015-02-27 17:52 - 00244616 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\stdshader_dbg.dll
    2014-06-30 21:37 - 2015-02-27 17:52 - 01142152 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\stdshader_dx9.dll
    2014-06-30 21:37 - 2015-02-27 17:53 - 21856648 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\bin\client.dll
    2014-06-30 21:37 - 2015-02-27 17:53 - 19149192 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\bin\server.dll
    2014-06-30 21:46 - 2015-02-27 17:52 - 00197000 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\scenefilecache.dll
    2014-06-30 21:45 - 2015-02-27 17:53 - 00106888 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vaudio_miles.dll
    2014-05-24 15:49 - 2014-05-24 15:49 - 00071680 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\mssmp3.asi
    2014-05-24 15:49 - 2014-05-24 15:49 - 00153088 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\mssvoice.asi
    2014-05-24 15:49 - 2014-05-24 15:49 - 00013312 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\mssds3d.flt
    2014-05-24 15:49 - 2014-05-24 15:49 - 00055808 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\msseax.flt

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\Users\Tourage\SkyDrive:ms-properties
    AlternateDataStreams: C:\Users\Tourage\SkyDrive.old:ms-properties

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2282366063-3535502615-78405977-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tourage\Pictures\dragwolf.jpg
    DNS Servers: 201.10.128.2 - 201.10.120.2

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    HKLM\...\StartupApproved\Run: => "ShadowPlay"
    HKLM\...\StartupApproved\Run32: => "APSDaemon"
    HKLM\...\StartupApproved\Run32: => "iTunesHelper"
    HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

    ==================== Accounts: =============================

    Administrator (S-1-5-21-2282366063-3535502615-78405977-500 - Administrator - Disabled)
    Guest (S-1-5-21-2282366063-3535502615-78405977-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2282366063-3535502615-78405977-1003 - Limited - Enabled)
    Tourage (S-1-5-21-2282366063-3535502615-78405977-1001 - Administrator - Enabled) => C:\Users\Tourage

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/28/2015 05:33:28 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: TunMirror.exe, version: 1.0.0.0, time stamp: 0x52808f30
    Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
    Exception code: 0xe0434352
    Fault offset: 0x00012f71
    Faulting process id: 0x8a4
    Faulting application start time: 0xTunMirror.exe0
    Faulting application path: TunMirror.exe1
    Faulting module path: TunMirror.exe2
    Report Id: TunMirror.exe3
    Faulting package full name: TunMirror.exe4
    Faulting package-relative application ID: TunMirror.exe5

    Error: (02/28/2015 05:33:27 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: TunMirror.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.OperationCanceledException
    Stack:
    at System.IO.__Error.WinIOError(Int32, System.String)
    at System.IO.FileStream.EndRead(System.IAsyncResult)
    at TUN_TAP.TunTap.ReadDataCallback(System.IAsyncResult)
    at System.IO.FileStreamAsyncResult.AsyncFSCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
    at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

    Error: (02/27/2015 02:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (1480) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Windows\system32\SRU\SRU02462.log.

    Error: (02/27/2015 01:43:05 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: TunMirror.exe, version: 1.0.0.0, time stamp: 0x52808f30
    Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
    Exception code: 0xe0434352
    Fault offset: 0x00012f71
    Faulting process id: 0xbfc
    Faulting application start time: 0xTunMirror.exe0
    Faulting application path: TunMirror.exe1
    Faulting module path: TunMirror.exe2
    Report Id: TunMirror.exe3
    Faulting package full name: TunMirror.exe4
    Faulting package-relative application ID: TunMirror.exe5

    Error: (02/27/2015 01:43:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: TunMirror.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.ArgumentException
    Stack:
    at System.IO.FileStream..ctor(Microsoft.Win32.SafeHandles.SafeFileHandle, System.IO.FileAccess, Int32, Boolean)
    at System.IO.FileStream..ctor(IntPtr, System.IO.FileAccess, Boolean, Int32, Boolean)
    at TUN_TAP.TunTap.ThreadLoop()
    at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
    at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
    at System.Threading.ThreadHelper.ThreadStart()

    Error: (02/27/2015 01:22:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 4438

    Error: (02/27/2015 01:22:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 4438

    Error: (02/27/2015 10:08:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (02/27/2015 08:46:19 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: TunMirror.exe, version: 1.0.0.0, time stamp: 0x52808f30
    Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
    Exception code: 0xe0434352
    Fault offset: 0x00012f71
    Faulting process id: 0x9fc
    Faulting application start time: 0xTunMirror.exe0
    Faulting application path: TunMirror.exe1
    Faulting module path: TunMirror.exe2
    Report Id: TunMirror.exe3
    Faulting package full name: TunMirror.exe4
    Faulting package-relative application ID: TunMirror.exe5

    Error: (02/27/2015 08:46:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: TunMirror.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.ArgumentException
    Stack:
    at System.IO.FileStream..ctor(Microsoft.Win32.SafeHandles.SafeFileHandle, System.IO.FileAccess, Int32, Boolean)
    at System.IO.FileStream..ctor(IntPtr, System.IO.FileAccess, Boolean, Int32, Boolean)
    at TUN_TAP.TunTap.ThreadLoop()
    at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
    at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
    at System.Threading.ThreadHelper.ThreadStart()


    System errors:
    =============
    Error: (02/28/2015 07:47:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The TunMirror service failed to start due to the following error:
    %%2

    Error: (02/28/2015 05:33:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The TunMirror service terminated unexpectedly. It has done this 1 time(s).

    Error: (02/28/2015 06:10:30 AM) (Source: DCOM) (EventID: 10010) (User: ARTHUR)
    Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

    Error: (02/28/2015 06:10:00 AM) (Source: DCOM) (EventID: 10010) (User: ARTHUR)
    Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

    Error: (02/28/2015 04:58:45 AM) (Source: DCOM) (EventID: 10010) (User: ARTHUR)
    Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

    Error: (02/28/2015 04:58:15 AM) (Source: DCOM) (EventID: 10010) (User: ARTHUR)
    Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

    Error: (02/27/2015 01:43:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The TunMirror service terminated unexpectedly. It has done this 1 time(s).

    Error: (02/27/2015 09:09:38 AM) (Source: DCOM) (EventID: 10010) (User: ARTHUR)
    Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

    Error: (02/27/2015 08:46:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The TunMirror service terminated unexpectedly. It has done this 1 time(s).

    Error: (02/27/2015 08:45:25 AM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 04:34:46 on ‎27/‎02/‎2015 was unexpected.


    Microsoft Office Sessions:
    =========================
    Error: (02/28/2015 05:33:28 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: TunMirror.exe1.0.0.052808f30KERNELBASE.dll6.3.9600.1727853eeb460e043435200012f718a401d052cd792d00e5C:\Users\Tourage\AppData\Local\Temp\BEDB.tmp\TunMirror.exeC:\Windows\SYSTEM32\KERNELBASE.dll0ca659dd-bf89-11e4-8306-74d02b31ae14

    Error: (02/28/2015 05:33:27 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: TunMirror.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.OperationCanceledException
    Stack:
    at System.IO.__Error.WinIOError(Int32, System.String)
    at System.IO.FileStream.EndRead(System.IAsyncResult)
    at TUN_TAP.TunTap.ReadDataCallback(System.IAsyncResult)
    at System.IO.FileStreamAsyncResult.AsyncFSCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
    at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

    Error: (02/27/2015 02:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost1480SRUJet: C:\Windows\system32\SRU\SRU02462.log-1811 (0xfffff8ed)

    Error: (02/27/2015 01:43:05 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: TunMirror.exe1.0.0.052808f30KERNELBASE.dll6.3.9600.1727853eeb460e043435200012f71bfc01d052ac605486e7C:\Users\Tourage\AppData\Local\Temp\BEDB.tmp\TunMirror.exeC:\Windows\SYSTEM32\KERNELBASE.dllb3311eee-be9f-11e4-8307-74d02b31ae14

    Error: (02/27/2015 01:43:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: TunMirror.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.ArgumentException
    Stack:
    at System.IO.FileStream..ctor(Microsoft.Win32.SafeHandles.SafeFileHandle, System.IO.FileAccess, Int32, Boolean)
    at System.IO.FileStream..ctor(IntPtr, System.IO.FileAccess, Boolean, Int32, Boolean)
    at TUN_TAP.TunTap.ThreadLoop()
    at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
    at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
    at System.Threading.ThreadHelper.ThreadStart()

    Error: (02/27/2015 01:22:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 4438

    Error: (02/27/2015 01:22:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 4438

    Error: (02/27/2015 10:08:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (02/27/2015 08:46:19 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: TunMirror.exe1.0.0.052808f30KERNELBASE.dll6.3.9600.1727853eeb460e043435200012f719fc01d05282f6a55173C:\Users\Tourage\AppData\Local\Temp\BEDB.tmp\TunMirror.exeC:\Windows\SYSTEM32\KERNELBASE.dll3e5437c2-be76-11e4-8306-34080428ca7c

    Error: (02/27/2015 08:46:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: TunMirror.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.ArgumentException
    Stack:
    at System.IO.FileStream..ctor(Microsoft.Win32.SafeHandles.SafeFileHandle, System.IO.FileAccess, Int32, Boolean)
    at System.IO.FileStream..ctor(IntPtr, System.IO.FileAccess, Boolean, Int32, Boolean)
    at TUN_TAP.TunTap.ThreadLoop()
    at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
    at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
    at System.Threading.ThreadHelper.ThreadStart()


    CodeIntegrity Errors:
    ===================================
    Date: 2014-12-18 05:31:38.857
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Microsoft signing level requirements.

    Date: 2014-12-18 05:31:38.796
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Microsoft signing level requirements.

    Date: 2014-12-18 05:31:38.740
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\GbPlugin\gbpinj.dll that did not meet the Microsoft signing level requirements.


    ==================== Memory info ===========================

    Processor: AMD FX(tm)-6300 Six-Core Processor
    Percentage of memory in use: 47%
    Total physical RAM: 8091.78 MB
    Available physical RAM: 4213.88 MB
    Total Pagefile: 10139.78 MB
    Available Pagefile: 4962.21 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.78 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:465.42 GB) (Free:209.89 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 670FDBE9)
    Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================






    SHORTCUT:



    Users shortcut scan result (x64) Version: 29-02-2015
    Ran by Tourage at 2015-02-28 20:58:47
    Running from C:\Users\Tourage\Downloads
    Boot Mode: Normal
    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)



    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst.lnk -> C:\Program Files (x86)\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Alternate Start.lnk -> C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Free Edition.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Hexagon\Super Hexagon.lnk -> C:\Program Files (x86)\Super Hexagon\superhexagon.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Hexagon\Uninstall Super Hexagon.lnk -> C:\Program Files (x86)\Super Hexagon\unins000.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro Help.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo Uninstaller Pro Help.pdf ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (VS Revo Group)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Uninstall Revo Uninstaller Pro.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Game Booster\Razer Game Booster.lnk -> C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe (Razer Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Arc.lnk -> C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcLauncher.exe (Perfect World Entertainment)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Reparar Arc.lnk -> C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcRepair.exe (Perfect World Entertainment)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest\NCLauncher\Uninstall - NCLauncher.lnk -> C:\Program Files (x86)\NCWest\NCLauncher\Uninstall.exe (No File)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Middle Earth Shadow of Mordor\Middle Earth Shadow of Mordor.lnk -> C:\Program Files (x86)\Middle Earth Shadow of Mordor\x64\ShadowOfMordor.exe (WB Games, Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Middle Earth Shadow of Mordor\Uninstall.lnk -> C:\Program Files (x86)\Middle Earth Shadow of Mordor\unins000.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Sobre o iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\pt.lproj\About iTunes.rtf ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone\Hearthstone.lnk -> C:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe (Blizzard Entertainment)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-125 revA\Connection Wizard.lnk -> C:\Program Files (x86)\D-Link\DWA-125 revA\D-Link Wizard.exe (D-Link Corp.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-125 revA\Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-125 revA\AirNCFG.exe (D-Link Corp.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Uninstall CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\unins000.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Ares.lnk -> C:\Program Files (x86)\Ares\Ares.exe (Seekar Ltd)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Homepage.lnk -> C:\Program Files (x86)\Ares\data\Homepage.url ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Host Chatroom.lnk -> C:\Program Files (x86)\Ares\chatServer.exe (Ares Development Group)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Uninstall.lnk -> C:\Program Files (x86)\Ares\Uninstall.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Tourage\Documents ()
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Tourage\Pictures ()
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
    Shortcut: C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
    Shortcut: C:\Users\Public\Desktop\Arc.lnk -> C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcLauncher.exe (Perfect World Entertainment)
    Shortcut: C:\Users\Public\Desktop\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
    Shortcut: C:\Users\Public\Desktop\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)
    Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    Shortcut: C:\Users\Public\Desktop\Hearthstone.lnk -> C:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe (Blizzard Entertainment)
    Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
    Shortcut: C:\Users\Public\Desktop\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst.lnk -> C:\Program Files (x86)\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB.exe ()
    Shortcut: C:\Users\Public\Desktop\Razer Game Booster.lnk -> C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe (Razer Inc.)
    Shortcut: C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (VS Revo Group)
    Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
    Shortcut: C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
    Shortcut: C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
    Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
    Shortcut: C:\Users\Public\Desktop\Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-125 revA\AirNCFG.exe (D-Link Corp.)
    Shortcut: C:\Users\Tourage\Links\Desktop.lnk -> C:\Users\Tourage\Desktop ()
    Shortcut: C:\Users\Tourage\Links\Downloads.lnk -> C:\Users\Tourage\Downloads ()
    Shortcut: C:\Users\Tourage\Downloads\Music - Shortcut.lnk -> C:\Users\Tourage\Music ()
    Shortcut: C:\Users\Tourage\Desktop\Middle Earth Shadow of Mordor.lnk -> C:\Program Files (x86)\Middle Earth Shadow of Mordor\x64\ShadowOfMordor.exe (WB Games, Inc.)
    Shortcut: C:\Users\Tourage\Desktop\One Finger Death Punch.lnk -> C:\Games\One Finger Death Punch\One Finger Death Punch.exe (Silver Dollar Games)
    Shortcut: C:\Users\Tourage\Desktop\Super Hexagon.lnk -> C:\Program Files (x86)\Super Hexagon\superhexagon.exe ()
    Shortcut: C:\Users\Tourage\Desktop\µTorrent.lnk -> C:\Users\Tourage\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Tourage\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloads.lnk -> C:\Users\Tourage\Downloads ()
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\ReadMe.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\Doc\ReadMe.pdf ()
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\RivaTuner Statistics Server.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ()
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\Uninstall.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\Uninstall.exe ()
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\RivaTuner Statistics Server localization reference.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\SDK\Doc\Localization reference.pdf ()
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\RivaTuner Statistics Server skin format reference.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\SDK\Doc\USF skin format reference.pdf ()
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\Samples.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\SDK\Samples ()
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\One Finger Death Punch 1.0\Cat-A-Cat GAMES.lnk -> C:\Games\One Finger Death Punch\d.url ()
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\One Finger Death Punch 1.0\One Finger Death Punch.lnk -> C:\Games\One Finger Death Punch\One Finger Death Punch.exe (Silver Dollar Games)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\One Finger Death Punch 1.0\Uninstall.lnk -> C:\Games\One Finger Death Punch\Uninstall.exe ()
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\Tourage\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Hearthstone.lnk -> C:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe (Blizzard Entertainment)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
    Shortcut: C:\Users\Tourage\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk -> C:\Users\Tourage\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
    Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
    Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
    Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
    Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
    Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
    Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
    Shortcut: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)




    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Registration-Activation.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware) -> /register
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Desinstalar Arc.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{CED8E25B-122A-4E80-B612-7F99B93284B3}\setup.exe (Perfect World Entertainment) -> -runfromtemp -l0x0416 -removeonly
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-125 revA\Uninstall.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{E45CACFE-0576-4375-A84F-C34B99A7B652}\setup.exe (Macrovision Corporation) -> -runfromtemp -l0x0816
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
    ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
    ShortcutWithArgument: C:\Users\Tourage\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
    ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
    ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
    ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
    ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
    ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
    ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
    ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
    ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
    ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
    ShortcutWithArgument: C:\Users\Tourage\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


    InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/
    InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro on the Web.url -> hxxp://www.revouninstallerpro.com/
    InternetURL: C:\Users\Tourage\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
    InternetURL: C:\Users\Tourage\Desktop\Counter-Strike Source.url -> steam://rungameid/240
    InternetURL: C:\Users\Tourage\Desktop\Dota 2.url -> steam://rungameid/570
    InternetURL: C:\Users\Tourage\Desktop\Left 4 Dead 2.url -> steam://rungameid/550
    InternetURL: C:\Users\Tourage\Desktop\leak\Victoria Justice\Как установить моды и карты для Beamng Drive.url -> 0

    ==================== End of log =============================
     
  4. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Those logs are clear. Did you reset your browsers? Does the issue continue?
     
  5. tourage

    tourage Thread Starter

    Joined:
    Feb 28, 2015
    Messages:
    4
    yeah, reseted my browser and it still isn't fixed... that Ad borderline is showing up even in websites that I used to use everyday. I also did 2 restore system, in the beginning it looked like it was fixed, but it started appearing again.

    I'm running out of options. I really didn't want to resort to format my pc
     
  6. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.

    Download the latest AdwCleaner from here. Save the file to the desktop.

    NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

    Close all open windows and browsers.
    • XP users: Double click the AdwCleaner icon to start the program.
    • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
      You will see the following console:
    [​IMG]
    • Click the Scan button and wait for the scan to finish.
    • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
    • Click the Clean button.
    • Everything checked will be deleted.
    • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this
    [​IMG]
    • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

    Update Malwarebytes Antimalware and perform a scan:
    • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
    • Reboot your computer if prompted.

    Post the MBAM Scan report.
     
  7. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Also:

    Download SuperAntiSpyware
    • Load SuperAntiSpyware and click the Check for updates button.
    • Once the update is finished click the Scan your computer button.
    • Check Perform Complete Scan and then next.
    • SuperAntiSpyware will now scan your computer and when its finished it will list all the infections it has found.
    • Make sure that they all have a check next to them and press next.
    • Click finish and you will be taken back to the main interface.
    • Click Preferences and then click the statistics/logs tab. Click the dated log and press view log and a text file will appear.
    • Copy and paste the log onto the forum.
     
  8. tourage

    tourage Thread Starter

    Joined:
    Feb 28, 2015
    Messages:
    4
    thanks for all the help, I've tried all the program, but I'll format the PC tomorrow.
     
  9. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Thanks for the feedback.
     
  10. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1143964

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice