Publicité
Publicité
Commentaire : Addition log
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-08-2016
Ran by Bruno (08-09-2016 19:15:52)
Running from C:\Users\Bruno\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2015-11-25 23:55:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-109191986-1445244477-1993111821-500 - Administrator - Disabled)
Bruno (S-1-5-21-109191986-1445244477-1993111821-1000 - Administrator - Enabled) => C:\Users\Bruno
Guest (S-1-5-21-109191986-1445244477-1993111821-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-109191986-1445244477-1993111821-1006 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.12 (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
ACE COMBAT ASSAULT HORIZON Enhanced Edition (HKLM\...\ACE COMBAT ASSAULT HORIZON Enhanced Edition_is1) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
ARMA 2 Operation Arrowhead Uninstall (HKLM\...\ARMA 2 Operation Arrowhead) (Version: - )
ARMA III (HKLM\...\ARMA III_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Atheros Driver Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{E0C09093-7EE4-4BED-99F3-71FF5AB1CDA3}) (Version: 3.0.800.0 - ATI Technologies, Inc.)
Auslogics Disk Defrag Professional (HKLM\...\{ADE1535C-C836-4F2E-BDA1-1C7C304743E3}_is1) (Version: 4.7.0.0 - Auslogics Software Pty Ltd)
AVG (Version: 16.101.7752 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4649 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.101.7752 - AVG Technologies)
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.3.5.160 - AVG Technologies)
Breath of Fire IV 1.0 (HKLM\...\Breath of Fire IV_is1) (Version: 1.0 - Capcom)
Call of Duty - World at War (HKLM\...\Call of Duty - World at War_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Call of Duty 4 - Modern Warfare (HKLM\...\{C060ED81-3AB2-4384-9D60-F29D5FDFDC89}_is1) (Version: 1.7 - X-NET)
ccc-core-static (Version: 2010.1110.1539.28046 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Delta Force Black Hawk Down Full PC Game {Highly Compress} {Uploaded} @IGI (remove only) (HKLM\...\{D05A5767-37D5-485C-9A55-844D69F5C453}) (Version: - )
Dirt 3 Complete Edition version 1.2.0.0 (HKLM\...\Dirt 3 Complete Edition_is1) (Version: 1.2.0.0 - Mr DJ)
Dragonball Xenoverse (HKLM\...\Dragonball Xenoverse_is1) (Version: - )
Driver - San Francisco (HKLM\...\Driver - San Francisco_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Everything 1.3.4.686 (x86) (HKLM\...\Everything) (Version: - )
Far Cry 2 - Fortune's Edition (HKLM\...\Far Cry 2 - Fortune's Edition_is1) (Version: - )
FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden
Game Booster 3 (HKLM\...\Game Booster_is1) (Version: 3.4 - IObit)
Ghost Recon Advanced Warfighter (HKLM\...\{EFC97089-04D6-42CE-A707-A343B4A7D2CD}) (Version: 1.00.000 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 53.0.2785.101 - Google Inc.)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Guitar Pro 6 (HKLM\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
H.A.W.X. 2 1.01 (HKLM\...\H.A.W.X. 2_is1) (Version: 1.01 - Ubisoft Entertainment)
Heavy Fire: Afghanistan (HKLM\...\Heavy Fire: Afghanistan) (Version: 1.0.0 - Mastiff LLC.)
Kingo ROOT version 1.4.5.2664 (HKLM\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.4.5.2664 - Kingosoft Technology Ltd.)
K-Lite Mega Codec Pack 12.3.5 (HKLM\...\KLiteCodecPack_is1) (Version: 12.3.5 - KLCP)
LinuxLive USB Creator (HKLM\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Men of Valor (HKLM\...\1454576218_is1) (Version: 2.0.0.3 - GOG.com)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 pt-BR) (HKLM\...\Mozilla Firefox 48.0.2 (x86 pt-BR)) (Version: 48.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need For Speed Most Wanted Black Edition version 1.3.0.0 (HKLM\...\Need For Speed Most Wanted Black Edition_is1) (Version: 1.3.0.0 - Mr DJ)
Outlast (HKLM\...\Outlast_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2) (Version: - )
PowerISO (HKLM\...\PowerISO) (Version: 6.5 - Power Software Ltd)
Python 3.4.3 (HKLM\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
qBittorrent 3.3.5 (HKLM\...\qBittorrent) (Version: 3.3.5 - The qBittorrent project)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Rainbow Six Vegas 2 (HKLM\...\Rainbow Six Vegas 2_is1) (Version: 1.03.101 - Ubisoft)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.69.304.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Resident Evil HD REMASTER (HKLM\...\Resident Evil HD REMASTER_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
RESIDENT EVIL2 (HKLM\...\RESIDENT EVIL2) (Version: - )
ResidentEvil3 (HKLM\...\{DE15F0C0-108D-11D4-AF73-0000E21444C5}) (Version: - )
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.3.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Sniper Elite V2 (HKLM\...\Sniper Elite V2_is1) (Version: v1.2 - Rebellion)
Sniper Ghost Warrior - Gold Edition (HKLM\...\Sniper Ghost Warrior - Gold Edition_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.21.9613 - SoftEther VPN Project)
SpeedUpMyPC (HKLM\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 6.0.10.0 - Uniblue Systems Limited) <==== ATTENTION
STALKER Call Of Pripyat version 1.6.2.0 (HKLM\...\STALKER Call Of Pripyat_is1) (Version: 1.6.2.0 - Mr DJ)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
SuperRam (HKLM\...\SuperRam_is1) (Version: 6.11.10.2014 - PGWARE LLC)
Terrorist Takedown: War in Colombia (HKLM\...\TTWICENG_is1) (Version: - City Interactive)
Tom Clancy`s Splinter Cell® Blacklist™ (HKLM\...\Tom Clancy`s Splinter Cell® Blacklist™_is1) (Version: 1.01 - R.G. Revenants)
Tom Clancy's Splinter Cell Conviction (HKLM\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.00.000 - Ubisoft)
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
USB2.0 UVC VGA WebCam (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10296 - Realtek Semiconductor Corp.)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WMV9/VC-1 Video Playback (Version: 1.0.51110.1535 - ATI Technologies Inc.) Hidden
Zona (HKLM\...\Zona) (Version: - Zona Team)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0381F5D9-81AB-4635-8562-34A108A333C5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {0419B6E1-6072-41B2-8DDC-D9742D8BFA99} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-08-15] ()
Task: {3FA092CE-3B04-4728-B14A-6E13957BF15B} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files\Speed Up My PC - for gamer\speedupmypc.exe [2015-07-15] (Uniblue Systems Limited) <==== ATTENTION
Task: {40651253-F8D0-4530-9FD3-354AACE3BB5B} - System32\Tasks\SpeedUpMyPC Subscription => C:\Program Files\Speed Up My PC - for gamer\speedupmypc.exe [2015-07-15] (Uniblue Systems Limited) <==== ATTENTION
Task: {6470ED17-EBC2-4D08-97EF-9FD1FDE0574F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-26] (Google Inc.)
Task: {89119D0A-16E1-43E0-939C-1137C1446806} - System32\Tasks\{3429C8E4-01ED-49E2-8DF2-4E58F1C79D2A} => pcalua.exe -a "D:\Drivers win7 32 bits\setup.exe" -d "D:\Drivers win7 32 bits"
Task: {94CEEAB1-F830-447C-9BFE-54D89E9FA727} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe [2016-06-09] ()
Task: {98FDD127-1635-4798-8DE9-35344B66C2D0} - System32\Tasks\{EEB34A3D-C134-41E7-81FE-BC5974EAAF03} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {9AA422E5-A2B7-491E-825C-FDCE70537D17} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-26] (Google Inc.)
Task: {BC762A1B-C475-4F96-8458-3721281C1A41} - System32\Tasks\Microsoft\Windows\RVLKL\RVLKL => C:\ProgramData\keylog\rvlkl.exe
Task: {DB78F4FD-4C21-4FDC-B935-ACE192F2126F} - System32\Tasks\Auslogics\Disk Defrag Prof\Task {00000001-4FFD-4428-B76A-000CCAA81DF3} for Bruno => C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [2015-09-08] (Auslogics)
Task: {E6A5C08F-0111-42DD-92C1-D3B0A11C396B} - System32\Tasks\{54F0C26E-F9F0-4933-82D9-4A755F23B461} => pcalua.exe -a C:\Users\Bruno\Desktop\WinSetupFromUSB-1-6.exe -d C:\Users\Bruno\AppData\Roaming\IDM
Task: {EFF36D42-AC26-4094-9CC0-267055712B3E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-16] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files\Speed Up My PC - for gamer\speedupmypc.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Subscription.job => C:\Program Files\Speed Up My PC - for gamer\speedupmypc.exe <==== ATTENTION
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-01-22 13:54 - 2016-01-22 13:54 - 00486064 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
2016-09-07 21:10 - 2016-09-06 22:29 - 01806152 _____ () C:\Program Files\Google\Chrome\Application\53.0.2785.101\libglesv2.dll
2016-09-07 21:10 - 2016-09-06 22:29 - 00094024 _____ () C:\Program Files\Google\Chrome\Application\53.0.2785.101\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7910 more sites.
IE trusted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\123simsen.com -> www.123simsen.com
There are 7908 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 23:04 - 2016-09-08 18:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-109191986-1445244477-1993111821-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: AvgAMPS => 3
MSCONFIG\Services: AVGIDSAgent => 2
MSCONFIG\Services: avgsvc => 2
MSCONFIG\Services: avgwd => 2
MSCONFIG\Services: Backupper Service => 2
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: cbVSCService11 => 2
MSCONFIG\Services: CobianBackup11 => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: EaseUS Agent => 2
MSCONFIG\Services: EBC Client => 2
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: PnkBstrA => 2
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SEVPNCLIENT => 2
MSCONFIG\Services: SplashtopRemoteService => 2
MSCONFIG\Services: SSUService => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: SuperRam => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMnetDHCP => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMware NAT Service => 2
MSCONFIG\Services: vToolbarUpdater40.3.5 => 2
MSCONFIG\Services: WtuSystemSupport => 2
MSCONFIG\Services: ZAPrivacyService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^rvlkl.lnk => C:\Windows\pss\rvlkl.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoftEther VPN Client Manager Startup.lnk => C:\Windows\pss\SoftEther VPN Client Manager Startup.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AvgUi => "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
MSCONFIG\startupreg: AVG_UI => "C:\Program Files\AVG\Av\avuirunnerx.exe" C:\Program Files\AVG\Av\avgui.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Everything => "C:\Program Files\Everything\Everything.exe" -startup
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: qBittorrent => "C:\Program Files\qBittorrent\qbittorrent.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: SoftEther VPN Client UI Helper => "C:\Program Files\SoftEther VPN Client\vpnclient.exe" /uihelp
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
MSCONFIG\startupreg: SuperRam => "C:\Program Files\PGWARE.super.ram\SuperRam\SuperRamTray.exe" /start
MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Web TuneUp\vprot.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{573AA802-D091-4CD7-B336-1666541B8CDB}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{4DCB7B1E-A3F2-4F26-A82F-69AC313D6E66}] => (Allow) C:\Program Files\Breath of Fire IV\BOF4.exe
FirewallRules: [{35365D28-6B24-42A9-AEB7-842809FD7329}] => (Allow) C:\Program Files\Breath of Fire IV\BOF4.exe
FirewallRules: [{6FC557EE-14AA-4EEB-8DB3-4FD3EF5513F0}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{31085B58-041C-4328-A635-4A1A21800B7D}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{5870C085-BCAF-41DE-84CB-4C46F2DEBB2E}C:\program files\far cry 3 inc. blood dragon\far cry 3\bin\farcry3.exe] => (Allow) C:\program files\far cry 3 inc. blood dragon\far cry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{C79FDB06-FB2A-4343-B7AB-0A4DC7B4C892}C:\program files\far cry 3 inc. blood dragon\far cry 3\bin\farcry3.exe] => (Allow) C:\program files\far cry 3 inc. blood dragon\far cry 3\bin\farcry3.exe
FirewallRules: [{D0A4FC48-AD43-4429-93E4-B48B114777A9}] => (Block) C:\program files\far cry 3 inc. blood dragon\far cry 3\bin\farcry3.exe
FirewallRules: [{1971E94F-4EE8-45EF-BC61-B613C26D52E0}] => (Block) C:\program files\far cry 3 inc. blood dragon\far cry 3\bin\farcry3.exe
FirewallRules: [{FEF63EDD-FEC4-4095-A58D-432518FF4818}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B4636DBE-3972-41C5-9212-19EC1F0B580D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{794CBE14-026A-4E8B-9F97-3DA2E3ECC05E}] => (Allow) C:\Program Files\Mr DJ\STALKER Call Of Pripyat\Stalker-COP.exe
FirewallRules: [{F2D46954-B55A-4BC5-AA20-353080357D28}] => (Allow) C:\Program Files\Mr DJ\STALKER Call Of Pripyat\Stalker-COP.exe
FirewallRules: [{6F5738ED-5F9B-4954-A6D9-23BBCD0F3712}] => (Allow) C:\Program Files\Mr DJ\Need For Speed Most Wanted Black Edition\speed.exe
FirewallRules: [{8698B47C-0F64-4B64-9BB2-6CAE798C4A18}] => (Allow) C:\Program Files\Mr DJ\Need For Speed Most Wanted Black Edition\speed.exe
FirewallRules: [TCP Query User{56172A0F-E823-49DE-B17D-96A4C6CB1A33}C:\program files\r.g. mechanics\outlast\binaries\win32\olgame.exe] => (Allow) C:\program files\r.g. mechanics\outlast\binaries\win32\olgame.exe
FirewallRules: [UDP Query User{DFC90217-69E6-4A42-B84F-89DA4FC8A1C1}C:\program files\r.g. mechanics\outlast\binaries\win32\olgame.exe] => (Allow) C:\program files\r.g. mechanics\outlast\binaries\win32\olgame.exe
FirewallRules: [{911025C7-6590-461A-9FFF-D44D23910A40}] => (Block) C:\program files\r.g. mechanics\outlast\binaries\win32\olgame.exe
FirewallRules: [{6BD45EEA-7EBF-45A6-A8C7-765231447C95}] => (Block) C:\program files\r.g. mechanics\outlast\binaries\win32\olgame.exe
FirewallRules: [TCP Query User{EA8106BB-02FB-4DAB-BB34-6183AF15A1FD}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{527D7D99-79E6-4D72-993B-4C2463488333}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe
FirewallRules: [{633D7907-50B7-4623-B2CD-59A0858F6D7F}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{F8BA95F3-D2B5-4E49-BF0B-3709F6C3ADCF}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{56500ADC-EFCE-49A1-9B74-B3AA0C72ADDF}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{10B33E90-5A2C-4BB2-BD7B-F02407EB9884}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{C885CD8A-42F0-4C8C-BB7A-A98010AD0A56}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{ED783E5D-E42D-4E12-93D0-E5F4EC1FBB2A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [TCP Query User{61BA9188-51AB-41A3-AFD2-290D0EA569A7}C:\games\splinter cell blacklist\src\system\blacklist_game.exe] => (Allow) C:\games\splinter cell blacklist\src\system\blacklist_game.exe
FirewallRules: [UDP Query User{9EE86E81-F3B3-4141-8257-8AD7EDE88E19}C:\games\splinter cell blacklist\src\system\blacklist_game.exe] => (Allow) C:\games\splinter cell blacklist\src\system\blacklist_game.exe
FirewallRules: [{68D5D90C-A868-4498-B00B-F3C999D64ED3}] => (Allow) C:\Dirt 3 Complete Edition\dirt3_game.exe
FirewallRules: [{6966397E-EE88-4205-A192-EF201A9D9A6B}] => (Allow) C:\Dirt 3 Complete Edition\dirt3_game.exe
FirewallRules: [{55F7CA2F-1179-42F2-8443-0D5EB6F7CC2E}] => (Allow) C:\Program Files\Zona\Zona.exe
FirewallRules: [{5B599378-8DF9-4E02-8EF2-55664D462B70}] => (Allow) C:\Program Files\Zona\Zona.exe
FirewallRules: [{06FBC466-D496-43F7-94C3-FCAAC935E457}] => (Allow) C:\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
FirewallRules: [{F8C95D55-31C1-4DA3-B501-82EF4CFE5AAF}] => (Allow) C:\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
FirewallRules: [{CE747DDF-191C-4D96-91FA-C9929472BF37}] => (Allow) C:\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe
FirewallRules: [{6EDEBCF8-25CC-4D59-B6B1-D29ADCE020A1}] => (Allow) C:\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe
FirewallRules: [TCP Query User{B23C572B-18E9-4336-B239-1A101F310902}C:\program files\zona\zona.exe] => (Allow) C:\program files\zona\zona.exe
FirewallRules: [UDP Query User{A63886B7-83C2-4AC4-8114-9FCA4B9B9271}C:\program files\zona\zona.exe] => (Allow) C:\program files\zona\zona.exe
FirewallRules: [TCP Query User{AD9AE70E-D2BA-4300-9BD0-FE899C11606B}C:\rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Allow) C:\rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [UDP Query User{20AB67F7-CFC2-4E3E-A7B0-2CD4E189CFB3}C:\rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Allow) C:\rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [{CE1029F8-A144-4112-A501-6F1AC8382CD3}] => (Allow) C:\H.A.W.X. 2\HAWX2.exe
FirewallRules: [{9E34B8FD-C177-4A4C-A029-D486B410607D}] => (Allow) C:\H.A.W.X. 2\HAWX2.exe
FirewallRules: [{DADDCDA6-6ACE-4990-BF0B-A6CAF646EDA0}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{93FE3338-A6B9-4782-9CB3-46D6A7A9A34F}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{01B7024E-B609-4837-A140-009ECE3A55C3}] => (Allow) C:\Arma 2 - Operation Arrowhead - DEMO\ArmA2OA_Demo.exe
FirewallRules: [{6CEDC194-9014-4A4C-BEBB-F317A54FB4FB}] => (Allow) C:\Arma 2 - Operation Arrowhead - DEMO\ArmA2OA_Demo.exe
FirewallRules: [TCP Query User{24CE502F-A554-4971-96A6-C77E6E01FA5C}C:\h.a.w.x. 2\hawx2_dx11.exe] => (Allow) C:\h.a.w.x. 2\hawx2_dx11.exe
FirewallRules: [UDP Query User{72846C2E-BD31-4DCC-9503-E00A9EB41E0C}C:\h.a.w.x. 2\hawx2_dx11.exe] => (Allow) C:\h.a.w.x. 2\hawx2_dx11.exe
FirewallRules: [TCP Query User{32EAE065-B404-42D5-890D-CF214FF567AF}C:\h.a.w.x. 2\data\browser\uplaybrowser.exe] => (Allow) C:\h.a.w.x. 2\data\browser\uplaybrowser.exe
FirewallRules: [UDP Query User{EBDC3973-D6A6-4A31-AF40-8460F4911183}C:\h.a.w.x. 2\data\browser\uplaybrowser.exe] => (Allow) C:\h.a.w.x. 2\data\browser\uplaybrowser.exe
FirewallRules: [TCP Query User{0A8CF86E-DACF-47E0-BC72-30DE62E9DF60}C:\program files\call of duty - world at war\codwaw.exe] => (Allow) C:\program files\call of duty - world at war\codwaw.exe
FirewallRules: [UDP Query User{A2AB4F79-6131-4103-A0F8-8DAE306A1CDF}C:\program files\call of duty - world at war\codwaw.exe] => (Allow) C:\program files\call of duty - world at war\codwaw.exe
FirewallRules: [TCP Query User{8413D049-E986-47C8-B208-F9FD73D0F9F8}C:\tom clancy's ghost recon advanced warfighter\graw.exe] => (Allow) C:\tom clancy's ghost recon advanced warfighter\graw.exe
FirewallRules: [UDP Query User{A289C104-8331-4EBD-ACB8-1A2ED589A35D}C:\tom clancy's ghost recon advanced warfighter\graw.exe] => (Allow) C:\tom clancy's ghost recon advanced warfighter\graw.exe
FirewallRules: [{BFE494D9-FCB8-447C-A7CB-6752C93E95A0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{DECF1E35-F96A-4E27-9D62-D2787DD794B9}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{3B0B8145-AE6F-450A-9000-9927AB04F3EB}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{DD966885-58CF-4C19-B1CB-1D9797B49F81}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{B097A63B-226C-4749-AE66-389E8793BBFF}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{B3DA0584-28A8-4200-AC75-9882AA515049}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{F020948E-76C4-47A0-9CFA-F952CEFB9F26}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{0053EF1F-1F1B-4767-8D63-9E338642C9EA}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{1D8401DC-8A76-4EE5-AEFC-ABCC69189BF0}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
==================== Restore Points =========================
07-09-2016 15:51:37 Scheduled Checkpoint
08-09-2016 01:01:38 Installed AVG 2016
08-09-2016 01:04:35 Installed AVG
==================== Faulty Device Manager Devices =============
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: A0GW1DNV IDE Controller
Description: A0GW1DNV IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: awzt6if7
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/08/2016 06:32:36 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Error: (09/08/2016 06:32:36 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Error: (09/08/2016 06:32:36 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Error: (09/08/2016 06:25:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pev.3XE, version: 0.0.0.0, time stamp: 0x4e06cfe8
Faulting module name: pev.3XE, version: 0.0.0.0, time stamp: 0x4e06cfe8
Exception code: 0xc0000417
Fault offset: 0x00081dc9
Faulting process id: 0x1324
Faulting application start time: 0x01d20a178ccf3dcb
Faulting application path: C:\ComboFix\pev.3XE
Faulting module path: C:\ComboFix\pev.3XE
Report Id: ca9f7d4f-760a-11e6-ab6f-00acb7759e71
Error: (09/08/2016 04:41:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Error: (09/08/2016 04:41:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Error: (09/08/2016 04:41:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Error: (09/07/2016 10:42:35 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Error: (09/07/2016 10:42:35 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Error: (09/07/2016 10:42:35 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
System errors:
=============
Error: (09/08/2016 06:51:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (09/08/2016 06:51:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (09/08/2016 06:51:47 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Error: (09/08/2016 06:48:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (09/08/2016 06:48:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (09/08/2016 06:48:56 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Error: (09/08/2016 06:47:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (09/08/2016 06:47:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (09/08/2016 06:47:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (09/08/2016 06:47:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
CodeIntegrity:
===================================
Date: 2016-03-19 02:31:50.177
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-19 01:18:36.270
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-19 01:18:35.266
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-19 01:16:27.934
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-19 01:16:24.174
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD C-50 Processor
Percentage of memory in use: 73%
Total physical RAM: 1645.47 MB
Available physical RAM: 438.21 MB
Total Virtual: 3290.95 MB
Available Virtual: 2035.37 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:80.39 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 000336C0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Bruno (08-09-2016 19:15:52)
Running from C:\Users\Bruno\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2015-11-25 23:55:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-109191986-1445244477-1993111821-500 - Administrator - Disabled)
Bruno (S-1-5-21-109191986-1445244477-1993111821-1000 - Administrator - Enabled) => C:\Users\Bruno
Guest (S-1-5-21-109191986-1445244477-1993111821-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-109191986-1445244477-1993111821-1006 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.12 (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
ACE COMBAT ASSAULT HORIZON Enhanced Edition (HKLM\...\ACE COMBAT ASSAULT HORIZON Enhanced Edition_is1) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
ARMA 2 Operation Arrowhead Uninstall (HKLM\...\ARMA 2 Operation Arrowhead) (Version: - )
ARMA III (HKLM\...\ARMA III_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Atheros Driver Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{E0C09093-7EE4-4BED-99F3-71FF5AB1CDA3}) (Version: 3.0.800.0 - ATI Technologies, Inc.)
Auslogics Disk Defrag Professional (HKLM\...\{ADE1535C-C836-4F2E-BDA1-1C7C304743E3}_is1) (Version: 4.7.0.0 - Auslogics Software Pty Ltd)
AVG (Version: 16.101.7752 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4649 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.101.7752 - AVG Technologies)
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.3.5.160 - AVG Technologies)
Breath of Fire IV 1.0 (HKLM\...\Breath of Fire IV_is1) (Version: 1.0 - Capcom)
Call of Duty - World at War (HKLM\...\Call of Duty - World at War_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Call of Duty 4 - Modern Warfare (HKLM\...\{C060ED81-3AB2-4384-9D60-F29D5FDFDC89}_is1) (Version: 1.7 - X-NET)
ccc-core-static (Version: 2010.1110.1539.28046 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Delta Force Black Hawk Down Full PC Game {Highly Compress} {Uploaded} @IGI (remove only) (HKLM\...\{D05A5767-37D5-485C-9A55-844D69F5C453}) (Version: - )
Dirt 3 Complete Edition version 1.2.0.0 (HKLM\...\Dirt 3 Complete Edition_is1) (Version: 1.2.0.0 - Mr DJ)
Dragonball Xenoverse (HKLM\...\Dragonball Xenoverse_is1) (Version: - )
Driver - San Francisco (HKLM\...\Driver - San Francisco_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Everything 1.3.4.686 (x86) (HKLM\...\Everything) (Version: - )
Far Cry 2 - Fortune's Edition (HKLM\...\Far Cry 2 - Fortune's Edition_is1) (Version: - )
FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden
Game Booster 3 (HKLM\...\Game Booster_is1) (Version: 3.4 - IObit)
Ghost Recon Advanced Warfighter (HKLM\...\{EFC97089-04D6-42CE-A707-A343B4A7D2CD}) (Version: 1.00.000 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 53.0.2785.101 - Google Inc.)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Guitar Pro 6 (HKLM\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
H.A.W.X. 2 1.01 (HKLM\...\H.A.W.X. 2_is1) (Version: 1.01 - Ubisoft Entertainment)
Heavy Fire: Afghanistan (HKLM\...\Heavy Fire: Afghanistan) (Version: 1.0.0 - Mastiff LLC.)
Kingo ROOT version 1.4.5.2664 (HKLM\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.4.5.2664 - Kingosoft Technology Ltd.)
K-Lite Mega Codec Pack 12.3.5 (HKLM\...\KLiteCodecPack_is1) (Version: 12.3.5 - KLCP)
LinuxLive USB Creator (HKLM\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Men of Valor (HKLM\...\1454576218_is1) (Version: 2.0.0.3 - GOG.com)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 pt-BR) (HKLM\...\Mozilla Firefox 48.0.2 (x86 pt-BR)) (Version: 48.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need For Speed Most Wanted Black Edition version 1.3.0.0 (HKLM\...\Need For Speed Most Wanted Black Edition_is1) (Version: 1.3.0.0 - Mr DJ)
Outlast (HKLM\...\Outlast_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2) (Version: - )
PowerISO (HKLM\...\PowerISO) (Version: 6.5 - Power Software Ltd)
Python 3.4.3 (HKLM\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
qBittorrent 3.3.5 (HKLM\...\qBittorrent) (Version: 3.3.5 - The qBittorrent project)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Rainbow Six Vegas 2 (HKLM\...\Rainbow Six Vegas 2_is1) (Version: 1.03.101 - Ubisoft)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.69.304.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Resident Evil HD REMASTER (HKLM\...\Resident Evil HD REMASTER_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
RESIDENT EVIL2 (HKLM\...\RESIDENT EVIL2) (Version: - )
ResidentEvil3 (HKLM\...\{DE15F0C0-108D-11D4-AF73-0000E21444C5}) (Version: - )
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.3.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Sniper Elite V2 (HKLM\...\Sniper Elite V2_is1) (Version: v1.2 - Rebellion)
Sniper Ghost Warrior - Gold Edition (HKLM\...\Sniper Ghost Warrior - Gold Edition_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.21.9613 - SoftEther VPN Project)
SpeedUpMyPC (HKLM\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 6.0.10.0 - Uniblue Systems Limited) <==== ATTENTION
STALKER Call Of Pripyat version 1.6.2.0 (HKLM\...\STALKER Call Of Pripyat_is1) (Version: 1.6.2.0 - Mr DJ)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
SuperRam (HKLM\...\SuperRam_is1) (Version: 6.11.10.2014 - PGWARE LLC)
Terrorist Takedown: War in Colombia (HKLM\...\TTWICENG_is1) (Version: - City Interactive)
Tom Clancy`s Splinter Cell® Blacklist™ (HKLM\...\Tom Clancy`s Splinter Cell® Blacklist™_is1) (Version: 1.01 - R.G. Revenants)
Tom Clancy's Splinter Cell Conviction (HKLM\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.00.000 - Ubisoft)
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
USB2.0 UVC VGA WebCam (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10296 - Realtek Semiconductor Corp.)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WMV9/VC-1 Video Playback (Version: 1.0.51110.1535 - ATI Technologies Inc.) Hidden
Zona (HKLM\...\Zona) (Version: - Zona Team)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0381F5D9-81AB-4635-8562-34A108A333C5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {0419B6E1-6072-41B2-8DDC-D9742D8BFA99} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-08-15] ()
Task: {3FA092CE-3B04-4728-B14A-6E13957BF15B} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files\Speed Up My PC - for gamer\speedupmypc.exe [2015-07-15] (Uniblue Systems Limited) <==== ATTENTION
Task: {40651253-F8D0-4530-9FD3-354AACE3BB5B} - System32\Tasks\SpeedUpMyPC Subscription => C:\Program Files\Speed Up My PC - for gamer\speedupmypc.exe [2015-07-15] (Uniblue Systems Limited) <==== ATTENTION
Task: {6470ED17-EBC2-4D08-97EF-9FD1FDE0574F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-26] (Google Inc.)
Task: {89119D0A-16E1-43E0-939C-1137C1446806} - System32\Tasks\{3429C8E4-01ED-49E2-8DF2-4E58F1C79D2A} => pcalua.exe -a "D:\Drivers win7 32 bits\setup.exe" -d "D:\Drivers win7 32 bits"
Task: {94CEEAB1-F830-447C-9BFE-54D89E9FA727} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe [2016-06-09] ()
Task: {98FDD127-1635-4798-8DE9-35344B66C2D0} - System32\Tasks\{EEB34A3D-C134-41E7-81FE-BC5974EAAF03} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {9AA422E5-A2B7-491E-825C-FDCE70537D17} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-26] (Google Inc.)
Task: {BC762A1B-C475-4F96-8458-3721281C1A41} - System32\Tasks\Microsoft\Windows\RVLKL\RVLKL => C:\ProgramData\keylog\rvlkl.exe
Task: {DB78F4FD-4C21-4FDC-B935-ACE192F2126F} - System32\Tasks\Auslogics\Disk Defrag Prof\Task {00000001-4FFD-4428-B76A-000CCAA81DF3} for Bruno => C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [2015-09-08] (Auslogics)
Task: {E6A5C08F-0111-42DD-92C1-D3B0A11C396B} - System32\Tasks\{54F0C26E-F9F0-4933-82D9-4A755F23B461} => pcalua.exe -a C:\Users\Bruno\Desktop\WinSetupFromUSB-1-6.exe -d C:\Users\Bruno\AppData\Roaming\IDM
Task: {EFF36D42-AC26-4094-9CC0-267055712B3E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-16] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files\Speed Up My PC - for gamer\speedupmypc.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Subscription.job => C:\Program Files\Speed Up My PC - for gamer\speedupmypc.exe <==== ATTENTION
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-01-22 13:54 - 2016-01-22 13:54 - 00486064 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
2016-09-07 21:10 - 2016-09-06 22:29 - 01806152 _____ () C:\Program Files\Google\Chrome\Application\53.0.2785.101\libglesv2.dll
2016-09-07 21:10 - 2016-09-06 22:29 - 00094024 _____ () C:\Program Files\Google\Chrome\Application\53.0.2785.101\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7910 more sites.
IE trusted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-109191986-1445244477-1993111821-1000\...\123simsen.com -> www.123simsen.com
There are 7908 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 23:04 - 2016-09-08 18:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-109191986-1445244477-1993111821-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: AvgAMPS => 3
MSCONFIG\Services: AVGIDSAgent => 2
MSCONFIG\Services: avgsvc => 2
MSCONFIG\Services: avgwd => 2
MSCONFIG\Services: Backupper Service => 2
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: cbVSCService11 => 2
MSCONFIG\Services: CobianBackup11 => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: EaseUS Agent => 2
MSCONFIG\Services: EBC Client => 2
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: PnkBstrA => 2
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SEVPNCLIENT => 2
MSCONFIG\Services: SplashtopRemoteService => 2
MSCONFIG\Services: SSUService => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: SuperRam => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMnetDHCP => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMware NAT Service => 2
MSCONFIG\Services: vToolbarUpdater40.3.5 => 2
MSCONFIG\Services: WtuSystemSupport => 2
MSCONFIG\Services: ZAPrivacyService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^rvlkl.lnk => C:\Windows\pss\rvlkl.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoftEther VPN Client Manager Startup.lnk => C:\Windows\pss\SoftEther VPN Client Manager Startup.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AvgUi => "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
MSCONFIG\startupreg: AVG_UI => "C:\Program Files\AVG\Av\avuirunnerx.exe" C:\Program Files\AVG\Av\avgui.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Everything => "C:\Program Files\Everything\Everything.exe" -startup
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: qBittorrent => "C:\Program Files\qBittorrent\qbittorrent.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: SoftEther VPN Client UI Helper => "C:\Program Files\SoftEther VPN Client\vpnclient.exe" /uihelp
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
MSCONFIG\startupreg: SuperRam => "C:\Program Files\PGWARE.super.ram\SuperRam\SuperRamTray.exe" /start
MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Web TuneUp\vprot.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{573AA802-D091-4CD7-B336-1666541B8CDB}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{4DCB7B1E-A3F2-4F26-A82F-69AC313D6E66}] => (Allow) C:\Program Files\Breath of Fire IV\BOF4.exe
FirewallRules: [{35365D28-6B24-42A9-AEB7-842809FD7329}] => (Allow) C:\Program Files\Breath of Fire IV\BOF4.exe
FirewallRules: [{6FC557EE-14AA-4EEB-8DB3-4FD3EF5513F0}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{31085B58-041C-4328-A635-4A1A21800B7D}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{5870C085-BCAF-41DE-84CB-4C46F2DEBB2E}C:\program files\far cry 3 inc. blood dragon\far cry 3\bin\farcry3.exe] => (Allow) C:\program files\far cry 3 inc. blood dragon\far cry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{C79FDB06-FB2A-4343-B7AB-0A4DC7B4C892}C:\program files\far cry 3 inc. blood dragon\far cry 3\bin\farcry3.exe] => (Allow) C:\program files\far cry 3 inc. blood dragon\far cry 3\bin\farcry3.exe
FirewallRules: [{D0A4FC48-AD43-4429-93E4-B48B114777A9}] => (Block) C:\program files\far cry 3 inc. blood dragon\far cry 3\bin\farcry3.exe
FirewallRules: [{1971E94F-4EE8-45EF-BC61-B613C26D52E0}] => (Block) C:\program files\far cry 3 inc. blood dragon\far cry 3\bin\farcry3.exe
FirewallRules: [{FEF63EDD-FEC4-4095-A58D-432518FF4818}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B4636DBE-3972-41C5-9212-19EC1F0B580D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{794CBE14-026A-4E8B-9F97-3DA2E3ECC05E}] => (Allow) C:\Program Files\Mr DJ\STALKER Call Of Pripyat\Stalker-COP.exe
FirewallRules: [{F2D46954-B55A-4BC5-AA20-353080357D28}] => (Allow) C:\Program Files\Mr DJ\STALKER Call Of Pripyat\Stalker-COP.exe
FirewallRules: [{6F5738ED-5F9B-4954-A6D9-23BBCD0F3712}] => (Allow) C:\Program Files\Mr DJ\Need For Speed Most Wanted Black Edition\speed.exe
FirewallRules: [{8698B47C-0F64-4B64-9BB2-6CAE798C4A18}] => (Allow) C:\Program Files\Mr DJ\Need For Speed Most Wanted Black Edition\speed.exe
FirewallRules: [TCP Query User{56172A0F-E823-49DE-B17D-96A4C6CB1A33}C:\program files\r.g. mechanics\outlast\binaries\win32\olgame.exe] => (Allow) C:\program files\r.g. mechanics\outlast\binaries\win32\olgame.exe
FirewallRules: [UDP Query User{DFC90217-69E6-4A42-B84F-89DA4FC8A1C1}C:\program files\r.g. mechanics\outlast\binaries\win32\olgame.exe] => (Allow) C:\program files\r.g. mechanics\outlast\binaries\win32\olgame.exe
FirewallRules: [{911025C7-6590-461A-9FFF-D44D23910A40}] => (Block) C:\program files\r.g. mechanics\outlast\binaries\win32\olgame.exe
FirewallRules: [{6BD45EEA-7EBF-45A6-A8C7-765231447C95}] => (Block) C:\program files\r.g. mechanics\outlast\binaries\win32\olgame.exe
FirewallRules: [TCP Query User{EA8106BB-02FB-4DAB-BB34-6183AF15A1FD}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{527D7D99-79E6-4D72-993B-4C2463488333}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe
FirewallRules: [{633D7907-50B7-4623-B2CD-59A0858F6D7F}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{F8BA95F3-D2B5-4E49-BF0B-3709F6C3ADCF}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{56500ADC-EFCE-49A1-9B74-B3AA0C72ADDF}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{10B33E90-5A2C-4BB2-BD7B-F02407EB9884}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{C885CD8A-42F0-4C8C-BB7A-A98010AD0A56}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{ED783E5D-E42D-4E12-93D0-E5F4EC1FBB2A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [TCP Query User{61BA9188-51AB-41A3-AFD2-290D0EA569A7}C:\games\splinter cell blacklist\src\system\blacklist_game.exe] => (Allow) C:\games\splinter cell blacklist\src\system\blacklist_game.exe
FirewallRules: [UDP Query User{9EE86E81-F3B3-4141-8257-8AD7EDE88E19}C:\games\splinter cell blacklist\src\system\blacklist_game.exe] => (Allow) C:\games\splinter cell blacklist\src\system\blacklist_game.exe
FirewallRules: [{68D5D90C-A868-4498-B00B-F3C999D64ED3}] => (Allow) C:\Dirt 3 Complete Edition\dirt3_game.exe
FirewallRules: [{6966397E-EE88-4205-A192-EF201A9D9A6B}] => (Allow) C:\Dirt 3 Complete Edition\dirt3_game.exe
FirewallRules: [{55F7CA2F-1179-42F2-8443-0D5EB6F7CC2E}] => (Allow) C:\Program Files\Zona\Zona.exe
FirewallRules: [{5B599378-8DF9-4E02-8EF2-55664D462B70}] => (Allow) C:\Program Files\Zona\Zona.exe
FirewallRules: [{06FBC466-D496-43F7-94C3-FCAAC935E457}] => (Allow) C:\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
FirewallRules: [{F8C95D55-31C1-4DA3-B501-82EF4CFE5AAF}] => (Allow) C:\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
FirewallRules: [{CE747DDF-191C-4D96-91FA-C9929472BF37}] => (Allow) C:\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe
FirewallRules: [{6EDEBCF8-25CC-4D59-B6B1-D29ADCE020A1}] => (Allow) C:\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe
FirewallRules: [TCP Query User{B23C572B-18E9-4336-B239-1A101F310902}C:\program files\zona\zona.exe] => (Allow) C:\program files\zona\zona.exe
FirewallRules: [UDP Query User{A63886B7-83C2-4AC4-8114-9FCA4B9B9271}C:\program files\zona\zona.exe] => (Allow) C:\program files\zona\zona.exe
FirewallRules: [TCP Query User{AD9AE70E-D2BA-4300-9BD0-FE899C11606B}C:\rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Allow) C:\rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [UDP Query User{20AB67F7-CFC2-4E3E-A7B0-2CD4E189CFB3}C:\rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Allow) C:\rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [{CE1029F8-A144-4112-A501-6F1AC8382CD3}] => (Allow) C:\H.A.W.X. 2\HAWX2.exe
FirewallRules: [{9E34B8FD-C177-4A4C-A029-D486B410607D}] => (Allow) C:\H.A.W.X. 2\HAWX2.exe
FirewallRules: [{DADDCDA6-6ACE-4990-BF0B-A6CAF646EDA0}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{93FE3338-A6B9-4782-9CB3-46D6A7A9A34F}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{01B7024E-B609-4837-A140-009ECE3A55C3}] => (Allow) C:\Arma 2 - Operation Arrowhead - DEMO\ArmA2OA_Demo.exe
FirewallRules: [{6CEDC194-9014-4A4C-BEBB-F317A54FB4FB}] => (Allow) C:\Arma 2 - Operation Arrowhead - DEMO\ArmA2OA_Demo.exe
FirewallRules: [TCP Query User{24CE502F-A554-4971-96A6-C77E6E01FA5C}C:\h.a.w.x. 2\hawx2_dx11.exe] => (Allow) C:\h.a.w.x. 2\hawx2_dx11.exe
FirewallRules: [UDP Query User{72846C2E-BD31-4DCC-9503-E00A9EB41E0C}C:\h.a.w.x. 2\hawx2_dx11.exe] => (Allow) C:\h.a.w.x. 2\hawx2_dx11.exe
FirewallRules: [TCP Query User{32EAE065-B404-42D5-890D-CF214FF567AF}C:\h.a.w.x. 2\data\browser\uplaybrowser.exe] => (Allow) C:\h.a.w.x. 2\data\browser\uplaybrowser.exe
FirewallRules: [UDP Query User{EBDC3973-D6A6-4A31-AF40-8460F4911183}C:\h.a.w.x. 2\data\browser\uplaybrowser.exe] => (Allow) C:\h.a.w.x. 2\data\browser\uplaybrowser.exe
FirewallRules: [TCP Query User{0A8CF86E-DACF-47E0-BC72-30DE62E9DF60}C:\program files\call of duty - world at war\codwaw.exe] => (Allow) C:\program files\call of duty - world at war\codwaw.exe
FirewallRules: [UDP Query User{A2AB4F79-6131-4103-A0F8-8DAE306A1CDF}C:\program files\call of duty - world at war\codwaw.exe] => (Allow) C:\program files\call of duty - world at war\codwaw.exe
FirewallRules: [TCP Query User{8413D049-E986-47C8-B208-F9FD73D0F9F8}C:\tom clancy's ghost recon advanced warfighter\graw.exe] => (Allow) C:\tom clancy's ghost recon advanced warfighter\graw.exe
FirewallRules: [UDP Query User{A289C104-8331-4EBD-ACB8-1A2ED589A35D}C:\tom clancy's ghost recon advanced warfighter\graw.exe] => (Allow) C:\tom clancy's ghost recon advanced warfighter\graw.exe
FirewallRules: [{BFE494D9-FCB8-447C-A7CB-6752C93E95A0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{DECF1E35-F96A-4E27-9D62-D2787DD794B9}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{3B0B8145-AE6F-450A-9000-9927AB04F3EB}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{DD966885-58CF-4C19-B1CB-1D9797B49F81}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{B097A63B-226C-4749-AE66-389E8793BBFF}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{B3DA0584-28A8-4200-AC75-9882AA515049}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{F020948E-76C4-47A0-9CFA-F952CEFB9F26}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{0053EF1F-1F1B-4767-8D63-9E338642C9EA}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{1D8401DC-8A76-4EE5-AEFC-ABCC69189BF0}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
==================== Restore Points =========================
07-09-2016 15:51:37 Scheduled Checkpoint
08-09-2016 01:01:38 Installed AVG 2016
08-09-2016 01:04:35 Installed AVG
==================== Faulty Device Manager Devices =============
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: A0GW1DNV IDE Controller
Description: A0GW1DNV IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: awzt6if7
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/08/2016 06:32:36 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Error: (09/08/2016 06:32:36 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Error: (09/08/2016 06:32:36 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Error: (09/08/2016 06:25:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pev.3XE, version: 0.0.0.0, time stamp: 0x4e06cfe8
Faulting module name: pev.3XE, version: 0.0.0.0, time stamp: 0x4e06cfe8
Exception code: 0xc0000417
Fault offset: 0x00081dc9
Faulting process id: 0x1324
Faulting application start time: 0x01d20a178ccf3dcb
Faulting application path: C:\ComboFix\pev.3XE
Faulting module path: C:\ComboFix\pev.3XE
Report Id: ca9f7d4f-760a-11e6-ab6f-00acb7759e71
Error: (09/08/2016 04:41:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Error: (09/08/2016 04:41:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Error: (09/08/2016 04:41:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Error: (09/07/2016 10:42:35 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Error: (09/07/2016 10:42:35 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Error: (09/07/2016 10:42:35 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
System errors:
=============
Error: (09/08/2016 06:51:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (09/08/2016 06:51:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (09/08/2016 06:51:47 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Error: (09/08/2016 06:48:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (09/08/2016 06:48:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (09/08/2016 06:48:56 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Error: (09/08/2016 06:47:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (09/08/2016 06:47:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (09/08/2016 06:47:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (09/08/2016 06:47:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
CodeIntegrity:
===================================
Date: 2016-03-19 02:31:50.177
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-19 01:18:36.270
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-19 01:18:35.266
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-19 01:16:27.934
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-19 01:16:24.174
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\GbPlugin\gbpinj.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD C-50 Processor
Percentage of memory in use: 73%
Total physical RAM: 1645.47 MB
Available physical RAM: 438.21 MB
Total Virtual: 3290.95 MB
Available Virtual: 2035.37 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:80.39 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 000336C0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================