TechSpot

High mem/cpu usage after lock screen

By Nova94
May 26, 2015
  1. Hello everyone, and thank you for accepting me into your community. I hope I can give in as much as I'll learn in here. I have been having problems with my computer for a couple of weeks now. To start off, whenever I leave my computer and come back to it, it is painfully slow and freezes for a couple of minutes before it goes back to normal again. When I do frustratingly log in, I can see in task manager all of my 8gb ram used up but it doesn't show in task manage which program is using it. The only high memory usage programs I get is a process svchost.exe which uses about 500 upon resuming windows and 500 by avp,exe which is my antivirus, but in no way do all the process add up to anywhere near as 3 gb. I would also like to add that in the same time, my hard disk will go down to a couple of 100s mb free but later when the computer isn't freezing anymore the space comes back up.

    I stumbled upon this website while trying to understand what was going on with my pc and did try some of the solutions in other posts for other people. It didn't solve all the problems but helped with my Internet connection which wouldn't work sometimes despite having a stable Internet connection. I realized if I'm to really fix this, I need to post my own logs. I ran frst and will post the logs in next comment.
     
  2. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2015
    Ran by GIINOVA (administrator) on GIINOVA-PC on 26-05-2015 17:25:52
    Running from C:\Users\GIINOVA\Desktop\frst
    Loaded Profiles: GIINOVA (Available Profiles: GIINOVA & Guest)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser not detected!)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
    () C:\ProgramData\DatacardService\HWDeviceService64.exe
    (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    (Chris Pietschmann (http://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
    (Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
    (Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
    (EuroTech Automatic Equipment Co., Ltd.) C:\Program Files (x86)\iFree Skype Recorder\irecorder.exe
    (BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
    (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    () C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Connectify) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
    HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\Run: [HDSoft] => C:\Program Files (x86)\iFree Skype Recorder\irecorder.exe [2489832 2014-12-05] (EuroTech Automatic Equipment Co., Ltd.)
    HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [289584 2015-05-19] (BitTorrent, Inc.)
    HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
    HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\Run: [Mobile Partner] => C:\Program Files (x86)\Ooredoo 4G MyFi\Ooredoo 4G MyFi
    ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll [2014-09-03] (Kaspersky Lab ZAO)
    ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll [2014-09-03] (Kaspersky Lab ZAO)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-12834325-137255723-1760620863-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-12834325-137255723-1760620863-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-09-03] (Kaspersky Lab ZAO)
    BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-09-03] (Kaspersky Lab ZAO)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-21] (Oracle Corporation)
    BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-09-03] (Kaspersky Lab ZAO)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-21] (Oracle Corporation)
    BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-09-03] (Kaspersky Lab ZAO)
    BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-09-03] (Kaspersky Lab ZAO)
    BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-09-03] (Kaspersky Lab ZAO)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-31] (Oracle Corporation)
    BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-09-03] (Kaspersky Lab ZAO)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-31] (Oracle Corporation)
    BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-09-03] (Kaspersky Lab ZAO)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default
    FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
    FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-03-10] (EA Digital Illusions CE AB)
    FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-21] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-21] (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
    FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
    FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-03-10] (EA Digital Illusions CE AB)
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-31] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-31] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Extension: MEGA - C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\Extensions\firefox@mega.co.nz.xpi [2015-03-29]
    FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
    FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2014-09-03]
    FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
    FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-03]
    FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
    FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2014-09-03]
    FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
    FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2014-09-03]
    FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
    FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2014-09-03]
    FF Extension: No Name - C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [not found]
    FF Extension: No Name - C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [not found]
    FF Extension: No Name - C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [not found]
    FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

    Chrome:
    =======
    CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2013-11-11]
    CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh
    CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2013-11-11]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
    R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2014-10-15] (Connectify) []
    R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
    S4 D_Link_DWA-125_WPS; C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe [53248 2010-07-12] () []
    R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-20] (Electronic Arts)
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-09-07] ()
    R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-20] (TeamViewer GmbH)
    R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (http://pietschsoft.com)) []
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2010-05-29] ()
    R0 C95A9BD0; C:\Windows\System32\drivers\C95A9BD0.sys [457824 2015-05-10] (Kaspersky Lab ZAO)
    R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [42152 2014-12-11] (Connectify)
    R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
    R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
    R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-07] (Disc Soft Ltd)
    R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-09-03] (Kaspersky Lab ZAO)
    U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-09-03] (Kaspersky Lab ZAO)
    R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628288 2014-09-03] (Kaspersky Lab ZAO)
    R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-09-03] (Kaspersky Lab ZAO)
    R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
    R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
    R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-11-11] (Kaspersky Lab ZAO)
    R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177864 2015-02-18] (Kaspersky Lab ZAO)
    S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2014-06-29] (http://libusb-win32.sourceforge.net)
    S3 libusb0; C:\Windows\SysWOW64\DRIVERS\libusb0.sys [52832 2015-02-26] (http://libusb-win32.sourceforge.net)
    R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-04-14] (Malwarebytes Corporation)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-26] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
    R3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1617472 2011-04-28] (Ralink Technology Corp.)
    R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
    S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr))
    S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
    R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2014-08-30] (C-Media Electronics Inc)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 massfilter_lte; system32\DRIVERS\massfilter_LTE.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    S3 zgdcat; system32\DRIVERS\zgdcat.sys [X]
    S3 zgdcdiag; system32\DRIVERS\zgdcdiag.sys [X]
    S3 zgdcmdm; system32\DRIVERS\zgdcmdm.sys [X]
    S3 zgdcnet; system32\DRIVERS\zgdcnet.sys [X]
    S3 zgdcnmea; system32\DRIVERS\zgdcnmea.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-26 17:25 - 2015-05-26 17:25 - 02108928 _____ (Farbar) C:\Users\GIINOVA\Downloads\FRST64 (2).exe
    2015-05-26 17:25 - 2015-05-26 17:25 - 00000000 ____D () C:\Users\GIINOVA\Desktop\frst
    2015-05-26 07:55 - 2015-05-26 08:48 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2015-05-26 07:54 - 2015-05-26 07:54 - 00000000 ____D () C:\Users\GIINOVA\mbar
    2015-05-26 07:51 - 2015-05-26 07:52 - 16502728 _____ (Malwarebytes Corp.) C:\Users\GIINOVA\Downloads\mbar-1.09.1.1004.exe
    2015-05-26 07:50 - 2015-05-26 07:51 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\GIINOVA\Downloads\tdsskiller.exe
    2015-05-26 07:37 - 2013-10-31 15:18 - 00562368 _____ (Sysinternals - www.sysinternals.com) C:\Users\GIINOVA\Desktop\RAMMap.exe
    2015-05-26 04:36 - 2015-05-26 11:41 - 00000000 ____D () C:\Users\GIINOVA\Downloads\Yu-Gi-Oh! Duel Monsters
    2015-05-26 04:34 - 2015-05-26 04:34 - 00033491 _____ () C:\Users\GIINOVA\Downloads\Yu-Gi-Oh Season 0.torrent
    2015-05-26 04:15 - 2015-05-26 04:15 - 00009471 _____ () C:\Users\GIINOVA\Documents\infect found.txt
    2015-05-26 03:33 - 2015-05-26 03:34 - 02974203 _____ () C:\Users\GIINOVA\Downloads\tumblr_nou9azleS81u8bd6k.mp4
    2015-05-26 03:30 - 2015-05-26 03:37 - 12254157 _____ () C:\Users\GIINOVA\Downloads\tumblr_norudjq1AC1ur94e8.mp4
    2015-05-26 03:22 - 2015-05-26 03:26 - 11209558 _____ () C:\Users\GIINOVA\Downloads\rebox.NET.2993.zip
    2015-05-26 03:19 - 2015-05-26 03:26 - 32321536 _____ () C:\Users\GIINOVA\Downloads\BDtoAVCHD_v2.4.2.msi
    2015-05-26 03:06 - 2015-05-26 03:06 - 1192165376 _____ () C:\Users\GIINOVA\Looney.Tunes.E01.1080p.BluRay.REMUX.AVC.DD1.0-RARBG.iso
    2015-05-26 03:01 - 2015-05-26 03:08 - 38522618 _____ () C:\Users\GIINOVA\Downloads\multiAVCHD_4.1.exe
    2015-05-26 03:00 - 2015-05-26 03:03 - 16753416 _____ () C:\Users\GIINOVA\Downloads\HandBrake-0.10.1-x86_64-Win_GUI.exe
    2015-05-26 02:59 - 2015-05-26 03:00 - 02825369 _____ () C:\Users\GIINOVA\Downloads\tsMuxeR_2.6.12.zip
    2015-05-26 02:16 - 2015-05-26 02:16 - 00000000 ____D () C:\Users\GIINOVA\.VirtualBox
    2015-05-26 02:15 - 2015-05-26 02:15 - 00000601 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
    2015-05-26 02:15 - 2015-05-26 02:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
    2015-05-26 02:15 - 2014-03-26 19:01 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
    2015-05-26 02:15 - 2014-03-26 19:00 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
    2015-05-26 00:19 - 2015-05-26 00:29 - 107394336 _____ (Oracle Corporation) C:\Users\GIINOVA\Downloads\VirtualBox-4.3.10-93012-Win.exe
    2015-05-25 23:51 - 2015-05-25 23:52 - 02347384 _____ (ESET) C:\Users\GIINOVA\Downloads\esetsmartinstaller_enu.exe
    2015-05-25 23:49 - 2015-05-25 23:49 - 00001670 _____ () C:\Users\GIINOVA\Downloads\FSS.txt
    2015-05-25 23:31 - 2015-05-25 23:46 - 00000000 ____D () C:\ProgramData\RogueKiller
    2015-05-25 23:31 - 2015-05-25 23:31 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
    2015-05-25 23:28 - 2015-05-25 23:28 - 02108928 _____ (Farbar) C:\Users\GIINOVA\Downloads\FRST64 (1).exe
    2015-05-25 23:24 - 2015-05-25 23:25 - 00045602 _____ () C:\Users\GIINOVA\Downloads\Addition.txt
    2015-05-25 23:23 - 2015-05-25 23:25 - 00065881 _____ () C:\Users\GIINOVA\Downloads\FRST.txt
    2015-05-25 23:19 - 2015-05-25 23:19 - 00095484 _____ () C:\Users\GIINOVA\Downloads\Extras.Txt
    2015-05-25 23:18 - 2015-05-25 23:18 - 00124868 _____ () C:\Users\GIINOVA\Downloads\OTL.Txt
    2015-05-25 23:13 - 2015-05-26 17:25 - 00000000 ____D () C:\FRST
    2015-05-25 23:11 - 2015-05-25 23:12 - 02108928 _____ (Farbar) C:\Users\GIINOVA\Downloads\FRST64.exe
    2015-05-25 22:50 - 2015-05-25 22:50 - 00602112 _____ (OldTimer Tools) C:\Users\GIINOVA\Downloads\OTL.exe
    2015-05-25 22:47 - 2015-05-25 22:48 - 02223104 _____ () C:\Users\GIINOVA\Downloads\adwcleaner_4.205 (1).exe
    2015-05-25 22:39 - 2015-05-25 22:42 - 00000000 ____D () C:\AdwCleaner
    2015-05-25 19:09 - 2015-05-25 19:09 - 02223104 _____ () C:\Users\GIINOVA\Downloads\adwcleaner_4.205.exe
    2015-05-25 16:55 - 2015-05-25 16:55 - 00018895 _____ () C:\ComboFix.txt
    2015-05-25 16:36 - 2015-05-25 16:36 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\GIINOVA\Downloads\rkill.exe
    2015-05-25 16:34 - 2015-05-25 16:36 - 20781656 _____ () C:\Users\GIINOVA\Downloads\RogueKillerX64.exe
    2015-05-25 16:34 - 2015-05-25 16:35 - 05198336 _____ (AVAST Software) C:\Users\GIINOVA\Downloads\aswMBR.exe
    2015-05-25 16:33 - 2015-05-25 16:55 - 00000000 ____D () C:\Qoobox
    2015-05-25 16:33 - 2015-05-25 16:55 - 00000000 ____D () C:\ComboFix
    2015-05-25 16:33 - 2015-05-25 16:34 - 00000111 _____ () C:\Users\GIINOVA\Documents\fix computer.txt
    2015-05-25 16:33 - 2011-06-26 09:45 - 00256000 _____ () C:\Windows\PEV.exe
    2015-05-25 16:33 - 2010-11-07 20:20 - 00208896 _____ () C:\Windows\MBR.exe
    2015-05-25 16:33 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2015-05-25 16:33 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2015-05-25 16:33 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2015-05-25 16:33 - 2000-08-31 03:00 - 00098816 _____ () C:\Windows\sed.exe
    2015-05-25 16:33 - 2000-08-31 03:00 - 00080412 _____ () C:\Windows\grep.exe
    2015-05-25 16:33 - 2000-08-31 03:00 - 00068096 _____ () C:\Windows\zip.exe
    2015-05-25 16:30 - 2015-05-25 16:54 - 00000000 ____D () C:\Windows\erdnt
    2015-05-25 16:30 - 2015-05-25 16:30 - 00415232 _____ (Farbar) C:\Users\GIINOVA\Downloads\FSS.exe
    2015-05-25 16:28 - 2015-05-25 16:29 - 05628291 ____R (Swearware) C:\Users\GIINOVA\Downloads\ComboFix.exe
    2015-05-25 16:15 - 2015-05-25 16:15 - 00276267 _____ () C:\Users\GIINOVA\Downloads\RAMMap.zip
    2015-05-24 23:31 - 2015-05-24 23:32 - 06131182 _____ () C:\Users\GIINOVA\Downloads\The.Road.2009.1080p.BDRemux.DTS-MA.H264.Rus.Eng.nzb
    2015-05-24 10:20 - 2015-05-25 22:12 - 00000000 ____D () C:\Users\GIINOVA\Downloads\Yu-Gi-Oh! Complete + Capsule Monsters + Movie
    2015-05-24 10:07 - 2015-05-24 10:07 - 01190415 _____ () C:\Users\GIINOVA\Downloads\ProcessExplorer (2).zip
    2015-05-24 10:06 - 2015-05-24 10:06 - 00001071 _____ () C:\Users\Public\Desktop\Notepad++.lnk
    2015-05-24 10:04 - 2015-05-24 10:04 - 00305664 _____ (Secure By Design Inc.) C:\Users\GIINOVA\Downloads\NiniteProTrial.exe
    2015-05-24 10:00 - 2015-05-24 10:00 - 00001062 _____ () C:\Users\Public\Desktop\VLC media player.lnk
    2015-05-24 10:00 - 2015-05-24 10:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2015-05-24 09:56 - 2015-05-24 09:56 - 00305664 _____ (Secure By Design Inc.) C:\Users\GIINOVA\Downloads\Ninite VLC Installer.exe
    2015-05-24 09:56 - 2015-05-24 09:56 - 00305664 _____ (Secure By Design Inc.) C:\Users\GIINOVA\Downloads\Ninite Chrome Installer.exe
    2015-05-24 09:45 - 2015-05-24 09:49 - 40403256 _____ () C:\Users\GIINOVA\Downloads\Skype 7.4.32.102 silent.exe
    2015-05-24 05:29 - 2015-05-24 05:31 - 08184300 _____ () C:\Users\GIINOVA\Downloads\TrueAncestor_PKG_Repacker_2.00.zip
    2015-05-24 03:47 - 2015-05-24 07:36 - 3320903680 _____ () C:\Users\GIINOVA\Downloads\en_windows_7_ultimate_with_sp1_x64_dvd_u_677332.iso
    2015-05-24 03:43 - 2015-05-24 03:43 - 00000621 _____ () C:\Users\GIINOVA\Documents\productkey.vbs
    2015-05-24 03:36 - 2015-05-24 03:37 - 02210270 _____ () C:\Users\GIINOVA\Downloads\wsusoffline954.zip
    2015-05-23 22:58 - 2015-05-23 23:04 - 29833438 _____ () C:\Users\GIINOVA\Downloads\vlc-2.2.1-win64.exe
    2015-05-23 22:49 - 2015-05-23 22:49 - 00785532 _____ () C:\Users\GIINOVA\Downloads\ussf.zip
    2015-05-23 22:44 - 2015-05-23 22:44 - 00000000 ____D () C:\Users\GIINOVA\AppData\Local\Supremus Corporation
     
  3. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    2015-05-23 22:42 - 2015-05-23 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Updates Downloader
    2015-05-23 22:42 - 2015-05-23 22:42 - 00001777 _____ () C:\Users\GIINOVA\Desktop\Windows Updates Downloader.lnk
    2015-05-23 22:42 - 2015-05-23 22:42 - 00001759 _____ () C:\Users\Public\Desktop\Windows Updates Downloader.lnk
    2015-05-23 22:42 - 2015-05-23 22:42 - 00000000 ____D () C:\Users\GIINOVA\AppData\Local\Kryptus
    2015-05-23 22:42 - 2015-05-23 22:42 - 00000000 ____D () C:\Program Files\Windows Updates Downloader
    2015-05-23 22:41 - 2015-05-23 22:41 - 00256053 _____ () C:\Users\GIINOVA\Downloads\WUD250B1002Setup.exe
    2015-05-23 22:41 - 2015-04-19 21:58 - 00000000 ____D () C:\Users\GIINOVA\Desktop\1.23 - Recovery Tool 1.0
    2015-05-23 22:40 - 2015-05-23 22:40 - 00018475 _____ () C:\Users\GIINOVA\Downloads\windows-7-sp1-x64-enu.ulz
    2015-05-23 22:39 - 2015-05-23 22:40 - 12317977 _____ () C:\Users\GIINOVA\Downloads\1.23 - Recovery Tool 1.0.rar
    2015-05-23 22:38 - 2015-05-23 22:38 - 00006176 _____ () C:\Users\GIINOVA\Downloads\Dactyl_RPC-1.23.txt
    2015-05-23 22:32 - 2015-05-23 22:32 - 00002229 _____ () C:\Users\GIINOVA\Desktop\RT 7 Lite Launcher (64-Bit).lnk
    2015-05-23 22:32 - 2015-05-23 22:32 - 00002187 _____ () C:\Users\GIINOVA\Desktop\RT 7 Lite (64-Bit).lnk
    2015-05-23 22:32 - 2015-05-23 22:32 - 00000000 ____D () C:\Windows\system32\RT 7 Lite
    2015-05-23 22:32 - 2015-05-23 22:32 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockers Team
    2015-05-23 22:32 - 2015-05-23 22:32 - 00000000 ____D () C:\Program Files\Rockers Team
    2015-05-23 22:31 - 2010-03-10 16:31 - 00000000 ____D () C:\Users\GIINOVA\Desktop\Double Driver
    2015-05-23 22:30 - 2015-05-23 22:30 - 02165485 _____ () C:\Users\GIINOVA\Downloads\double_driver_4.1.0_portable.zip
    2015-05-23 22:27 - 2015-05-23 22:31 - 16183067 _____ (Rockers Team) C:\Users\GIINOVA\Downloads\rt_7_lite_win7_vista_x64.exe
    2015-05-23 22:26 - 2015-05-23 22:27 - 16143818 _____ (Rockers Team) C:\Users\GIINOVA\Downloads\rt_7_lite_win7_Vista_x86_sp1.exe
    2015-05-23 02:36 - 2015-05-24 10:19 - 00000000 ____D () C:\Users\GIINOVA\Downloads\Johnny Bravo
    2015-05-21 04:05 - 2015-05-21 04:05 - 00000000 ____D () C:\Users\GIINOVA\Desktop\New folder (15)
    2015-05-21 04:01 - 2015-05-21 04:01 - 00827584 _____ () C:\Users\GIINOVA\Downloads\IPBE-v4.0.0 (1).zip
    2015-05-21 03:58 - 2015-05-24 02:46 - 00000204 _____ () C:\Users\GIINOVA\Downloads\Iphone.Backup.Extractor.2.5.6.keygen.by.ACME (1).zip
    2015-05-21 03:48 - 2015-05-21 03:48 - 00355203 _____ () C:\Users\GIINOVA\Desktop\iFunBox_Build_1421_0748_555d2226.dmp
    2015-05-21 03:05 - 2015-05-21 03:05 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\redsn0w
    2015-05-21 03:04 - 2015-05-21 03:08 - 00000000 ____D () C:\Users\GIINOVA\Desktop\redsn0w_win_0.9.15b3
    2015-05-21 02:59 - 2015-05-21 03:02 - 52666576 _____ () C:\Users\GIINOVA\Downloads\TaiGJBreak_1210.zip
    2015-05-21 02:49 - 2015-05-21 02:51 - 00000000 ____D () C:\Users\GIINOVA\.tu
    2015-05-21 02:47 - 2015-05-21 02:46 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
    2015-05-21 02:46 - 2015-05-21 02:48 - 17279732 _____ () C:\Users\GIINOVA\Downloads\redsn0w_win_0.9.15b3.zip
    2015-05-21 02:46 - 2015-05-21 02:46 - 00000000 ____D () C:\Program Files\Java
    2015-05-21 02:45 - 2015-05-21 02:46 - 00696904 _____ (Generic ) C:\Users\GIINOVA\Downloads\Setup (1).exe
    2015-05-21 02:41 - 2015-05-21 02:44 - 43189344 _____ (Oracle Corporation) C:\Users\GIINOVA\Downloads\jre-8u45-windows-x64.exe
    2015-05-21 02:34 - 2015-05-21 02:35 - 02535424 _____ () C:\Users\GIINOVA\Downloads\tinyumbrella_windows-x64_8_2_0_60_InstalledJRE.exe
    2015-05-21 02:22 - 2015-05-21 02:22 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\47117FCE.sys
    2015-05-21 02:02 - 2015-05-21 02:11 - 00000000 ____D () C:\Users\GIINOVA\Desktop\iphone 5 camera backup may 21
    2015-05-21 01:47 - 2015-05-24 08:53 - 00038983 _____ () C:\Users\GIINOVA\Downloads\SemiRestore8-Windows-1.0.3.zip
    2015-05-21 01:47 - 2015-05-21 03:03 - 00000000 ____D () C:\Users\GIINOVA\Desktop\Iphone semi-restore for 8.1.2
    2015-05-21 01:23 - 2015-05-21 01:23 - 00000000 _____ () C:\Users\GIINOVA\AppData\Local\{9E4A9185-F523-40D7-87D1-407804A5CE0B}
    2015-05-20 21:02 - 2015-05-20 21:02 - 17425340 _____ () C:\Users\GIINOVA\Downloads\Metal.Gear.Solid.The.Legacy.Collection.PS3-ANTiDOTE.nzb
    2015-05-20 21:00 - 2015-05-20 21:00 - 00502184 _____ () C:\Users\GIINOVA\Downloads\1787.Kindle.eBooks.nzb
    2015-05-20 12:59 - 2015-05-20 13:00 - 03779034 _____ () C:\Users\GIINOVA\Downloads\Gran.Turismo.6.PS3-DUPLEX.nzb
    2015-05-20 12:35 - 2015-05-20 12:36 - 04646332 _____ () C:\Users\GIINOVA\Downloads\Dont.Be.A.Menace.To.South.Central.While.Drinking.Your.Juice.In.Thehe.Hood.REMUX.1080i.BluRay.DTS-HD.MA.5.1.AVC-LEGi0N.nzb
    2015-05-20 12:35 - 2015-05-20 12:35 - 04646330 _____ () C:\Users\GIINOVA\Downloads\Dont.Be.A.Menace.To.South.Central.While.Drinking.Your.Juice.In.The.Hood.Remux.1080i.BluRay.DTS-HD.MA.5.1.AVC-LEGI0N (1).nzb
    2015-05-20 12:33 - 2015-05-20 12:33 - 06336679 _____ () C:\Users\GIINOVA\Downloads\Fury.2014.Bd25-Remux.Fr-En.x264.Dts-BZH29.nzb
    2015-05-20 12:28 - 2015-05-20 12:28 - 03150894 _____ () C:\Users\GIINOVA\Downloads\Fury.2014.1080p.Remux.AVC.FLAC.5.1-EbP (1).nzb
    2015-05-20 12:27 - 2015-05-20 12:27 - 03303154 _____ () C:\Users\GIINOVA\Downloads\Fury.2014.BluRay.Remux.1080p.AVC.DTS-HD.MA.5.1-HiFi (1).nzb
    2015-05-20 12:27 - 2015-05-20 12:27 - 03150894 _____ () C:\Users\GIINOVA\Downloads\Fury.2014.1080p.Remux.AVC.FLAC.5.1-EbP.nzb
    2015-05-20 12:23 - 2015-05-20 12:23 - 04664624 _____ () C:\Users\GIINOVA\Downloads\Non-Stop.Sin.escalas.2014.FullBluray-UsenetHD.nzb
    2015-05-20 04:15 - 2015-05-20 04:16 - 10926924 _____ () C:\Users\GIINOVA\Downloads\SABnzbd-0.7.20-win32-setup.exe
    2015-05-19 19:55 - 2015-05-19 19:56 - 03602254 _____ () C:\Users\GIINOVA\Downloads\WWE.2K15.PS3-iMARS.nzb
    2015-05-19 13:11 - 2015-05-19 13:12 - 05404160 _____ () C:\Users\GIINOVA\Downloads\The.Imitation.Game.2014.COMPLETE.BLURAY-PCH.nzb
    2015-05-19 13:11 - 2015-05-19 13:11 - 05605254 _____ () C:\Users\GIINOVA\Downloads\Interstellar.2014.1080p.CEE.Blu-ray.AVC.DTS-HD.MA.5.1-HDCLUB.nzb
    2015-05-19 13:00 - 2015-05-19 13:00 - 04525864 _____ () C:\Users\GIINOVA\Downloads\The.Dance.of.Reality.2013.BluRay.Remux.1080p.AVC.DTS-HD.MA.5.1-HiFi.nzb
    2015-05-19 13:00 - 2015-05-19 13:00 - 02576124 _____ () C:\Users\GIINOVA\Downloads\Jessabelle.2014.BluRay.Remux.1080p.AVC.DTS-HD.MA.5.1-HiFi.nzb
    2015-05-19 13:00 - 2015-05-19 13:00 - 02425941 _____ () C:\Users\GIINOVA\Downloads\The.Boxtrolls.2014.BluRay.Remux.1080p.Avc.Dts-Hd.Ma.5.1-HIFI (1).nzb
    2015-05-19 12:59 - 2015-05-19 12:59 - 02095531 _____ () C:\Users\GIINOVA\Downloads\Adventure.Time.With.Finn.And.Jake.S04.1080p.BluRay.x264-DEiMOS.nzb
    2015-05-19 12:54 - 2015-05-19 12:54 - 07779178 _____ () C:\Users\GIINOVA\Downloads\Mad5689006MaxIII.nzb
    2015-05-19 12:54 - 2015-05-19 12:54 - 05810509 _____ () C:\Users\GIINOVA\Downloads\mad480867452max.nzb
    2015-05-19 12:53 - 2015-05-19 12:54 - 04905383 _____ () C:\Users\GIINOVA\Downloads\Mad7474676000Max.nzb
    2015-05-19 12:51 - 2015-05-19 12:52 - 02230993 _____ () C:\Users\GIINOVA\Downloads\Taken.3.2014.EXTENDED.1080p.BluRay.DTS.x264-HDA.nzb
    2015-05-19 12:50 - 2015-05-19 12:50 - 01674935 _____ () C:\Users\GIINOVA\Downloads\Dampfnudelblues.2013.1080.BluRay.AC3-NoGroup.nzb
    2015-05-19 12:44 - 2015-05-19 12:44 - 08883481 _____ () C:\Users\GIINOVA\Downloads\Forrest.Gump.1994.BluRay.REMUX.1080p.AVC.DTS-HD.MA.5.1-iFT.nzb
    2015-05-19 12:39 - 2015-05-19 12:39 - 09946058 _____ () C:\Users\GIINOVA\Downloads\Starred.Up.2013.1080p.BluRay.REMUX.AVC.DTS-HD.MA.5.1-RARBG-NZBgeek.nzb
    2015-05-19 12:39 - 2015-05-19 12:39 - 03303154 _____ () C:\Users\GIINOVA\Downloads\Fury.2014.BluRay.Remux.1080p.AVC.DTS-HD.MA.5.1-HiFi.nzb
    2015-05-19 12:38 - 2015-05-19 12:38 - 03190557 _____ () C:\Users\GIINOVA\Downloads\Big.Hero.6.2014.BluRay.Remux.1080p.AVC.DTS-HD.MA.7.1-HiFi.nzb
    2015-05-19 12:38 - 2015-05-19 12:38 - 02720260 _____ () C:\Users\GIINOVA\Downloads\What.We.Did.On.Our.Holiday.2014.BluRay.Remux.1080p.Avc.Dts-Hd.Ma.5.1-HIFI.nzb
    2015-05-19 12:36 - 2015-05-19 12:36 - 05240154 _____ () C:\Users\GIINOVA\Downloads\Need.for.Speed.2014.BluRay.Remux.1080p.AVC.DTS-HD.MA.7.1-HiFi.nzb
    2015-05-19 12:35 - 2015-05-19 12:36 - 04646330 _____ () C:\Users\GIINOVA\Downloads\Dont.Be.A.Menace.To.South.Central.While.Drinking.Your.Juice.In.The.Hood.Remux.1080i.BluRay.DTS-HD.MA.5.1.AVC-LEGI0N.nzb
    2015-05-19 12:35 - 2015-05-19 12:35 - 04912764 _____ () C:\Users\GIINOVA\Downloads\The.Imitation.Game.2014.BluRay.Remux.1080p.AVC.DTS-HD.MA.5.1-decibeL.nzb
    2015-05-19 11:51 - 2015-05-19 12:00 - 42264460 _____ () C:\Users\GIINOVA\Downloads\166624_720x406_500k.mp4-
    2015-05-19 11:12 - 2015-05-19 11:12 - 00063214 _____ () C:\Users\GIINOVA\Downloads\Creamy Goodness.html
    2015-05-19 11:12 - 2015-05-19 11:12 - 00000000 ____D () C:\Users\GIINOVA\Downloads\Creamy Goodness_files
    2015-05-19 11:09 - 2015-05-19 11:09 - 00150108 _____ () C:\Users\GIINOVA\Downloads\Orgasms.And.Cumshot.nzb
    2015-05-19 11:09 - 2015-05-19 11:09 - 00079757 _____ () C:\Users\GIINOVA\Downloads\LeluLove.15.05.08.Clean.All.My.High.Heels.Ruined.Orgasm.XXX.1080p.WMV-TBP.nzb
    2015-05-19 11:08 - 2015-05-19 11:08 - 00090560 _____ () C:\Users\GIINOVA\Downloads\Hegre-Art.15.05.19.Leyla.Sunny.Climax.XXX.1080p.MP4-KTR.nzb
    2015-05-19 11:08 - 2015-05-19 11:08 - 00060805 _____ () C:\Users\GIINOVA\Downloads\Met-Art.15.05.19.Katherine.A.Zolty.XXX.1080p.MP4-KTR.nzb
    2015-05-19 11:08 - 2015-05-19 11:08 - 00060805 _____ () C:\Users\GIINOVA\Downloads\Met-Art.15.05.19.Katherine.A.Zolty.XXX.1080p.MP4-KTR (1).nzb
    2015-05-19 10:43 - 2015-05-19 10:43 - 00320253 _____ () C:\Users\GIINOVA\Downloads\f44652761.nzb
    2015-05-19 10:42 - 2015-05-19 10:42 - 00654148 _____ () C:\Users\GIINOVA\Downloads\f44703598.nzb
    2015-05-19 10:42 - 2015-05-19 10:42 - 00492646 _____ () C:\Users\GIINOVA\Downloads\f44699873.nzb
    2015-05-19 10:37 - 2015-05-19 10:37 - 00229853 _____ () C:\Users\GIINOVA\Downloads\f44604385.nzb
    2015-05-19 10:37 - 2015-05-19 10:37 - 00042296 _____ () C:\Users\GIINOVA\Downloads\f34265312.nzb
    2015-05-19 10:36 - 2015-05-19 10:36 - 00355044 _____ () C:\Users\GIINOVA\Downloads\f20981270.nzb
    2015-05-19 10:36 - 2015-05-19 10:36 - 00278681 _____ () C:\Users\GIINOVA\Downloads\f33737813.nzb
    2015-05-19 10:36 - 2015-05-19 10:36 - 00023689 _____ () C:\Users\GIINOVA\Downloads\f24752016.nzb
    2015-05-19 10:36 - 2015-05-19 10:36 - 00003296 _____ () C:\Users\GIINOVA\Downloads\f20702556.nzb
    2015-05-19 10:35 - 2015-05-19 10:35 - 00357107 _____ () C:\Users\GIINOVA\Downloads\f37719317.nzb
    2015-05-19 10:35 - 2015-05-19 10:35 - 00097590 _____ () C:\Users\GIINOVA\Downloads\f38916304.nzb
    2015-05-19 10:35 - 2015-05-19 10:35 - 00079622 _____ () C:\Users\GIINOVA\Downloads\f38631199.nzb
    2015-05-19 10:35 - 2015-05-19 10:35 - 00063526 _____ () C:\Users\GIINOVA\Downloads\f37147160.nzb
    2015-05-19 10:35 - 2015-05-19 10:35 - 00055904 _____ () C:\Users\GIINOVA\Downloads\f36882830.nzb
    2015-05-19 03:40 - 2015-05-19 03:40 - 00209121 _____ () C:\Users\GIINOVA\Downloads\BDMV Adventure Time S03 Blu-ray.nzb
    2015-05-19 03:09 - 2015-05-19 03:09 - 00095931 _____ () C:\Users\GIINOVA\Downloads\Looney Tunes and Merrie Melodies HQ Project - Part 2of4.nzb
    2015-05-19 02:53 - 2015-05-19 02:53 - 15764064 _____ () C:\Users\GIINOVA\Downloads\ABMC_irc_DejaToons_net_Looney_Tunes_and_Merrie_Melodies_HQ_Project_Part (2).nzb
    2015-05-19 02:53 - 2015-05-19 02:53 - 12900016 _____ () C:\Users\GIINOVA\Downloads\Looney_Tunes_and_Merrie_Melodies_HQ_Project_Part_ABMC_irc_DejaToons_net.nzb
    2015-05-19 01:54 - 2015-05-19 01:54 - 00000000 ____D () C:\Users\GIINOVA\AppData\Local\Steam
    2015-05-19 00:51 - 2015-05-19 00:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
    2015-05-19 00:51 - 2015-05-19 00:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcecm_01007.Wdf
    2015-05-19 00:51 - 2015-05-19 00:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
    2015-05-19 00:50 - 2015-05-19 00:50 - 00001188 _____ () C:\Users\Public\Desktop\Ooredoo 4G MyFi.lnk
    2015-05-19 00:50 - 2015-05-19 00:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
    2015-05-19 00:50 - 2015-05-19 00:50 - 00000000 ____D () C:\Program Files (x86)\Ooredoo 4G MyFi
    2015-05-19 00:50 - 2013-11-01 05:25 - 00376448 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_wwanecm.sys
    2015-05-19 00:50 - 2013-10-23 06:43 - 00121728 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_cdcacm.sys
    2015-05-19 00:50 - 2013-09-02 10:50 - 00456192 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
    2015-05-19 00:50 - 2013-06-29 12:17 - 00246272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
    2015-05-19 00:50 - 2013-03-04 11:32 - 00110592 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
    2015-05-19 00:50 - 2013-03-04 11:32 - 00091648 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
    2015-05-19 00:50 - 2013-03-04 11:32 - 00077312 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
    2015-05-19 00:50 - 2013-03-04 11:32 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
    2015-05-19 00:50 - 2013-03-04 11:21 - 00226048 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
    2015-05-19 00:50 - 2013-01-25 04:16 - 00109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
    2015-05-19 00:50 - 2012-12-22 04:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
    2015-05-19 00:50 - 2012-08-20 03:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
    2015-05-19 00:50 - 2010-10-08 11:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
    2015-05-19 00:50 - 2010-09-26 13:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
    2015-05-19 00:49 - 2015-05-19 00:51 - 00000000 ____D () C:\ProgramData\DatacardService
    2015-05-18 20:29 - 2015-05-18 20:29 - 05385492 _____ () C:\Users\GIINOVA\Downloads\attachments.zip
    2015-05-18 05:15 - 2015-05-18 05:15 - 00000815 _____ () C:\Users\GIINOVA\Desktop\µTorrent.lnk
    2015-05-18 05:15 - 2015-05-18 05:15 - 00000795 _____ () C:\Users\GIINOVA\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
    2015-05-18 00:52 - 2015-05-18 00:52 - 00399736 _____ (BitTorrent, Inc.) C:\Users\GIINOVA\Downloads\utorrent_2.2.1.25203.exe
    2015-05-18 00:51 - 2015-05-18 00:51 - 00289584 _____ (BitTorrent, Inc.) C:\Users\GIINOVA\Downloads\utorrent_1.8.5 (1).exe
    2015-05-18 00:50 - 2015-05-18 00:50 - 00000000 ____D () C:\Users\GIINOVA\Desktop\New folder (14)
    2015-05-18 00:31 - 2015-05-18 00:39 - 00093030 _____ (五福世纪科技有限公司) C:\Users\GIINOVA\Downloads\5F800Setup.exe
    2015-05-18 00:12 - 2015-05-18 00:12 - 48342136 _____ () C:\Users\GIINOVA\Downloads\ABMC_irc_DejaToons_net_Looney_Tunes_and_Merrie_Melodies_HQ_Project_Part (1).nzb
    2015-05-17 16:35 - 2015-05-17 16:35 - 00000000 ____D () C:\Users\GIINOVA\Desktop\dad's records
    2015-05-17 01:47 - 2015-05-17 01:48 - 3133794066 _____ () C:\Users\GIINOVA\Downloads\Archive-3394.zip
    2015-05-16 20:46 - 2015-05-16 20:46 - 10993783 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (17).rar
    2015-05-16 20:44 - 2015-05-16 20:45 - 10065920 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (16).rar
    2015-05-16 18:35 - 2015-05-16 18:35 - 48342136 _____ () C:\Users\GIINOVA\Downloads\ABMC_irc_DejaToons_net_Looney_Tunes_and_Merrie_Melodies_HQ_Project_Part.nzb
    2015-05-15 02:37 - 2015-05-15 02:37 - 00035843 _____ () C:\Users\GIINOVA\Downloads\rush-hour_english-759678.zip
    2015-05-15 02:37 - 2013-07-20 22:01 - 00096833 _____ () C:\Users\GIINOVA\Desktop\Rush.Hour.1.1998.720p.BRrip.x264.YIFY.srt
    2015-05-15 02:28 - 2015-05-15 01:41 - 644989466 _____ () C:\Users\GIINOVA\Downloads\VHB.Rush.Hour.1.1998.72.ESiR.part5.rar
    2015-05-14 19:57 - 2015-05-14 19:57 - 00048356 _____ () C:\Users\GIINOVA\Downloads\pk_english-1039809.zip
    2015-05-14 19:56 - 2015-05-14 19:56 - 00048048 _____ () C:\Users\GIINOVA\Downloads\pk_english-1054444.zip
    2015-05-14 02:02 - 2014-11-23 15:53 - 00000000 ____D () C:\Users\GIINOVA\Desktop\tmp
    2015-05-14 00:24 - 2015-05-14 00:24 - 00265712 _____ () C:\Users\GIINOVA\Downloads\BO2_GSC_Injector_Sample (3).rar
    2015-05-14 00:23 - 2015-05-14 00:24 - 07214512 _____ () C:\Users\GIINOVA\Downloads\(BLES01717)t6mp_ps3f (2).self
    2015-05-14 00:16 - 2015-05-14 00:16 - 14218072 _____ () C:\Users\GIINOVA\Downloads\(DEX)t6mp_ps3f.self
    2015-05-13 23:58 - 2015-05-13 23:58 - 00000000 ____D () C:\dlc for usb
    2015-05-13 23:38 - 2015-05-13 23:38 - 00102400 _____ () C:\Users\GIINOVA\Downloads\(BLES01717) Camo Pack 3 Fix By [XxUnkn0wnxX].pkg
    2015-05-13 23:38 - 2015-05-13 23:38 - 00102400 _____ () C:\Users\GIINOVA\Downloads\(BLES01717) B02 Paladin Camo Fix By [XxUnkn0wnxX].pkg
    2015-05-13 23:38 - 2015-05-13 23:38 - 00102400 _____ () C:\Users\GIINOVA\Downloads\(BLES01717) B02 Mega DLC Pack Fixes By [XxUnkn0wnxX] (1).pkg
    2015-05-13 23:38 - 2015-05-13 23:38 - 00102400 _____ () C:\Users\GIINOVA\Downloads\(BLES01717) B02 Cyborg & Dragon Camo Pack FIX [XxUnkn0wnxX].pkg
    2015-05-13 23:29 - 2015-05-13 23:29 - 00259293 _____ () C:\Users\GIINOVA\Downloads\COD.Advanced.Warfare.ALL.DLC.FIX.rar
    2015-05-13 23:29 - 2015-05-13 23:29 - 00004371 _____ () C:\Users\GIINOVA\Downloads\AW (1).rar
    2015-05-13 22:18 - 2015-05-13 22:30 - 1056324720 _____ () C:\Users\GIINOVA\Downloads\UP0002-BLUS31466_00-CODAW0000000TU13-A0113-V0100-PE.pkg
    2015-05-13 19:04 - 2015-05-13 19:04 - 00043634 _____ () C:\Users\GIINOVA\Downloads\UP0002 BLUS31466 00 CODAWMAP000HAVOC bg 1 b3c411204769fa8842b0bda1f148c1fb265508f7 pkg [Burnbit] (1).torrent
    2015-05-13 18:58 - 2015-05-13 18:58 - 00046376 _____ () C:\Users\GIINOVA\Downloads\kCmetGwjeaWcHqUHozeadIWJxAUpWjBbJgDnkkGpTYXEjzrVGwfwZORpodnYqRMt pkg [Burnbit].torrent
    2015-05-13 18:58 - 2015-05-13 18:58 - 00043634 _____ () C:\Users\GIINOVA\Downloads\UP0002 BLUS31466 00 CODAWMAP000HAVOC bg 1 b3c411204769fa8842b0bda1f148c1fb265508f7 pkg [Burnbit].torrent
    2015-05-13 18:56 - 2015-05-13 18:56 - 00040862 _____ () C:\Users\GIINOVA\Downloads\UP0002 BLUS31466 00 CODAW0000000TU13 A0113 V0100 PE pkg [Burnbit].torrent
    2015-05-13 18:17 - 2015-05-13 18:17 - 00150733 _____ () C:\Users\GIINOVA\Downloads\Fifty.Shades.of.Grey.2015.UNRATED.1080p.BluRay.AVC.DTS-HD.MA.5.1-RARBG-[rarbg.com].torrent
    2015-05-13 02:52 - 2015-05-13 02:53 - 857785241 _____ () C:\Users\GIINOVA\Downloads\CODASCENDANCEBLUS CYBERMANCHA.rar
    2015-05-13 02:31 - 2015-05-13 02:31 - 00000000 ____D () C:\Users\GIINOVA\Desktop\New folder (13)
    2015-05-13 00:59 - 2015-05-13 00:59 - 00004371 _____ () C:\Users\GIINOVA\Downloads\AW.rar
    2015-05-12 22:48 - 2015-05-12 22:48 - 00000550 _____ () C:\Users\GIINOVA\Documents\bo2 dlc.txt
    2015-05-11 20:23 - 2015-05-11 20:23 - 00880208 _____ (Google Inc.) C:\Users\Guest\Downloads\ChromeSetup.exe
    2015-05-11 14:53 - 2015-05-11 14:55 - 00000000 ____D () C:\Users\GIINOVA\Desktop\PSNDL
    2015-05-11 14:52 - 2015-05-11 14:53 - 03199179 _____ () C:\Users\GIINOVA\Downloads\PSNDL - v0.3 (1).zip
    2015-05-11 14:48 - 2015-05-11 14:48 - 02947422 _____ () C:\Users\GIINOVA\Downloads\psnstuff.zip
    2015-05-11 03:33 - 2015-05-11 03:33 - 00054783 _____ () C:\Users\GIINOVA\Downloads\DMoIhmoeRrzAxYvyVZOjjWLNYBptJCexFafnADjsaHqwSFkYRXhWxsXjZWFdHEFp pkg [Burnbit].torrent
    2015-05-11 03:32 - 2015-05-11 03:32 - 00102400 _____ () C:\Users\GIINOVA\Downloads\BO2 FIX BY TheRouLetteBoi (BLES01717).pkg
    2015-05-11 03:32 - 2015-05-11 03:32 - 00102400 _____ () C:\Users\GIINOVA\Downloads\(BLES01717) B02 Mega DLC Pack Fixes By [XxUnkn0wnxX].pkg
    2015-05-11 03:31 - 2015-05-11 03:31 - 00035564 _____ () C:\Users\GIINOVA\Downloads\QJFAdLnpVhVVwTRUxCsvUGYHiHUBJZdXbfwYKqxSurrfWsQmPUEDPievMGjemsQO pkg [Burnbit].torrent
    2015-05-11 03:30 - 2015-05-11 03:30 - 00037604 _____ () C:\Users\GIINOVA\Downloads\wEjkdqdYOibeCxFnQGmoUfVAHZEfqXPEbyNiRWRPAXazRwpFmSFZlAblhdNVsDmJ pkg [Burnbit].torrent
    2015-05-11 03:30 - 2015-05-11 03:30 - 00032904 _____ () C:\Users\GIINOVA\Downloads\iGZAqngEkWjjyPulBZMdJGdTbemCKofrLvZJnHudWscUHnEehyNuzETdjUVpHluk pkg [Burnbit].torrent
    2015-05-11 03:30 - 2015-05-11 03:30 - 00032904 _____ () C:\Users\GIINOVA\Downloads\iGZAqngEkWjjyPulBZMdJGdTbemCKofrLvZJnHudWscUHnEehyNuzETdjUVpHluk pkg [Burnbit] (1).torrent
    2015-05-10 21:46 - 2015-05-10 21:55 - 110470488 _____ (Kaspersky Lab ZAO) C:\Users\GIINOVA\Downloads\KVRT (2).exe
    2015-05-10 02:40 - 2015-05-10 02:41 - 10993783 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (15).rar
    2015-05-10 02:38 - 2015-05-10 02:45 - 12604264 _____ () C:\Users\GIINOVA\Downloads\KVRT (1).exe
    2015-05-10 02:33 - 2015-05-10 02:33 - 00457824 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\C95A9BD0.sys
    2015-05-10 02:31 - 2015-05-10 02:35 - 01244480 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (14).rar
    2015-05-10 02:27 - 2015-05-10 02:28 - 01190415 _____ () C:\Users\GIINOVA\Downloads\ProcessExplorer (1).zip
    2015-05-10 02:24 - 2015-05-10 02:26 - 00900416 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (13).rar
    2015-05-10 02:23 - 2015-05-10 02:24 - 858642975 _____ () C:\Users\GIINOVA\Downloads\Call of Duty Advance warfare.rar
    2015-05-10 02:23 - 2015-05-10 02:23 - 00102400 _____ () C:\Users\GIINOVA\Downloads\COD.Advanced.Warfare.AIO.USA.x23.DLC.FIX.BLUS31466-ZMK.pkg
    2015-05-09 14:00 - 2015-05-09 14:02 - 11526237 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (12).rar
    2015-05-07 19:31 - 2015-05-07 19:31 - 04028560 _____ () C:\Users\GIINOVA\Downloads\SEN_Enabler_v5.8.1_[CEX-DEX]_[4.70].pkg.291.v5.8.1_brewology_com.pkg
    2015-05-06 22:54 - 2015-05-06 22:54 - 07216416 _____ () C:\Users\GIINOVA\Downloads\EBOOT(BLUS31011).BIN
    2015-05-06 15:34 - 2015-05-06 15:34 - 01023776 _____ () C:\Users\GIINOVA\Downloads\B02 SAMPLE PACK 2 1.75 {SPRX V1.5}.rar
    2015-05-06 02:13 - 2015-05-06 02:14 - 09245656 _____ (TeamViewer GmbH) C:\Users\GIINOVA\Downloads\TeamViewer_Setup (5).exe
    2015-05-05 22:27 - 2015-05-05 22:28 - 07216416 _____ () C:\Users\GIINOVA\Downloads\EBOOT(BLES01717) (3).BIN
    2015-05-05 22:22 - 2015-05-05 22:23 - 14218200 _____ () C:\Users\GIINOVA\Downloads\EBOOT(Debug).BIN
    2015-05-05 22:11 - 2015-05-05 22:11 - 00350278 _____ () C:\Users\GIINOVA\Downloads\WebCruiser_Enterprise.rar
    2015-05-05 20:58 - 2015-05-05 21:01 - 09245656 _____ (TeamViewer GmbH) C:\Users\GIINOVA\Downloads\TeamViewer_Setup (4).exe
    2015-05-05 16:34 - 2015-05-05 16:34 - 00000000 ____D () C:\Users\GIINOVA\Desktop\Extortion GTA 1.23 Update4
    2015-05-05 14:20 - 2015-05-05 14:20 - 00265712 _____ () C:\Users\GIINOVA\Downloads\BO2_GSC_Injector_Sample (2).rar
    2015-05-05 13:06 - 2015-05-05 13:06 - 01190415 _____ () C:\Users\GIINOVA\Downloads\ProcessExplorer.zip
    2015-05-05 00:20 - 2015-05-05 00:20 - 07969034 _____ () C:\Users\GIINOVA\Downloads\BO2 Eboot-Self Builder v1.0.rar
    2015-05-05 00:14 - 2015-05-05 00:14 - 00317014 _____ () C:\Users\GIINOVA\Downloads\SPRX Files.rar
    2015-05-05 00:13 - 2015-05-05 00:14 - 07214528 _____ () C:\Users\GIINOVA\Downloads\EBOOT(BLES01717) (2).BIN
    2015-05-04 22:45 - 2015-05-04 22:45 - 00003296 _____ () C:\Users\GIINOVA\Downloads\BO2_GSC_Injector (1).cfg
    2015-05-04 22:44 - 2015-05-05 00:21 - 00000000 ____D () C:\Users\GIINOVA\Desktop\gsc mod menu for bo 1.19
    2015-05-04 22:44 - 2015-05-04 22:45 - 07214512 _____ () C:\Users\GIINOVA\Downloads\(BLES01717)t6mp_ps3f (1).self
    2015-05-04 22:44 - 2015-05-04 22:45 - 00045737 _____ () C:\Users\GIINOVA\Downloads\BO2_GSC_Injector (1).sprx
    2015-05-04 22:43 - 2015-05-04 22:44 - 00265712 _____ () C:\Users\GIINOVA\Downloads\BO2_GSC_Injector_Sample (1).rar
    2015-05-04 21:34 - 2015-05-04 21:35 - 07216416 _____ () C:\Users\GIINOVA\Downloads\EBOOT(BLES01717) (1).BIN
    2015-05-04 20:48 - 2015-05-04 20:49 - 10977983 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (11).rar
    2015-05-04 20:48 - 2015-05-04 20:49 - 10974338 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (10).rar
    2015-05-04 20:47 - 2015-05-04 20:48 - 11738828 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (9).rar
    2015-05-04 19:03 - 2015-05-04 19:03 - 01141898 _____ () C:\Users\Guest\Downloads\Reminder IAL Edexcel Exam 2015 (AS & A Level).zip
    2015-05-04 19:00 - 2015-05-04 19:01 - 00000000 ____D () C:\Users\Public\Documents\New folder
    2015-05-04 18:35 - 2015-05-04 18:35 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\DAEMON Tools Lite
    2015-05-04 18:32 - 2015-05-04 18:32 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\ImgBurn
    2015-05-04 18:31 - 2015-05-04 18:31 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\uTorrent
    2015-05-04 15:08 - 2009-11-03 15:23 - 325400576 _____ () C:\Users\Public\Documents\Tooth paste.VOB
    2015-05-04 15:08 - 2009-11-03 15:23 - 206944256 _____ () C:\Users\Public\Documents\Vitamin C.VOB
    2015-05-04 15:07 - 2009-11-03 15:23 - 416471040 _____ () C:\Users\Public\Documents\Plant Fibers.VOB
    2015-05-04 15:07 - 2009-11-03 15:23 - 337899520 _____ () C:\Users\Public\Documents\mitosis meiosis.VOB
    2015-05-04 15:07 - 2009-11-03 15:23 - 19269632 _____ () C:\Users\Public\Documents\enzyme graphs.VOB
    2015-05-04 15:07 - 2009-11-03 15:23 - 146280448 _____ () C:\Users\Public\Documents\Plant Tissue Culture.VOB
    2015-05-04 15:07 - 2009-11-03 15:23 - 125339648 _____ () C:\Users\Public\Documents\Minerals and Plant Growth.VOB
    2015-05-04 15:06 - 2009-11-03 15:23 - 476852224 _____ () C:\Users\Public\Documents\Daphnia Heartbeat.VOB
    2015-05-04 15:06 - 2009-11-03 15:23 - 318781440 _____ () C:\Users\Public\Documents\Beatroot.VOB
    2015-05-04 15:06 - 2009-11-03 15:23 - 263229440 _____ () C:\Users\Public\Documents\All Practical.VOB
    2015-05-04 15:06 - 2009-11-03 15:23 - 1073565696 ____R () C:\Users\Public\Documents\Enzyme Conc & Activity.VOB
    2015-05-04 15:03 - 2015-05-04 15:03 - 00000000 ____D () C:\Users\GIINOVA\Desktop\sandisk 4gb microsd may 2015
    2015-05-04 14:58 - 2015-05-04 14:58 - 00056320 _____ () C:\Users\GIINOVA\Downloads\update.bin
    2015-05-04 14:34 - 2015-05-04 14:34 - 00000000 ____D () C:\Users\GIINOVA\Desktop\Received files
    2015-05-03 20:51 - 2015-05-03 20:52 - 00900902 _____ () C:\Users\GIINOVA\Downloads\Calendar of Events - Academic Session 2015-16.zip
    2015-05-03 20:45 - 2015-05-03 20:45 - 00068134 _____ () C:\Users\GIINOVA\Downloads\Some new material.zip
    2015-05-03 16:02 - 2015-05-03 16:04 - 26714384 _____ () C:\Users\GIINOVA\Downloads\[BLUS30127]GTA-IV-CJ-PRODUCTION-4xx.pkg
    2015-05-03 16:02 - 2013-02-12 17:19 - 05963776 _____ () C:\Users\GIINOVA\Desktop\update.img
    2015-05-03 15:59 - 2015-05-03 16:00 - 03800057 _____ () C:\Users\GIINOVA\Downloads\GTA IV - CJ Mod Menu.rar
    2015-05-02 20:10 - 2015-05-02 20:18 - 117090583 _____ () C:\Users\GIINOVA\Downloads\[CEX-DEX][BLES-BLUS] GTA V 1.23 Bypass + 35 Scripts=3SockMM-2much4uMM + Garage Bypass + Extras v47 by Kris1EROOT1IK.rar
    2015-05-02 19:10 - 2015-05-02 19:10 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\3BB63724.sys
    2015-05-02 19:10 - 2015-05-02 19:10 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1BEF36F0.sys
    2015-05-01 22:06 - 2015-05-01 22:07 - 05133741 _____ () C:\Users\GIINOVA\Downloads\EVERYTHINGDEXEBOOT.rar
    2015-05-01 21:37 - 2015-05-01 21:38 - 1947749712 _____ () C:\Users\GIINOVA\Downloads\1.23 Restoration.pkg
    2015-04-30 15:53 - 2015-04-30 15:59 - 73238567 _____ () C:\Users\GIINOVA\Downloads\Endeavour.rar
    2015-04-28 13:16 - 2015-04-28 13:30 - 185982042 _____ () C:\Users\GIINOVA\Downloads\toy3 (1).rar
    2015-04-28 12:26 - 2015-04-28 12:33 - 80635226 _____ () C:\Users\GIINOVA\Downloads\toy3.rar
    2015-04-27 15:43 - 2015-04-27 15:43 - 00000000 ____D () C:\Users\GIINOVA\Documents\Visual Studio 2012
    2015-04-27 15:42 - 2015-04-27 15:42 - 00000000 ____D () C:\Program Files (x86)\NuGet
    2015-04-27 15:39 - 2015-04-27 15:39 - 00000000 ____D () C:\Windows\symbols
    2015-04-27 15:38 - 2015-04-27 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
    2015-04-27 15:38 - 2015-04-27 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 Express
    2015-04-27 15:38 - 2015-04-27 15:38 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
    2015-04-27 15:37 - 2015-04-27 15:42 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
    2015-04-27 15:37 - 2015-04-27 15:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
    2015-04-27 15:37 - 2015-04-27 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
    2015-04-27 15:37 - 2015-04-27 15:37 - 00000000 ____D () C:\Windows\SysWOW64\1033
    2015-04-27 15:37 - 2015-04-27 15:37 - 00000000 ____D () C:\Windows\system32\1033
    2015-04-27 15:37 - 2015-04-27 15:37 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
    2015-04-27 15:37 - 2015-04-27 15:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2015-04-27 15:37 - 2015-04-27 15:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
    2015-04-27 15:37 - 2015-04-27 15:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer
    2015-04-27 15:36 - 2015-04-27 15:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
    2015-04-27 15:30 - 2015-04-27 15:32 - 11741552 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (8).rar
    2015-04-27 15:27 - 2015-04-27 15:29 - 11761893 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (7).rar
    2015-04-27 14:08 - 2015-04-27 14:08 - 00049337 _____ () C:\Users\GIINOVA\Downloads\VS2012 WDX ENU iso [Burnbit].torrent
    2015-04-27 14:07 - 2015-04-27 14:07 - 00934728 _____ (Microsoft Corporation) C:\Users\GIINOVA\Downloads\wdexpress_full.exe
    2015-04-26 20:35 - 2015-04-26 20:35 - 00771576 _____ () C:\Users\Guest\Downloads\Practicing material.zip
    2015-04-26 00:30 - 2015-05-26 07:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-26 17:26 - 2014-08-31 18:20 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\uTorrent
    2015-05-26 17:25 - 2014-09-03 00:45 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
    2015-05-26 17:20 - 2015-02-08 00:36 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-05-26 16:17 - 2014-09-01 21:06 - 00000000 ____D () C:\Program Files (x86)\Opera
    2015-05-26 16:17 - 2009-07-14 08:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-05-26 16:16 - 2009-07-14 07:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-05-26 16:16 - 2009-07-14 07:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-05-26 16:15 - 2014-08-28 18:36 - 01694816 _____ () C:\Windows\WindowsUpdate.log
    2015-05-26 16:11 - 2014-08-30 02:10 - 00173302 _____ () C:\Windows\PFRO.log
    2015-05-26 16:11 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-05-26 16:11 - 2009-07-14 07:51 - 00152319 _____ () C:\Windows\setupact.log
    2015-05-26 12:18 - 2014-08-30 02:17 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\Skype
    2015-05-26 08:02 - 2014-08-28 18:31 - 00000000 ____D () C:\Users\GIINOVA
    2015-05-26 07:57 - 2014-08-29 13:39 - 00000000 ____D () C:\Program Files (x86)\Google
    2015-05-26 07:56 - 2014-08-29 13:39 - 00000000 ____D () C:\Users\GIINOVA\AppData\Local\Google
    2015-05-26 03:56 - 2014-08-29 14:30 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\vlc
    2015-05-26 03:48 - 2014-09-26 02:10 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\dvdcss
    2015-05-26 00:48 - 2015-03-19 17:43 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\BitTorrent Sync
    2015-05-26 00:44 - 2015-03-19 17:45 - 00000000 ____D () C:\Users\GIINOVA\Documents\IRD (1)
    2015-05-25 23:48 - 2015-03-19 23:38 - 00000000 ____D () C:\Users\GIINOVA\Documents\iFree Skype Recorder
    2015-05-25 22:46 - 2014-12-11 02:55 - 00000515 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
    2015-05-25 16:55 - 2009-07-14 06:20 - 00000000 __RHD () C:\Users\Default
    2015-05-25 16:53 - 2009-07-14 05:34 - 00000215 _____ () C:\Windows\system.ini
    2015-05-25 16:15 - 2014-12-26 01:52 - 00007605 _____ () C:\Users\GIINOVA\AppData\Local\resmon.resmoncfg
    2015-05-24 22:56 - 2014-08-29 14:49 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\TeamViewer
    2015-05-24 19:49 - 2015-03-15 00:00 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
    2015-05-24 10:08 - 2014-09-26 00:46 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
    2015-05-24 10:07 - 2015-01-03 21:54 - 00001039 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
    2015-05-24 10:07 - 2015-01-03 21:54 - 00001027 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
    2015-05-24 10:06 - 2015-04-11 14:17 - 00000000 ____D () C:\Program Files (x86)\Notepad++
    2015-05-24 10:06 - 2015-03-15 00:00 - 00001996 _____ () C:\Users\GIINOVA\Desktop\FileZilla Client.lnk
    2015-05-24 10:06 - 2015-03-15 00:00 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
    2015-05-24 09:59 - 2014-08-29 14:17 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
    2015-05-24 03:49 - 2015-02-13 17:18 - 00000000 ____D () C:\updates
    2015-05-23 23:56 - 2015-03-15 00:00 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\FileZilla
    2015-05-23 22:12 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\NDF
    2015-05-23 17:43 - 2015-01-16 00:50 - 00000000 ____D () C:\Users\GIINOVA\Desktop\newest nor backups january 2015
    2015-05-23 02:13 - 2009-07-14 06:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-05-22 16:04 - 2014-10-11 07:13 - 00001306 _____ () C:\Users\Guest\Desktop\ROBLOX Player.lnk
    2015-05-22 16:04 - 2014-10-11 07:10 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
    2015-05-21 20:39 - 2014-09-22 14:04 - 00110536 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-05-21 04:01 - 2015-04-11 00:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPhone Backup Extractor
    2015-05-21 01:43 - 2009-07-14 07:45 - 00415024 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-05-20 19:59 - 2014-09-01 21:06 - 00003834 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1409594811
    2015-05-20 04:17 - 2014-09-05 18:36 - 00000987 _____ () C:\Users\GIINOVA\Desktop\SABnzbd.lnk
    2015-05-19 20:23 - 2014-09-06 03:21 - 00000000 ____D () C:\Users\GIINOVA\AppData\Local\QuickPar
    2015-05-19 01:58 - 2014-09-24 03:10 - 00000000 ____D () C:\Program Files (x86)\Steam
    2015-05-19 01:15 - 2015-01-26 23:31 - 00000945 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
    2015-05-19 01:15 - 2015-01-26 23:31 - 00000939 _____ () C:\Users\Public\Desktop\µTorrent.lnk
    2015-05-19 01:10 - 2014-08-28 20:56 - 00110536 _____ () C:\Users\GIINOVA\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-05-19 00:49 - 2014-09-01 01:21 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppLteUU
    2015-05-19 00:48 - 2014-09-01 01:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2015-05-19 00:47 - 2014-12-17 20:35 - 00000000 ____D () C:\Users\GIINOVA\Mobile_Broadband_LTE
    2015-05-16 20:47 - 2015-01-28 19:22 - 00000000 ____D () C:\Users\GIINOVA\Desktop\sold cid
    2015-05-16 09:02 - 2014-10-12 07:35 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\vlc
    2015-05-15 00:54 - 2014-12-08 03:49 - 00004876 _____ () C:\Windows\system32\RaCoInst.log
    2015-05-13 22:18 - 2015-03-19 16:49 - 00000000 ____D () C:\Users\GIINOVA\Downloads\ird files
    2015-05-11 20:25 - 2014-09-22 14:04 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
    2015-05-11 14:28 - 2015-03-15 02:47 - 00000000 ____D () C:\KVRT_Data
    2015-05-04 18:31 - 2009-07-14 10:46 - 00000000 ____D () C:\Windows\RemotePackages
    2015-05-02 02:36 - 2014-08-30 02:17 - 00000000 ____D () C:\ProgramData\Skype
    2015-05-01 15:11 - 2015-02-08 00:36 - 00001098 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-05-01 15:11 - 2015-02-08 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-05-01 15:11 - 2015-02-08 00:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-04-27 15:42 - 2009-07-14 06:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
    2015-04-27 15:37 - 2009-07-14 08:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
    2015-04-27 15:36 - 2014-08-28 19:16 - 00000000 ____D () C:\ProgramData\Package Cache

    ==================== Files in the root of some directories =======

    2014-12-17 20:57 - 2014-12-17 21:00 - 0000600 _____ () C:\Users\GIINOVA\AppData\Local\PUTTY.RND
    2014-12-26 01:52 - 2015-05-25 16:15 - 0007605 _____ () C:\Users\GIINOVA\AppData\Local\resmon.resmoncfg
    2015-05-21 01:23 - 2015-05-21 01:23 - 0000000 _____ () C:\Users\GIINOVA\AppData\Local\{9E4A9185-F523-40D7-87D1-407804A5CE0B}

    Some files in TEMP:
    ====================
    C:\Users\GIINOVA\AppData\Local\Temp\dllnt_dump.dll
    C:\Users\GIINOVA\AppData\Local\Temp\Quarantine.exe
    C:\Users\GIINOVA\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-05-24 19:02

    ==================== End of log ============================
     
  4. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2015
    Ran by GIINOVA at 2015-05-26 17:26:56
    Running from C:\Users\GIINOVA\Desktop\frst
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-12834325-137255723-1760620863-500 - Administrator - Disabled)
    GIINOVA (S-1-5-21-12834325-137255723-1760620863-1000 - Administrator - Enabled) => C:\Users\GIINOVA
    Guest (S-1-5-21-12834325-137255723-1760620863-501 - Limited - Enabled) => C:\Users\Guest

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Kaspersky PURE 3.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
    AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
    AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKLM-x32\...\uTorrent) (Version: 1.8.5 - )
    µTorrent (HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
    Alice Greenfingers 1.00 (HKLM-x32\...\Alice Greenfingers 1.00) (Version: - )
    Alice Greenfingers 2 1.00 (HKLM-x32\...\Alice Greenfingers 2 1.00) (Version: - )
    Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version: - Rebellion)
    AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Battlefield 2142 Deluxe Edition (HKLM-x32\...\{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}) (Version: 1.5.1.0 - Electronic Arts)
    Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
    Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.0 - EA Digital Illusions CE AB)
    BitTorrent Sync (HKLM-x32\...\BitTorrent Sync) (Version: 1.4.110 - BitTorrent Inc.)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
    Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
    Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch (x32 Version: - ) Hidden
    Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
    Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (x32 Version: - ) Hidden
    Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
    Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
    Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
    Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
    Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
    Charles (HKLM-x32\...\Charles_XK72) (Version: - )
    Connectify (HKLM\...\Connectify) (Version: 9.2.2.33000 - Connectify)
    Content Manager Assistant for PlayStation(R) (HKLM-x32\...\{961D5D7E-3DEC-4E3B-9065-EA8074923B18}) (Version: 3.31.7643.1 - Sony Computer Entertainment Inc.)
    ControlConsole API version 2.60 (HKLM-x32\...\{E6C0F5ED-B5EA-451D-8CB1-57902AA188DE}_is1) (Version: 2.60 - Enstone)
    DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
    Data Recovery for iPhone (build 4.5.0) (HKLM-x32\...\Data Recovery for iPhone_is1) (Version: - )
    D-Link DWA-125 (HKLM-x32\...\{E45CACFE-0576-4375-A84F-C34B99A7B652}) (Version: - D-Link)
    Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{32136776-FE3F-453D-80DA-CDD993BDB2A3}) (Version: 11.1.20810.00 - Microsoft Corporation)
    Fallout (HKLM-x32\...\Steam App 38400) (Version: - Interplay Inc.)
    Far Cry 4 - Gold Edition version Far Cry 4 - Gold Edition (HKLM-x32\...\Far Cry 4 - Gold Edition_is1) (Version: Far Cry 4 - Gold Edition - )
    FileZilla Client 3.11.0.1 (HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\FileZilla Client) (Version: 3.11.0.1 - Tim Kosse)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    GTA Online - Recovery Tool (HKLM-x32\...\{98DEAB74-5359-489A-B954-EE178BFCC9CF}_is1) (Version: 3.54 - iMCS Productions)
    HARMONIQ PRO (HKLM\...\C-Media CM106 Like Sound Driver) (Version: - )
    HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
    iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
    iFree Skype Recorder 6.0.15 (HKLM-x32\...\iFree Skype Recorder) (Version: 6.0.15 - iFree Skype Recorder)
    ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
    Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
    Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
    iPhone Backup Extractor (HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\iPhone Backup Extractor) (Version: 5.6.1.272 - Reincubate Ltd)
    iPhone Backup Extractor version 4.0.0 (HKLM-x32\...\iPhone Backup Extractor_is1) (Version: 4.0.0 - )
    iRoot (HKLM-x32\...\{1295E43F-382A-4CB2-9E0F-079C0D7401BB}_is1) (Version: 1.8.2.13135 - 深圳信壹网络有限公司)
    iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
    Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
    Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
    Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
    Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
    Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    Medal of Honor Allied Assault Warchest (HKLM-x32\...\{D61BA037-2326-4CEF-B3AC-252046D0476A}) (Version: 1.11.0.2 - Electronic Arts)
    Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
    Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
    Newsbin for Astraweb (HKLM\...\Newsbin6) (Version: 6.53 - DJI Interprises, LLC)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
    NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
    Ooredoo 4G MyFi (HKLM-x32\...\Ooredoo 4G MyFi) (Version: 1.12.00.1182 - Huawei Technologies Co.,Ltd)
    Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)
    Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
    Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
    Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
    PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
    PBP Unpacker v0.94 (HKLM-x32\...\PBP Unpacker_is1) (Version: - pdc)
    PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
    Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
    Qcma (HKLM\...\Qcma) (Version: 0.3.9 - codestation)
    QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
    Raptr (HKLM-x32\...\Raptr) (Version: - )
    RT 7 Lite (64-Bit) (HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\RT 7 Lite x64) (Version: 1.7.0 - Rockers Team)
    RT 7 Lite x64 (Version: 1.7.0 - Rockers Team) Hidden
    RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
    SABnzbd 0.7.20 (HKLM-x32\...\SABnzbd) (Version: 0.7.20 - The SABnzbd Team)
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
    SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
    Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
    SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
    Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
    TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42849 - TeamViewer)
    Tenorshare iPhone Data Recovery (HKLM-x32\...\Tenorshare iPhone Data Recovery) (Version: - Tenorshare, Inc.)
    The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
    The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED)
    Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore)
    Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    Virtual Router v1.0 (HKLM-x32\...\{BE905C46-2B34-4D73-AEE1-769ED138E0FF}) (Version: 1.0 - Chris Pietschmann)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    VLC Streamer 4.99 (HKLM-x32\...\VLC Streamer_is1) (Version: - )
    Warface (HKLM-x32\...\Steam App 291480) (Version: - Crytek)
    Windows Driver Package - libusb-win32 PS Vita Type B (02/23/2013 1.2.6.0) (HKLM\...\E88FB411ED92EFDB9BF3A5F94548DA4956C0D97B) (Version: 02/23/2013 1.2.6.0 - libusb-win32)
    Windows Updates Downloader (HKLM-x32\...\Windows Updates Downloader) (Version: 2.50 Build 1002 - Supremus Corporation)
    WinRAR 5.11 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.1 - win.rar GmbH)
    Wondershare Dr.Fone for iOS(Build 5.5.5.4) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 5.5.5.4 - Wondershare Software Co.,Ltd.)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Restore Points =========================

    26-05-2015 02:14:04 Installed Oracle VM VirtualBox 4.3.10

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 05:34 - 2015-05-25 22:42 - 00000065 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {3798C331-FA3D-44AB-A79B-323BD3AE320D} - System32\Tasks\Opera scheduled Autoupdate 1409594811 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software)
    Task: {6D1FC673-C66F-48D3-A578-90C30B4F2066} - System32\Tasks\{E7BAF522-CD4B-4B5E-A6B9-8C4FC068CFA8} => C:\Users\GIINOVA\Desktop\alice greenfingers\game\AliceGreenfingers.exe [2007-11-09] ( )
    Task: {8964EFD0-1B44-4F0A-8483-5A681686C65A} - System32\Tasks\{40AB31DF-0835-49E2-A6FD-10F3FA0C003F} => C:\Program Files (x86)\iMCS Productions\GTA Online - Recovery Tool\GTA Online - Recovery Tool.exe [2015-03-26] (iMCS Productions)
    Task: {8FD1F917-0728-4B27-B1C1-36D35C40000B} - System32\Tasks\{FFA8CD6F-4DAC-4922-95BF-A4CB3A48342B} => pcalua.exe -a "C:\Users\GIINOVA\Downloads\lgs510 (1).exe" -d C:\Users\GIINOVA\Downloads
    Task: {9B5EC12C-A730-4CD7-8C15-943D1DC4E7BB} - System32\Tasks\{4FF191D2-FEE9-4911-A060-EE628CBAA533} => C:\Users\GIINOVA\Desktop\alice greenfingers\game\AliceGreenfingers.exe [2007-11-09] ( )
    Task: {E55E7395-96C4-4F20-AC57-A5424DC589A8} - System32\Tasks\{32A3CA15-14A8-431A-A33C-FFF300B32FF2} => C:\Program Files (x86)\iMCS Productions\GTA Online - Recovery Tool\GTA Online - Recovery Tool.exe [2015-03-26] (iMCS Productions)

    ==================== Loaded Modules (Whitelisted) ==============

    2013-10-28 05:02 - 2013-10-28 05:02 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
    2014-09-07 08:39 - 2014-09-07 15:43 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
    2015-05-22 17:44 - 2015-05-22 17:44 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
    2015-03-19 17:44 - 2015-03-19 17:44 - 00102912 _____ () C:\Program Files (x86)\BitTorrent Sync\SyncShellContextMenu.dll
    2014-05-12 12:49 - 2014-05-12 12:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
    2015-05-20 19:58 - 2015-05-20 19:58 - 00479352 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
    2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2012-12-20 18:19 - 2012-12-20 18:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
    2012-12-20 18:19 - 2012-12-20 18:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
    2014-12-08 03:46 - 2014-10-15 22:44 - 00377080 _____ () C:\Program Files (x86)\Connectify\NativeLibrary.dll
    2014-12-08 03:46 - 2014-10-15 22:44 - 00713976 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
    2014-12-08 03:46 - 2014-10-15 22:44 - 03564280 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll
    2014-12-08 03:46 - 2014-10-15 22:44 - 00354040 _____ () C:\Program Files (x86)\Connectify\LibDispatch.dll
    2009-09-09 07:07 - 2009-09-09 07:07 - 00399872 _____ () C:\Program Files (x86)\iFree Skype Recorder\lame_enc.DLL
    2015-05-22 17:44 - 2015-05-22 17:44 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
    2015-05-20 19:58 - 2015-05-20 19:58 - 01576568 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libglesv2.dll
    2015-05-20 19:58 - 2015-05-20 19:58 - 00081016 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libegl.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)
     
  5. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\C95A9BD0.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\C95A9BD0.sys => ""="Driver"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-12834325-137255723-1760620863-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\GIINOVA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1

    ==================== MSCONFIG/TASK MANAGER Error getting ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Content Manager Assistant for PlayStation(R).lnk => C:\Windows\pss\Content Manager Assistant for PlayStation(R).lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Virtual Router Manager.lnk => C:\Windows\pss\Virtual Router Manager.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^GIINOVA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SABnzbd.lnk => C:\Windows\pss\SABnzbd.lnk.Startup
    MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    MSCONFIG\startupreg: CancelAutoPlay_UU => "C:\Program Files (x86)\Qtel 4G LTE_LTE\CancelAutoPlay_UU.exe" run
    MSCONFIG\startupreg: Cm106Sound => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
    MSCONFIG\startupreg: D-Link D-Link DWA-125 => C:\Program Files (x86)\D-Link\DWA-125 revA\AirNCFG.exe
    MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
    MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
    MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\Qtel 4G LTE_LTE\UIExec.exe"
    MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe"
    MSCONFIG\startupreg: winlog => C:\Users\GIINOVA\AppData\Roaming\winnlog\svchost.exe
    MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{AA5901B2-45ED-4006-B82A-167AB5CD3B24}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{9F4F5E40-83DA-4738-8FBD-31C5A8603C22}] => (Allow) C:\Program Files\Newsbin\newsbinpro64.exe
    FirewallRules: [{87B89F90-8BB5-4869-A1F7-37AB4D2D0804}] => (Allow) C:\Program Files\Newsbin\newsbinpro64.exe
    FirewallRules: [{B998F118-1B22-4386-A880-3765CB3D4315}] => (Allow) C:\Program Files\Newsbin\newsbinpro64.exe
    FirewallRules: [{2A933046-653D-4386-B135-766348E09978}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{23933ED7-7CB2-424B-89B4-74667159D976}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{6E4D4A94-B1D7-4C52-ACA7-AD2008548472}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{FB6EAD75-33E4-48C8-8BCF-70D73EB7AACC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{9F6154BB-EF96-4B40-81FB-3B73148C8601}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
    FirewallRules: [{06382C76-D9B0-4BE5-A010-41591D0E900E}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
    FirewallRules: [{95FE30BF-0D43-4612-A61E-0BFD337E0F7C}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
    FirewallRules: [{E8EC698F-AF51-44EE-80F6-CC26D05E46DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{0D6C4808-3B92-447D-9113-4C83A9538DB6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{466D4B08-EC16-4C42-885B-9844DD1F047A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{2E66D214-3AD5-484F-BC2F-94B7790487D5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{0A3CA08D-ED26-45BB-BB49-C5B9B67E2445}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
    FirewallRules: [{4FE3CCD1-2EE7-4D1B-B25F-595C1058068B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
    FirewallRules: [{4CB8E120-4969-4F31-BD31-B6F377A4AAF7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{E61B7617-393D-4289-8732-5790E31694AE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{7E42285A-C4F1-491B-89DF-C3CDECDF6B64}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{6365223C-CE49-4902-AFF5-DB122F94580D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{C11C02C3-542E-45C6-8239-AF38E2E3B092}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
    FirewallRules: [{866A5862-CDE1-48F9-B319-F4ACD0B54016}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
    FirewallRules: [{63CCED77-CBFF-4053-AAC1-C93C90A3D6FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
    FirewallRules: [{CEAC0F6D-C5AA-4AD9-9031-EDD57C372F6C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
    FirewallRules: [{FAA07291-3744-428F-BAFB-9E8FAB556209}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
    FirewallRules: [{9F9F62C0-B46A-446B-9FE9-3DE919C6EC72}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
    FirewallRules: [{D28B05AE-3D14-469B-9FDA-C7F5CF48E158}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
    FirewallRules: [{5F58C9D5-3C07-49D3-A733-B50F77EFC556}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
    FirewallRules: [{0564CB88-B2E5-478C-9F36-F8E5008C8874}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
    FirewallRules: [{5E6CA33E-4FB4-4486-ADBB-5A59DAA7A315}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
    FirewallRules: [{94A9EB74-9E39-46C9-8FD8-2E125C39057C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warface\live\nw.exe
    FirewallRules: [{85967F41-6EA9-48A8-B8A3-6720856A43A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warface\live\nw.exe
    FirewallRules: [{02872D28-544A-4FA3-802D-CB1E73C09198}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{0F225E39-18B5-422A-9515-6133F99407E3}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{D62A8D0C-E634-4C34-B706-A25887C55A2B}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{881C8D96-E8EA-43E5-8014-0C4863F3230F}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{5BFE45AC-0F16-4834-8482-E0B553B63C71}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{FF000D80-4E55-45A9-9EDB-0EC816F34741}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout\FalloutLauncher.exe
    FirewallRules: [{37A6827C-A4B3-449C-989B-1ED2C1D7229B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout\FalloutLauncher.exe
    FirewallRules: [{CBD726E8-D0D8-4CB5-9072-D51299F556B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
    FirewallRules: [{48AB1A9D-3D49-409D-A6B9-FF9D98433A34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
    FirewallRules: [{40ADB28F-1C27-4EFF-9A7D-B4D3672F3FDA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\KillingFloor\System\KillingFloor.exe
    FirewallRules: [{48AA5231-BE07-49C7-8C95-4FF60BA26E1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\KillingFloor\System\KillingFloor.exe
    FirewallRules: [{FD291F42-BB99-4BF9-9845-EA0EFA05A976}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
    FirewallRules: [{537BF8F7-DBD4-48E2-A1B3-A96255F6E1C2}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
    FirewallRules: [{405B33EB-51F9-4CA9-B2DF-B7445096ABE1}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
    FirewallRules: [{FA8C5FF3-BD1E-4136-9B84-6DD971A659A8}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
    FirewallRules: [{C6E14155-34AB-4DFF-A988-5F0C7275F5FC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
    FirewallRules: [{BF6A1B74-2145-40F1-81CE-B26615CFEFF8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
    FirewallRules: [{CA1F6F8C-108A-4258-8BD0-186AF51C8505}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{B63D36F3-DED3-4011-B1BE-7B1C0F06673C}] => (Allow) C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
    FirewallRules: [{CEB6A1A8-D1C7-4F4D-91E5-590379DC9C47}] => (Allow) C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
    FirewallRules: [{7D7F10DE-D4C6-4C01-9944-546ABDDD2E1A}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Allied Assault Warchest\MOHAA.exe
    FirewallRules: [{A4DFB9FD-70D6-4BE0-AD1E-36C7B36752AE}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Allied Assault Warchest\MOHAA.exe
    FirewallRules: [{2A7732E5-601E-41C2-9EE6-D2D0F8DCC10A}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
    FirewallRules: [{CB58E155-03E1-488B-BE8F-AC9AF9E5FF68}] => (Allow) C:\Users\GIINOVA\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{E18C1EAA-6DB6-416F-9C30-02CB1BE910D4}] => (Allow) C:\Users\GIINOVA\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{CF46D3C3-0257-45D6-A200-C6E755EB8BC1}] => (Allow) C:\Program Files (x86)\Connectify\Connectify.exe
    FirewallRules: [{F578B3A7-5057-4932-99C1-32145ECE04EF}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{C98615AE-DBA7-41B7-8A40-D02C1CFFD6F2}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{83EED189-F70A-4ADD-908F-4706E0658A13}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{F775A30C-D440-47DA-B56C-E4F9727E94A6}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{7370CFD5-74C8-4318-AB1C-98CFF85955CD}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{2788F96B-08B7-4320-954E-D16238060D5E}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{C1C2E715-1863-49B0-9456-35A986592906}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{D40878D8-4AD7-48FC-90C9-B78C69B26215}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{79209906-1127-4989-A875-E4A6286CE1A4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{7F63A6CB-2CDB-41DF-AF80-E202CACCD1C3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{8C58274F-87B5-44D0-A6D0-D9BBB17B684A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{FC5E5A12-FF23-4734-928F-45F01A1ECDC8}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{2B4BD600-89AF-4748-AC63-755625699E98}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{A1067D8E-DB8C-48B0-B294-074273EE1DF9}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{D9754805-0BCD-4642-96E6-D89B28662177}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{B8CA3E27-F911-40A4-B40C-32EED7EC7A5D}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{A662FDD9-7E87-4C4F-BBEB-A86238CC5529}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{65C08CFE-0A8B-414F-AD2B-1707A4731F33}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{304A0F28-B391-436B-A5C2-E7A9F92450C7}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{D588B145-6844-42FC-8F16-5651675B9383}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{500572CF-CCF9-4280-AC91-B68BC68859DD}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{A932955D-2706-4866-BBF9-D869A64474B3}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{331E8140-0947-46B0-88DD-421D32E2EBD7}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{695E38E4-EF20-4CBE-8437-BC44727AB7D6}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{7B2DA912-D94D-4911-B348-233640AF6401}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{5456CDC8-1437-43A7-9106-1336CD8EACB5}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{B0CE2148-D9A4-4B94-879F-4E5E3EFE4B2F}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{600DDE49-6E45-485D-99FA-FB5888320B34}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{3916055F-614B-421D-9D68-3C519746B31F}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{8316EE8E-A6C4-4C4D-9ECA-4CEAF4F3545B}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{C7262F66-DC7B-405A-AF6A-2FC01C488720}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{226EE2FC-09B9-4ABC-B5CC-C4E7558C65F7}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{E93BA4ED-74D9-4C25-820E-CE27FD82B85A}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{67AD726B-2E12-4C4E-8CA1-EB341FF9B249}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{EF7EA265-CB93-4DAA-BD52-B695953681DD}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe

    ==================== Faulty Device Manager Devices =============

    Name: Universal Serial Bus (USB) Controller
    Description: Universal Serial Bus (USB) Controller
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: SM Bus Controller
    Description: SM Bus Controller
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (05/26/2015 05:24:25 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    Error: (05/26/2015 07:45:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program chrome.exe version 43.0.2357.65 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: c34

    Start Time: 01d0972930a929cf

    Termination Time: 432

    Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    Report Id:

    Error: (05/25/2015 11:54:21 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    Error: (05/25/2015 02:32:22 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: irecorder.exe, version: 6.0.15.0, time stamp: 0x5481b126
    Faulting module name: irecorder.exe, version: 6.0.15.0, time stamp: 0x5481b126
    Exception code: 0xc0000005
    Fault offset: 0x0003254a
    Faulting process id: 0x11f8
    Faulting application start time: 0xirecorder.exe0
    Faulting application path: irecorder.exe1
    Faulting module path: irecorder.exe2
    Report Id: irecorder.exe3

    Error: (05/24/2015 10:56:53 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: TeamViewer.exe, version: 10.0.42849.0, time stamp: 0x555cc432
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc000041d
    Fault offset: 0x002e0ce2
    Faulting process id: 0x9fc
    Faulting application start time: 0xTeamViewer.exe0
    Faulting application path: TeamViewer.exe1
    Faulting module path: TeamViewer.exe2
    Report Id: TeamViewer.exe3

    Error: (05/24/2015 10:56:50 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: TeamViewer.exe, version: 10.0.42849.0, time stamp: 0x555cc432
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x002e0ce2
    Faulting process id: 0x9fc
    Faulting application start time: 0xTeamViewer.exe0
    Faulting application path: TeamViewer.exe1
    Faulting module path: TeamViewer.exe2
    Report Id: TeamViewer.exe3

    Error: (05/24/2015 00:01:07 AM) (Source: Sound Recorder) (EventID: 32767) (User: )
    Description: Unknown Error, 0x80004003

    Error: (05/24/2015 00:01:07 AM) (Source: Sound Recorder) (EventID: 32767) (User: )
    Description: Unknown Error, 0x80004003

    Error: (05/24/2015 00:01:07 AM) (Source: Sound Recorder) (EventID: 32767) (User: )
    Description: Unknown Error, 0x80004003

    Error: (05/24/2015 00:01:07 AM) (Source: Sound Recorder) (EventID: 32767) (User: )
    Description: Unknown Error, 0x80004003


    System errors:
    =============
    Error: (05/26/2015 04:12:15 PM) (Source: ipnathlp) (EventID: 30013) (User: )
    Description: 192.168.58.1192.168.173.0255.255.255.0

    Error: (05/26/2015 04:12:03 PM) (Source: ipnathlp) (EventID: 30013) (User: )
    Description: 192.168.58.1192.168.173.0255.255.255.0

    Error: (05/26/2015 04:11:27 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 12:51:52 PM on ‎5/‎26/‎2015 was unexpected.

    Error: (05/26/2015 06:48:16 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

    Error: (05/25/2015 10:46:04 PM) (Source: NetBT) (EventID: 4307) (User: )
    Description: Initialization failed because the transport refused to open initial addresses.

    Error: (05/25/2015 10:45:36 PM) (Source: ipnathlp) (EventID: 30013) (User: )
    Description: 192.168.58.1192.168.173.0255.255.255.0

    Error: (05/25/2015 10:42:43 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
    Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
    %%1056

    Error: (05/25/2015 10:42:42 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
    Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Media Player Network Sharing Service service, but this action failed with the following error:
    %%1056

    Error: (05/25/2015 10:42:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

    Error: (05/25/2015 10:42:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The VirtualRouterService service terminated unexpectedly. It has done this 1 time(s).


    Microsoft Office:
    =========================

    CodeIntegrity Errors:
    ===================================
    Date: 2015-05-26 16:56:10.808
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-26 16:56:10.807
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-26 16:56:10.805
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-26 16:56:10.793
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-26 16:56:10.792
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-26 16:56:10.791
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-26 16:56:10.761
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-26 16:56:10.760
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-26 16:56:10.758
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-25 16:52:41.669
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
    Percentage of memory in use: 33%
    Total physical RAM: 8158.24 MB
    Available physical RAM: 5399.64 MB
    Total Pagefile: 16314.66 MB
    Available Pagefile: 12650.75 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.83 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:931.41 GB) (Free:34.07 GB) NTFS
    Drive d: (New Volume) (Fixed) (Total:1667.7 GB) (Free:7.92 GB) NTFS
    Drive e: (Backups) (Fixed) (Total:1863.01 GB) (Free:34.68 GB) NTFS
    Drive f: (external disk) (Fixed) (Total:931.51 GB) (Free:10.13 GB) NTFS
    Drive g: () (Fixed) (Total:195.31 GB) (Free:6.04 GB) NTFS
    Drive h: ( ) (CDROM) (Total:1.11 GB) (Free:0 GB) UDF

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 14F582E0)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 12E8059A)
    Partition 1: (Not Active) - (Size=1667.7 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E8CD06D6)
    Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 34C5BCEB)
    Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ==================== End of log ============================
     
  6. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ===================================

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2

    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
    NOTE. If you already have MBAM 2.0 installed scroll down.

    • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
      • Launch Malwarebytes Anti-Malware
      • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish.
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.


    If you already have MBAM 2.0 installed:

    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.

    How to get logs:
    (Export log to save as txt)


    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Export'.
    • Click 'Text file (*.txt)'
    • In the Save File dialog box which appears, click on Desktop.
    • In the File name: box type a name for your scan log.
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
    • Click Ok
    • Attach that saved log to your next reply.


    (Copy to clipboard for pasting into forum replies or tickets)

    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'
    • Paste the contents of the clipboard into your reply.

    [​IMG] Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.

    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
    Nova94 likes this.
  7. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    I'll post the logs one by one as I run each program, bear with me good sir! :)
     
  8. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    RogueKiller V10.7.0.0 [May 25 2015] by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/softwares/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : GIINOVA [Administrator]
    Started from : C:\Users\GIINOVA\Downloads\RogueKiller (1).exe
    Mode : Delete -- Date : 05/26/2015 23:31:33

    ¤¤¤ Processes : 0 ¤¤¤

    ¤¤¤ Registry : 0 ¤¤¤

    ¤¤¤ Tasks : 0 ¤¤¤

    ¤¤¤ Files : 0 ¤¤¤

    ¤¤¤ Hosts File : 0 ¤¤¤

    ¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: WDC WD10EZEX-00RKKA0 ATA Device +++++
    --- User ---
    [MBR] 8d5244e9b4446c4df948cdbee4838919
    [BSP] 4ce926d6c5656e62fcd4c5bd29f2f33c : Windows Vista/7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive1: WDC WD20EZRX-00D8PB0 ATA Device +++++
    --- User ---
    [MBR] ad85747b581a236631ae829e5a6991c1
    [BSP] 93c146f5a7fa5a1fe80cd41642a7d556 : Windows Vista/7/8 MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1707726 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3497424896 | Size: 200000 MB [Error reading VBR! ([83] An attempt was made to move the file pointer before the beginning of the file. )]
    User != LL1 ... KO!
    --- LL1 ---
    [MBR] ad85747b581a236631ae829e5a6991c1
    [BSP] 93c146f5a7fa5a1fe80cd41642a7d556 : Windows Vista/7/8 MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1707726 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3497424896 | Size: 200000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User != LL2 ... KO!
    --- LL2 ---
    [MBR] ad85747b581a236631ae829e5a6991c1
    [BSP] 93c146f5a7fa5a1fe80cd41642a7d556 : Windows Vista/7/8 MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1707726 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3497424896 | Size: 200000 MB[Invalid]

    +++++ PhysicalDrive2: WDC WD20EZRX-00D8PB0 ATA Device +++++
    --- User ---
    [MBR] a86bf7912732cabbc2de68f4ce4fe512
    [BSP] 2349238182d82f9d8e5ebb5c875102f4 : Windows Vista/7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive3: SAMSUNG HD103SI ATA Device +++++
    --- User ---
    [MBR] ce17b481850de32c1aa4840b412d8990
    [BSP] 79b57257a52ea418179d211821c5dd26 : Windows Vista/7/8 MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK


    ============================================
    RKreport_SCN_05252015_234128.log - RKreport_DEL_05252015_234500.log - RKreport_DEL_05252015_234615.log - RKreport_SCN_05262015_233022.log
     
  9. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 5/26/2015
    Scan Time: 11:35:12 PM
    Logfile: mbamlogcomp.txt
    Administrator: Yes

    Version: 2.01.6.1022
    Malware Database: v2015.05.26.07
    Rootkit Database: v2015.05.24.01
    License: Premium
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Enabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: GIINOVA

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 592185
    Time Elapsed: 51 min, 32 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)
     
  10. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    # AdwCleaner v4.205 - Logfile created 27/05/2015 at 00:42:18
    # Updated 21/05/2015 by Xplode
    # Database : 2015-05-25.3 [Server]
    # Operating system : Windows 7 Ultimate Service Pack 1 (x64)
    # Username : GIINOVA - GIINOVA-PC
    # Running from : C:\Users\GIINOVA\Downloads\adwcleaner_4.205.exe
    # Option : Cleaning

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Scheduled tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****


    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17280


    -\\ Mozilla Firefox v


    -\\ Opera v29.0.1795.60


    *************************

    AdwCleaner[R0].txt - [2941 bytes] - [25/05/2015 22:40:25]
    AdwCleaner[R1].txt - [896 bytes] - [27/05/2015 00:36:05]
    AdwCleaner[R2].txt - [950 bytes] - [27/05/2015 00:39:35]
    AdwCleaner[S0].txt - [2825 bytes] - [25/05/2015 22:42:12]
    AdwCleaner[S1].txt - [876 bytes] - [27/05/2015 00:42:18]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [934 bytes] ##########
     
  11. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.8.0 (05.25.2015:1)
    OS: Windows 7 Ultimate x64
    Ran by GIINOVA on Wed 05/27/2015 at 0:50:51.47
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Tasks



    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-12834325-137255723-1760620863-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders



    ~~~ Chrome


    [C:\Users\GIINOVA\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

    [C:\Users\GIINOVA\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

    [C:\Users\GIINOVA\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

    [C:\Users\GIINOVA\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Wed 05/27/2015 at 0:53:45.03
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  12. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Please download ComboFix from Here, Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
      If the connection is not there use restore point you created prior to running Combofix.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try the following...

    Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Download Rkill (courtesy of BleepingComputer.com) to your desktop.
    There are 2 different versions. If one of them won't run then download and try to run the other one.
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
    iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

    Restart computer in safe mode

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    When the scan is done Notepad will open with rKill.txt log.
    NOTE. rKill.txt log will also be present on your desktop.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
     
    Nova94 likes this.
  13. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    I should also mention that sometimes there are multiple iexplorer.exe* 32 running in background and in description it says internet explorer but I never use internet explorer at all.
     
  14. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    ComboFix 15-05-25.01 - GIINOVA 05/27/2015 2:38.2.4 - x64
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8158.5844 [GMT 3:00]
    Running from: c:\users\GIINOVA\Desktop\ComboFix.exe
    AV: Kaspersky PURE 3.0 *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
    FW: Kaspersky PURE 3.0 *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
    SP: Kaspersky PURE 3.0 *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((( Files Created from 2015-04-26 to 2015-05-26 )))))))))))))))))))))))))))))))
    .
    .
    2015-05-26 23:45 . 2015-05-26 23:45 -------- d-----w- c:\users\Guest\AppData\Local\temp
    2015-05-26 23:45 . 2015-05-26 23:45 -------- d-----w- c:\users\fbwuserACB0\AppData\Local\temp
    2015-05-26 23:45 . 2015-05-26 23:45 -------- d-----w- c:\users\fbwuser7BFB\AppData\Local\temp
    2015-05-26 23:45 . 2015-05-26 23:45 -------- d-----w- c:\users\Default\AppData\Local\temp
    2015-05-26 21:50 . 2015-05-26 21:50 -------- d-----w- C:\RegBackup
    2015-05-26 21:45 . 2015-05-26 21:45 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0BA127AC-B597-4956-A996-2483CDF6D212}\offreg.dll
    2015-05-26 04:55 . 2015-05-26 05:48 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
    2015-05-26 04:54 . 2015-05-26 04:54 -------- d-----w- c:\users\GIINOVA\mbar
    2015-05-25 23:16 . 2015-05-25 23:16 -------- d-----w- c:\users\GIINOVA\.VirtualBox
    2015-05-25 23:15 . 2014-03-26 16:01 254240 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
    2015-05-25 23:15 . 2014-03-26 16:00 128288 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
    2015-05-25 20:31 . 2015-05-26 20:25 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
    2015-05-25 20:31 . 2015-05-25 20:46 -------- d-----w- c:\programdata\RogueKiller
    2015-05-25 20:13 . 2015-05-26 14:27 -------- d-----w- C:\FRST
    2015-05-25 19:39 . 2015-05-26 21:42 -------- d-----w- C:\AdwCleaner
    2015-05-23 19:44 . 2015-05-23 19:44 -------- d-----w- c:\users\GIINOVA\AppData\Local\Supremus Corporation
    2015-05-23 19:42 . 2015-05-23 19:42 -------- d-----w- c:\users\GIINOVA\AppData\Local\Kryptus
    2015-05-23 19:42 . 2015-05-23 19:42 -------- d-----w- c:\program files\Windows Updates Downloader
    2015-05-23 19:32 . 2015-05-23 19:32 -------- d-----w- c:\windows\system32\RT 7 Lite
    2015-05-23 19:32 . 2015-05-23 19:32 -------- d-----w- c:\program files\Rockers Team
    2015-05-21 00:05 . 2015-05-21 00:05 -------- d-----w- c:\users\GIINOVA\AppData\Roaming\redsn0w
    2015-05-20 23:49 . 2015-05-20 23:51 -------- d-----w- c:\users\GIINOVA\.tu
    2015-05-20 23:48 . 2015-05-20 23:48 -------- d-----w- c:\program files (x86)\Common Files\Java
    2015-05-20 23:47 . 2015-05-20 23:46 110688 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
    2015-05-20 23:46 . 2015-05-20 23:46 -------- d-----w- c:\program files\Java
    2015-05-20 23:22 . 2015-05-20 23:22 136408 ----a-w- c:\windows\system32\drivers\47117FCE.sys
    2015-05-18 22:54 . 2015-05-18 22:54 -------- d-----w- c:\users\GIINOVA\AppData\Local\Steam
    2015-05-18 21:49 . 2015-05-18 21:51 -------- d-----w- c:\programdata\DatacardService
    2015-05-13 20:58 . 2015-05-13 20:58 -------- d-----w- C:\dlc for usb
    2015-05-09 23:33 . 2015-05-09 23:33 457824 ----a-w- c:\windows\system32\drivers\C95A9BD0.sys
    2015-05-04 15:35 . 2015-05-04 15:35 -------- d-----w- c:\users\Guest\AppData\Roaming\DAEMON Tools Lite
    2015-05-04 15:32 . 2015-05-04 15:32 -------- d-----w- c:\users\Guest\AppData\Roaming\ImgBurn
    2015-05-04 15:31 . 2015-05-04 15:31 -------- d-----w- c:\users\Guest\AppData\Roaming\uTorrent
    2015-05-02 16:10 . 2015-05-02 16:10 136408 ----a-w- c:\windows\system32\drivers\3BB63724.sys
    2015-05-02 16:10 . 2015-05-02 16:10 136408 ----a-w- c:\windows\system32\drivers\1BEF36F0.sys
    2015-04-27 12:43 . 2015-04-27 12:43 1075424 ----a-w- c:\programdata\Microsoft\WDExpress\11.0\1033\ResourceCache.dll
    2015-04-27 12:42 . 2015-04-27 12:42 -------- d-----w- c:\program files (x86)\NuGet
    2015-04-27 12:40 . 2015-04-27 12:40 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
    2015-04-27 12:39 . 2015-04-27 12:39 -------- d-----w- c:\windows\symbols
    2015-04-27 12:38 . 2015-04-27 12:38 -------- d-----w- c:\program files (x86)\Common Files\Microsoft
    2015-04-27 12:38 . 2015-04-27 12:38 -------- d-----w- c:\program files (x86)\Windows Kits
    2015-04-27 12:37 . 2015-04-27 12:37 -------- d-----w- c:\program files (x86)\Microsoft Help Viewer
    2015-04-27 12:37 . 2015-04-27 12:37 -------- d-----w- c:\program files (x86)\Microsoft SDKs
    2015-04-27 12:37 . 2015-04-27 12:37 -------- d-----w- c:\windows\SysWow64\1033
    2015-04-27 12:37 . 2015-04-27 12:37 -------- d-----w- c:\windows\system32\1033
    2015-04-27 12:37 . 2015-04-27 12:42 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
    2015-04-27 12:37 . 2015-04-27 12:42 -------- d-----w- c:\program files\Microsoft SQL Server
    2015-04-27 12:37 . 2015-04-27 12:37 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
    2015-04-27 12:37 . 2015-04-27 12:37 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
    2015-04-27 12:36 . 2015-04-27 12:38 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 11.0
    2015-04-27 12:36 . 2015-04-27 12:36 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2015-05-26 21:45 . 2015-02-07 21:36 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2015-04-17 22:10 . 2015-04-17 22:10 136408 ----a-w- c:\windows\system32\drivers\0B3C369E.sys
    2015-04-14 06:37 . 2015-02-07 21:36 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
    2015-04-14 06:37 . 2015-02-07 21:36 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2015-04-14 06:37 . 2015-02-07 21:36 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
    2015-04-09 17:20 . 2015-04-09 17:20 136408 ----a-w- c:\windows\system32\drivers\4AAA6736.sys
    2015-04-07 20:11 . 2015-04-07 20:11 136408 ----a-w- c:\windows\system32\drivers\047E4DAC.sys
    2015-04-05 19:13 . 2015-04-05 18:11 136408 ----a-w- c:\windows\system32\drivers\471D55B0.sys
    2015-04-02 13:15 . 2015-04-02 13:15 136408 ----a-w- c:\windows\system32\drivers\110D08A7.sys
    2015-04-01 12:44 . 2015-04-01 11:18 136408 ----a-w- c:\windows\system32\drivers\42336130.sys
    2015-03-22 16:28 . 2015-03-22 11:05 129752 ----a-w- c:\windows\system32\drivers\318249FC.sys
    2015-03-12 23:09 . 2015-03-12 19:20 129752 ----a-w- c:\windows\system32\drivers\295F3735.sys
    2015-03-05 17:19 . 2015-03-05 17:19 129752 ----a-w- c:\windows\system32\drivers\6AF537E2.sys
    2015-03-02 16:17 . 2015-03-02 16:17 129752 ----a-w- c:\windows\system32\drivers\03AB1E11.sys
    2015-02-26 11:30 . 2015-03-30 16:38 52832 ----a-w- c:\windows\SysWow64\drivers\libusb0.sys
    2015-02-26 11:30 . 2015-03-24 20:58 76384 ----a-w- c:\windows\SysWow64\libusb0.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
    @="{dd230880-495a-11d1-b064-008048ec2fc5}"
    [HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
    2014-09-02 21:49 458944 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Mobile Partner"="c:\program files (x86)\Ooredoo 4G MyFi\Ooredoo 4G MyFi" [X]
    "HDSoft"="c:\program files (x86)\iFree Skype Recorder\irecorder.exe" [2014-12-05 2489832]
    "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2015-05-18 289584]
    "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe" [2013-11-11 356128]
    "StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-20 767176]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-04-30 334896]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\C95A9BD0.sys]
    @="Driver"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 CSObjectsSrv;CryptoStorage control service;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [x]
    R2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
    R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
    R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
    R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe;c:\program files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [x]
    R2 Virtual Router;VirtualRouterService;c:\program files (x86)\Virtual Router\VirtualRouterService.exe;c:\program files (x86)\Virtual Router\VirtualRouterService.exe [x]
    R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
    R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
    R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
    R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
    R3 huawei_cdcecm;huawei_cdcecm;c:\windows\system32\DRIVERS\ew_jucdcecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcecm.sys [x]
    R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
    R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys;c:\windows\SYSNATIVE\DRIVERS\ivusb.sys [x]
    R3 libusb0;libusb-win32 - Kernel Driver 02/23/2013 1.2.6.0;c:\windows\system32\DRIVERS\libusb0.sys;c:\windows\SYSNATIVE\DRIVERS\libusb0.sys [x]
    R3 massfilter_lte;ZTE LTE Device Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter_LTE.sys;c:\windows\SYSNATIVE\DRIVERS\massfilter_LTE.sys [x]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
    R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
    R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
    R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
    R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
    R3 zgdcat;ZTE Datacard AT Port;c:\windows\system32\DRIVERS\zgdcat.sys;c:\windows\SYSNATIVE\DRIVERS\zgdcat.sys [x]
    R3 zgdcdiag;ZTE Datacard Diagnostics Port;c:\windows\system32\DRIVERS\zgdcdiag.sys;c:\windows\SYSNATIVE\DRIVERS\zgdcdiag.sys [x]
    R3 zgdcmdm;ZTE Datacard Modem;c:\windows\system32\DRIVERS\zgdcmdm.sys;c:\windows\SYSNATIVE\DRIVERS\zgdcmdm.sys [x]
    R3 zgdcnet;ZTE Datacard Network Adapter;c:\windows\system32\DRIVERS\zgdcnet.sys;c:\windows\SYSNATIVE\DRIVERS\zgdcnet.sys [x]
    R3 zgdcnmea;ZTE Datacard NMEA Port;c:\windows\system32\DRIVERS\zgdcnmea.sys;c:\windows\SYSNATIVE\DRIVERS\zgdcnmea.sys [x]
    R4 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service;c:\program files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe;c:\program files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe [x]
    S0 C95A9BD0;C95A9BD0;c:\windows\system32\drivers\C95A9BD0.sys;c:\windows\SYSNATIVE\drivers\C95A9BD0.sys [x]
    S0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\DRIVERS\CSCrySec.sys;c:\windows\SYSNATIVE\DRIVERS\CSCrySec.sys [x]
    S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
    S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys;c:\windows\SYSNATIVE\DRIVERS\anodlwfx.sys [x]
    S1 cnnctfy3;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy3.sys;c:\windows\SYSNATIVE\DRIVERS\cnnctfy3.sys [x]
    S1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;c:\windows\system32\DRIVERS\CSVirtualDiskDrv.sys;c:\windows\SYSNATIVE\DRIVERS\CSVirtualDiskDrv.sys [x]
    S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
    S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
    S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
    S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
    S1 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
    S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
    S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
    S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe;c:\program files (x86)\Connectify\ConnectifyService.exe [x]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
    S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
    S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
    S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
    S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
    S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
    S3 ScpVBus;Scp Virtual Bus Driver;c:\windows\system32\DRIVERS\ScpVBus.sys;c:\windows\SYSNATIVE\DRIVERS\ScpVBus.sys [x]
    S3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys;c:\windows\SYSNATIVE\drivers\CM10664.sys [x]
    S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
    .
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
    @="{dd230880-495a-11d1-b064-008048ec2fc5}"
    [HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
    2014-09-02 21:53 491200 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-12834325-137255723-1760620863-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*0T*h*u*m*p*e*r*D*C*0\OpenWithList]
    @Class="Shell"
    "a"="uTorrent.exe"
    "MRUList"="a"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2015-05-27 02:49:37
    ComboFix-quarantined-files.txt 2015-05-26 23:49
    ComboFix2.txt 2015-05-25 13:55
    .
    Pre-Run: 29,476,466,688 bytes free
    Post-Run: 30,254,473,216 bytes free
    .
    - - End Of File - - 9C9ECAE102709A12A679E3529C17A23B
    A36C5E4F47E84449FF07ED3517B43A31
     
  15. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Pretty clean so far...

    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Make sure you checkmark Addition.txt box.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
     
    Nova94 likes this.
  16. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2015
    Ran by GIINOVA (administrator) on GIINOVA-PC on 27-05-2015 03:34:36
    Running from C:\Users\GIINOVA\Desktop\frst
    Loaded Profiles: GIINOVA (Available Profiles: GIINOVA & Guest)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser not detected!)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
    (Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Connectify) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    () C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Microsoft Corporation) C:\Windows\System32\taskmgr.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
    HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\Run: [HDSoft] => C:\Program Files (x86)\iFree Skype Recorder\irecorder.exe [2489832 2014-12-05] (EuroTech Automatic Equipment Co., Ltd.)
    HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [289584 2015-05-19] (BitTorrent, Inc.)
    HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
    HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\Run: [Mobile Partner] => C:\Program Files (x86)\Ooredoo 4G MyFi\Ooredoo 4G MyFi
    ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll [2014-09-03] (Kaspersky Lab ZAO)
    ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll [2014-09-03] (Kaspersky Lab ZAO)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-12834325-137255723-1760620863-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-12834325-137255723-1760620863-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-09-03] (Kaspersky Lab ZAO)
    BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-09-03] (Kaspersky Lab ZAO)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-21] (Oracle Corporation)
    BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-09-03] (Kaspersky Lab ZAO)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-21] (Oracle Corporation)
    BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-09-03] (Kaspersky Lab ZAO)
    BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-09-03] (Kaspersky Lab ZAO)
    BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-09-03] (Kaspersky Lab ZAO)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-31] (Oracle Corporation)
    BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-09-03] (Kaspersky Lab ZAO)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-31] (Oracle Corporation)
    BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-09-03] (Kaspersky Lab ZAO)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default
    FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
    FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-03-10] (EA Digital Illusions CE AB)
    FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-21] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-21] (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
    FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
    FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-03-10] (EA Digital Illusions CE AB)
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-31] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-31] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Extension: MEGA - C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\Extensions\firefox@mega.co.nz.xpi [2015-03-29]
    FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
    FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2014-09-03]
    FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
    FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-03]
    FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
    FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2014-09-03]
    FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
    FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2014-09-03]
    FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
    FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2014-09-03]
    FF Extension: No Name - C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [not found]
    FF Extension: No Name - C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [not found]
    FF Extension: No Name - C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [not found]
    FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

    Chrome:
    =======
    CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2013-11-11]
    CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh
    CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2013-11-11]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
    R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2014-10-15] (Connectify) []
    S2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
    S4 D_Link_DWA-125_WPS; C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe [53248 2010-07-12] () []
    S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
    S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-20] (Electronic Arts)
    S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-09-07] ()
    S2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-20] (TeamViewer GmbH)
    S2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (http://pietschsoft.com)) []
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2010-05-29] ()
    R0 C95A9BD0; C:\Windows\System32\drivers\C95A9BD0.sys [457824 2015-05-10] (Kaspersky Lab ZAO)
    R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [42152 2014-12-11] (Connectify)
    R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
    R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
    R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-07] (Disc Soft Ltd)
    R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-09-03] (Kaspersky Lab ZAO)
    U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-09-03] (Kaspersky Lab ZAO)
    R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628288 2014-09-03] (Kaspersky Lab ZAO)
    R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-09-03] (Kaspersky Lab ZAO)
    R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
    R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
    R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-11-11] (Kaspersky Lab ZAO)
    R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177864 2015-02-18] (Kaspersky Lab ZAO)
    S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2014-06-29] (http://libusb-win32.sourceforge.net)
    S3 libusb0; C:\Windows\SysWOW64\DRIVERS\libusb0.sys [52832 2015-02-26] (http://libusb-win32.sourceforge.net)
    R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-04-14] (Malwarebytes Corporation)
    S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
    R3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1617472 2011-04-28] (Ralink Technology Corp.)
    R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
    S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr))
    S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-05-26] ()
    R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2014-08-30] (C-Media Electronics Inc)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 massfilter_lte; system32\DRIVERS\massfilter_LTE.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    S3 zgdcat; system32\DRIVERS\zgdcat.sys [X]
    S3 zgdcdiag; system32\DRIVERS\zgdcdiag.sys [X]
    S3 zgdcmdm; system32\DRIVERS\zgdcmdm.sys [X]
    S3 zgdcnet; system32\DRIVERS\zgdcnet.sys [X]
    S3 zgdcnmea; system32\DRIVERS\zgdcnmea.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-27 03:16 - 2015-05-27 03:16 - 05628291 _____ (Swearware) C:\Users\GIINOVA\Downloads\ComboFix (1).exe
    2015-05-27 02:49 - 2015-05-27 02:49 - 00019328 _____ () C:\ComboFix.txt
    2015-05-27 02:36 - 2015-05-27 01:20 - 05628291 ____R (Swearware) C:\Users\GIINOVA\Desktop\ComboFix.exe
    2015-05-27 00:53 - 2015-05-27 00:53 - 00001793 _____ () C:\Users\GIINOVA\Desktop\JRT.txt
    2015-05-27 00:50 - 2015-05-27 00:50 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-GIINOVA-PC-Windows-7-Ultimate-(64-bit).dat
    2015-05-27 00:50 - 2015-05-27 00:50 - 00000000 ____D () C:\RegBackup
    2015-05-27 00:47 - 2015-05-27 00:49 - 02946703 _____ (Thisisu) C:\Users\GIINOVA\Downloads\JRT.exe
    2015-05-26 23:20 - 2015-05-26 23:25 - 17023576 _____ () C:\Users\GIINOVA\Downloads\RogueKiller.exe
    2015-05-26 23:20 - 2015-05-26 23:25 - 17023576 _____ () C:\Users\GIINOVA\Downloads\RogueKiller (1).exe
    2015-05-26 20:45 - 2015-05-26 20:45 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
    2015-05-26 17:45 - 2015-05-26 17:54 - 22029608 _____ (SUPERAntiSpyware) C:\Users\GIINOVA\Downloads\SUPERAntiSpyware.exe
    2015-05-26 17:25 - 2015-05-27 03:34 - 00000000 ____D () C:\Users\GIINOVA\Desktop\frst
    2015-05-26 17:25 - 2015-05-26 17:25 - 02108928 _____ (Farbar) C:\Users\GIINOVA\Downloads\FRST64 (2).exe
    2015-05-26 07:55 - 2015-05-26 08:48 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2015-05-26 07:54 - 2015-05-26 07:54 - 00000000 ____D () C:\Users\GIINOVA\mbar
    2015-05-26 07:51 - 2015-05-26 07:52 - 16502728 _____ (Malwarebytes Corp.) C:\Users\GIINOVA\Downloads\mbar-1.09.1.1004.exe
    2015-05-26 07:50 - 2015-05-26 07:51 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\GIINOVA\Downloads\tdsskiller.exe
    2015-05-26 07:37 - 2013-10-31 15:18 - 00562368 _____ (Sysinternals - www.sysinternals.com) C:\Users\GIINOVA\Desktop\RAMMap.exe
    2015-05-26 04:36 - 2015-05-26 23:19 - 00000000 ____D () C:\Users\GIINOVA\Downloads\Yu-Gi-Oh! Duel Monsters
    2015-05-26 04:34 - 2015-05-26 04:34 - 00033491 _____ () C:\Users\GIINOVA\Downloads\Yu-Gi-Oh Season 0.torrent
    2015-05-26 04:15 - 2015-05-26 04:15 - 00009471 _____ () C:\Users\GIINOVA\Documents\infect found.txt
    2015-05-26 03:33 - 2015-05-26 03:34 - 02974203 _____ () C:\Users\GIINOVA\Downloads\tumblr_nou9azleS81u8bd6k.mp4
    2015-05-26 03:30 - 2015-05-26 03:37 - 12254157 _____ () C:\Users\GIINOVA\Downloads\tumblr_norudjq1AC1ur94e8.mp4
    2015-05-26 03:22 - 2015-05-26 03:26 - 11209558 _____ () C:\Users\GIINOVA\Downloads\rebox.NET.2993.zip
    2015-05-26 03:19 - 2015-05-26 03:26 - 32321536 _____ () C:\Users\GIINOVA\Downloads\BDtoAVCHD_v2.4.2.msi
    2015-05-26 03:06 - 2015-05-26 03:06 - 1192165376 _____ () C:\Users\GIINOVA\Looney.Tunes.E01.1080p.BluRay.REMUX.AVC.DD1.0-RARBG.iso
    2015-05-26 03:01 - 2015-05-26 03:08 - 38522618 _____ () C:\Users\GIINOVA\Downloads\multiAVCHD_4.1.exe
    2015-05-26 03:00 - 2015-05-26 03:03 - 16753416 _____ () C:\Users\GIINOVA\Downloads\HandBrake-0.10.1-x86_64-Win_GUI.exe
    2015-05-26 02:59 - 2015-05-26 03:00 - 02825369 _____ () C:\Users\GIINOVA\Downloads\tsMuxeR_2.6.12.zip
    2015-05-26 02:16 - 2015-05-26 02:16 - 00000000 ____D () C:\Users\GIINOVA\.VirtualBox
    2015-05-26 02:15 - 2015-05-26 02:15 - 00000601 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
    2015-05-26 02:15 - 2015-05-26 02:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
    2015-05-26 02:15 - 2014-03-26 19:01 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
    2015-05-26 02:15 - 2014-03-26 19:00 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
    2015-05-26 00:19 - 2015-05-26 00:29 - 107394336 _____ (Oracle Corporation) C:\Users\GIINOVA\Downloads\VirtualBox-4.3.10-93012-Win.exe
    2015-05-25 23:51 - 2015-05-25 23:52 - 02347384 _____ (ESET) C:\Users\GIINOVA\Downloads\esetsmartinstaller_enu.exe
    2015-05-25 23:49 - 2015-05-25 23:49 - 00001670 _____ () C:\Users\GIINOVA\Downloads\FSS.txt
    2015-05-25 23:31 - 2015-05-26 23:25 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
    2015-05-25 23:31 - 2015-05-25 23:46 - 00000000 ____D () C:\ProgramData\RogueKiller
    2015-05-25 23:28 - 2015-05-25 23:28 - 02108928 _____ (Farbar) C:\Users\GIINOVA\Downloads\FRST64 (1).exe
    2015-05-25 23:24 - 2015-05-25 23:25 - 00045602 _____ () C:\Users\GIINOVA\Downloads\Addition.txt
    2015-05-25 23:23 - 2015-05-25 23:25 - 00065881 _____ () C:\Users\GIINOVA\Downloads\FRST.txt
    2015-05-25 23:19 - 2015-05-25 23:19 - 00095484 _____ () C:\Users\GIINOVA\Downloads\Extras.Txt
    2015-05-25 23:18 - 2015-05-25 23:18 - 00124868 _____ () C:\Users\GIINOVA\Downloads\OTL.Txt
    2015-05-25 23:13 - 2015-05-27 03:34 - 00000000 ____D () C:\FRST
    2015-05-25 23:11 - 2015-05-25 23:12 - 02108928 _____ (Farbar) C:\Users\GIINOVA\Downloads\FRST64.exe
    2015-05-25 22:50 - 2015-05-25 22:50 - 00602112 _____ (OldTimer Tools) C:\Users\GIINOVA\Downloads\OTL.exe
    2015-05-25 22:47 - 2015-05-25 22:48 - 02223104 _____ () C:\Users\GIINOVA\Downloads\adwcleaner_4.205 (1).exe
    2015-05-25 22:39 - 2015-05-27 00:42 - 00000000 ____D () C:\AdwCleaner
    2015-05-25 19:09 - 2015-05-25 19:09 - 02223104 _____ () C:\Users\GIINOVA\Downloads\adwcleaner_4.205.exe
    2015-05-25 16:36 - 2015-05-25 16:36 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\GIINOVA\Downloads\rkill.exe
    2015-05-25 16:34 - 2015-05-25 16:36 - 20781656 _____ () C:\Users\GIINOVA\Downloads\RogueKillerX64.exe
    2015-05-25 16:34 - 2015-05-25 16:35 - 05198336 _____ (AVAST Software) C:\Users\GIINOVA\Downloads\aswMBR.exe
    2015-05-25 16:33 - 2015-05-27 02:49 - 00000000 ____D () C:\Qoobox
    2015-05-25 16:33 - 2015-05-25 16:34 - 00000111 _____ () C:\Users\GIINOVA\Documents\fix computer.txt
    2015-05-25 16:33 - 2011-06-26 09:45 - 00256000 _____ () C:\Windows\PEV.exe
    2015-05-25 16:33 - 2010-11-07 20:20 - 00208896 _____ () C:\Windows\MBR.exe
    2015-05-25 16:33 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2015-05-25 16:33 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2015-05-25 16:33 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2015-05-25 16:33 - 2000-08-31 03:00 - 00098816 _____ () C:\Windows\sed.exe
    2015-05-25 16:33 - 2000-08-31 03:00 - 00080412 _____ () C:\Windows\grep.exe
    2015-05-25 16:33 - 2000-08-31 03:00 - 00068096 _____ () C:\Windows\zip.exe
    2015-05-25 16:30 - 2015-05-25 16:54 - 00000000 ____D () C:\Windows\erdnt
    2015-05-25 16:30 - 2015-05-25 16:30 - 00415232 _____ (Farbar) C:\Users\GIINOVA\Downloads\FSS.exe
    2015-05-25 16:28 - 2015-05-27 01:20 - 05628291 ____R (Swearware) C:\Users\GIINOVA\Downloads\ComboFix.exe
    2015-05-25 16:15 - 2015-05-25 16:15 - 00276267 _____ () C:\Users\GIINOVA\Downloads\RAMMap.zip
    2015-05-24 23:31 - 2015-05-24 23:32 - 06131182 _____ () C:\Users\GIINOVA\Downloads\The.Road.2009.1080p.BDRemux.DTS-MA.H264.Rus.Eng.nzb
    2015-05-24 10:20 - 2015-05-25 22:12 - 00000000 ____D () C:\Users\GIINOVA\Downloads\Yu-Gi-Oh! Complete + Capsule Monsters + Movie
    2015-05-24 10:07 - 2015-05-24 10:07 - 01190415 _____ () C:\Users\GIINOVA\Downloads\ProcessExplorer (2).zip
    2015-05-24 10:06 - 2015-05-24 10:06 - 00001071 _____ () C:\Users\Public\Desktop\Notepad++.lnk
    2015-05-24 10:04 - 2015-05-24 10:04 - 00305664 _____ (Secure By Design Inc.) C:\Users\GIINOVA\Downloads\NiniteProTrial.exe
    2015-05-24 10:00 - 2015-05-24 10:00 - 00001062 _____ () C:\Users\Public\Desktop\VLC media player.lnk
    2015-05-24 10:00 - 2015-05-24 10:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2015-05-24 09:56 - 2015-05-24 09:56 - 00305664 _____ (Secure By Design Inc.) C:\Users\GIINOVA\Downloads\Ninite VLC Installer.exe
    2015-05-24 09:56 - 2015-05-24 09:56 - 00305664 _____ (Secure By Design Inc.) C:\Users\GIINOVA\Downloads\Ninite Chrome Installer.exe
    2015-05-24 09:45 - 2015-05-24 09:49 - 40403256 _____ () C:\Users\GIINOVA\Downloads\Skype 7.4.32.102 silent.exe
    2015-05-24 05:29 - 2015-05-24 05:31 - 08184300 _____ () C:\Users\GIINOVA\Downloads\TrueAncestor_PKG_Repacker_2.00.zip
    2015-05-24 03:47 - 2015-05-24 07:36 - 3320903680 _____ () C:\Users\GIINOVA\Downloads\en_windows_7_ultimate_with_sp1_x64_dvd_u_677332.iso
    2015-05-24 03:43 - 2015-05-24 03:43 - 00000621 _____ () C:\Users\GIINOVA\Documents\productkey.vbs
    2015-05-24 03:36 - 2015-05-24 03:37 - 02210270 _____ () C:\Users\GIINOVA\Downloads\wsusoffline954.zip
    2015-05-23 22:58 - 2015-05-23 23:04 - 29833438 _____ () C:\Users\GIINOVA\Downloads\vlc-2.2.1-win64.exe
    2015-05-23 22:49 - 2015-05-23 22:49 - 00785532 _____ () C:\Users\GIINOVA\Downloads\ussf.zip
     
  17. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    2015-05-23 22:44 - 2015-05-23 22:44 - 00000000 ____D () C:\Users\GIINOVA\AppData\Local\Supremus Corporation
    2015-05-23 22:42 - 2015-05-23 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Updates Downloader
    2015-05-23 22:42 - 2015-05-23 22:42 - 00001777 _____ () C:\Users\GIINOVA\Desktop\Windows Updates Downloader.lnk
    2015-05-23 22:42 - 2015-05-23 22:42 - 00001759 _____ () C:\Users\Public\Desktop\Windows Updates Downloader.lnk
    2015-05-23 22:42 - 2015-05-23 22:42 - 00000000 ____D () C:\Users\GIINOVA\AppData\Local\Kryptus
    2015-05-23 22:42 - 2015-05-23 22:42 - 00000000 ____D () C:\Program Files\Windows Updates Downloader
    2015-05-23 22:41 - 2015-05-23 22:41 - 00256053 _____ () C:\Users\GIINOVA\Downloads\WUD250B1002Setup.exe
    2015-05-23 22:41 - 2015-04-19 21:58 - 00000000 ____D () C:\Users\GIINOVA\Desktop\1.23 - Recovery Tool 1.0
    2015-05-23 22:40 - 2015-05-23 22:40 - 00018475 _____ () C:\Users\GIINOVA\Downloads\windows-7-sp1-x64-enu.ulz
    2015-05-23 22:39 - 2015-05-23 22:40 - 12317977 _____ () C:\Users\GIINOVA\Downloads\1.23 - Recovery Tool 1.0.rar
    2015-05-23 22:38 - 2015-05-23 22:38 - 00006176 _____ () C:\Users\GIINOVA\Downloads\Dactyl_RPC-1.23.txt
    2015-05-23 22:32 - 2015-05-23 22:32 - 00002229 _____ () C:\Users\GIINOVA\Desktop\RT 7 Lite Launcher (64-Bit).lnk
    2015-05-23 22:32 - 2015-05-23 22:32 - 00002187 _____ () C:\Users\GIINOVA\Desktop\RT 7 Lite (64-Bit).lnk
    2015-05-23 22:32 - 2015-05-23 22:32 - 00000000 ____D () C:\Windows\system32\RT 7 Lite
    2015-05-23 22:32 - 2015-05-23 22:32 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockers Team
    2015-05-23 22:32 - 2015-05-23 22:32 - 00000000 ____D () C:\Program Files\Rockers Team
    2015-05-23 22:31 - 2010-03-10 16:31 - 00000000 ____D () C:\Users\GIINOVA\Desktop\Double Driver
    2015-05-23 22:30 - 2015-05-23 22:30 - 02165485 _____ () C:\Users\GIINOVA\Downloads\double_driver_4.1.0_portable.zip
    2015-05-23 22:27 - 2015-05-23 22:31 - 16183067 _____ (Rockers Team) C:\Users\GIINOVA\Downloads\rt_7_lite_win7_vista_x64.exe
    2015-05-23 22:26 - 2015-05-23 22:27 - 16143818 _____ (Rockers Team) C:\Users\GIINOVA\Downloads\rt_7_lite_win7_Vista_x86_sp1.exe
    2015-05-23 02:36 - 2015-05-24 10:19 - 00000000 ____D () C:\Users\GIINOVA\Downloads\Johnny Bravo
    2015-05-21 04:05 - 2015-05-21 04:05 - 00000000 ____D () C:\Users\GIINOVA\Desktop\New folder (15)
    2015-05-21 04:01 - 2015-05-21 04:01 - 00827584 _____ () C:\Users\GIINOVA\Downloads\IPBE-v4.0.0 (1).zip
    2015-05-21 03:48 - 2015-05-21 03:48 - 00355203 _____ () C:\Users\GIINOVA\Desktop\iFunBox_Build_1421_0748_555d2226.dmp
    2015-05-21 03:05 - 2015-05-21 03:05 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\redsn0w
    2015-05-21 03:04 - 2015-05-21 03:08 - 00000000 ____D () C:\Users\GIINOVA\Desktop\redsn0w_win_0.9.15b3
    2015-05-21 02:59 - 2015-05-21 03:02 - 52666576 _____ () C:\Users\GIINOVA\Downloads\TaiGJBreak_1210.zip
    2015-05-21 02:49 - 2015-05-21 02:51 - 00000000 ____D () C:\Users\GIINOVA\.tu
    2015-05-21 02:47 - 2015-05-21 02:46 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
    2015-05-21 02:46 - 2015-05-21 02:48 - 17279732 _____ () C:\Users\GIINOVA\Downloads\redsn0w_win_0.9.15b3.zip
    2015-05-21 02:46 - 2015-05-21 02:46 - 00000000 ____D () C:\Program Files\Java
    2015-05-21 02:45 - 2015-05-21 02:46 - 00696904 _____ (Generic ) C:\Users\GIINOVA\Downloads\Setup (1).exe
    2015-05-21 02:41 - 2015-05-21 02:44 - 43189344 _____ (Oracle Corporation) C:\Users\GIINOVA\Downloads\jre-8u45-windows-x64.exe
    2015-05-21 02:34 - 2015-05-21 02:35 - 02535424 _____ () C:\Users\GIINOVA\Downloads\tinyumbrella_windows-x64_8_2_0_60_InstalledJRE.exe
    2015-05-21 02:22 - 2015-05-21 02:22 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\47117FCE.sys
    2015-05-21 02:02 - 2015-05-21 02:11 - 00000000 ____D () C:\Users\GIINOVA\Desktop\iphone 5 camera backup may 21
    2015-05-21 01:47 - 2015-05-24 08:53 - 00038983 _____ () C:\Users\GIINOVA\Downloads\SemiRestore8-Windows-1.0.3.zip
    2015-05-21 01:47 - 2015-05-21 03:03 - 00000000 ____D () C:\Users\GIINOVA\Desktop\Iphone semi-restore for 8.1.2
    2015-05-21 01:23 - 2015-05-21 01:23 - 00000000 _____ () C:\Users\GIINOVA\AppData\Local\{9E4A9185-F523-40D7-87D1-407804A5CE0B}
    2015-05-20 21:02 - 2015-05-20 21:02 - 17425340 _____ () C:\Users\GIINOVA\Downloads\Metal.Gear.Solid.The.Legacy.Collection.PS3-ANTiDOTE.nzb
    2015-05-20 21:00 - 2015-05-20 21:00 - 00502184 _____ () C:\Users\GIINOVA\Downloads\1787.Kindle.eBooks.nzb
    2015-05-20 12:59 - 2015-05-20 13:00 - 03779034 _____ () C:\Users\GIINOVA\Downloads\Gran.Turismo.6.PS3-DUPLEX.nzb
    2015-05-20 12:35 - 2015-05-20 12:36 - 04646332 _____ () C:\Users\GIINOVA\Downloads\Dont.Be.A.Menace.To.South.Central.While.Drinking.Your.Juice.In.Thehe.Hood.REMUX.1080i.BluRay.DTS-HD.MA.5.1.AVC-LEGi0N.nzb
    2015-05-20 12:35 - 2015-05-20 12:35 - 04646330 _____ () C:\Users\GIINOVA\Downloads\Dont.Be.A.Menace.To.South.Central.While.Drinking.Your.Juice.In.The.Hood.Remux.1080i.BluRay.DTS-HD.MA.5.1.AVC-LEGI0N (1).nzb
    2015-05-20 12:33 - 2015-05-20 12:33 - 06336679 _____ () C:\Users\GIINOVA\Downloads\Fury.2014.Bd25-Remux.Fr-En.x264.Dts-BZH29.nzb
    2015-05-20 12:28 - 2015-05-20 12:28 - 03150894 _____ () C:\Users\GIINOVA\Downloads\Fury.2014.1080p.Remux.AVC.FLAC.5.1-EbP (1).nzb
    2015-05-20 12:27 - 2015-05-20 12:27 - 03303154 _____ () C:\Users\GIINOVA\Downloads\Fury.2014.BluRay.Remux.1080p.AVC.DTS-HD.MA.5.1-HiFi (1).nzb
    2015-05-20 12:27 - 2015-05-20 12:27 - 03150894 _____ () C:\Users\GIINOVA\Downloads\Fury.2014.1080p.Remux.AVC.FLAC.5.1-EbP.nzb
    2015-05-20 12:23 - 2015-05-20 12:23 - 04664624 _____ () C:\Users\GIINOVA\Downloads\Non-Stop.Sin.escalas.2014.FullBluray-UsenetHD.nzb
    2015-05-20 04:15 - 2015-05-20 04:16 - 10926924 _____ () C:\Users\GIINOVA\Downloads\SABnzbd-0.7.20-win32-setup.exe
    2015-05-19 19:55 - 2015-05-19 19:56 - 03602254 _____ () C:\Users\GIINOVA\Downloads\WWE.2K15.PS3-iMARS.nzb
    2015-05-19 13:11 - 2015-05-19 13:12 - 05404160 _____ () C:\Users\GIINOVA\Downloads\The.Imitation.Game.2014.COMPLETE.BLURAY-PCH.nzb
    2015-05-19 13:11 - 2015-05-19 13:11 - 05605254 _____ () C:\Users\GIINOVA\Downloads\Interstellar.2014.1080p.CEE.Blu-ray.AVC.DTS-HD.MA.5.1-HDCLUB.nzb
    2015-05-19 13:00 - 2015-05-19 13:00 - 04525864 _____ () C:\Users\GIINOVA\Downloads\The.Dance.of.Reality.2013.BluRay.Remux.1080p.AVC.DTS-HD.MA.5.1-HiFi.nzb
    2015-05-19 13:00 - 2015-05-19 13:00 - 02576124 _____ () C:\Users\GIINOVA\Downloads\Jessabelle.2014.BluRay.Remux.1080p.AVC.DTS-HD.MA.5.1-HiFi.nzb
    2015-05-19 13:00 - 2015-05-19 13:00 - 02425941 _____ () C:\Users\GIINOVA\Downloads\The.Boxtrolls.2014.BluRay.Remux.1080p.Avc.Dts-Hd.Ma.5.1-HIFI (1).nzb
    2015-05-19 12:59 - 2015-05-19 12:59 - 02095531 _____ () C:\Users\GIINOVA\Downloads\Adventure.Time.With.Finn.And.Jake.S04.1080p.BluRay.x264-DEiMOS.nzb
    2015-05-19 12:54 - 2015-05-19 12:54 - 07779178 _____ () C:\Users\GIINOVA\Downloads\Mad5689006MaxIII.nzb
    2015-05-19 12:54 - 2015-05-19 12:54 - 05810509 _____ () C:\Users\GIINOVA\Downloads\mad480867452max.nzb
    2015-05-19 12:53 - 2015-05-19 12:54 - 04905383 _____ () C:\Users\GIINOVA\Downloads\Mad7474676000Max.nzb
    2015-05-19 12:51 - 2015-05-19 12:52 - 02230993 _____ () C:\Users\GIINOVA\Downloads\Taken.3.2014.EXTENDED.1080p.BluRay.DTS.x264-HDA.nzb
    2015-05-19 12:50 - 2015-05-19 12:50 - 01674935 _____ () C:\Users\GIINOVA\Downloads\Dampfnudelblues.2013.1080.BluRay.AC3-NoGroup.nzb
    2015-05-19 12:44 - 2015-05-19 12:44 - 08883481 _____ () C:\Users\GIINOVA\Downloads\Forrest.Gump.1994.BluRay.REMUX.1080p.AVC.DTS-HD.MA.5.1-iFT.nzb
    2015-05-19 12:39 - 2015-05-19 12:39 - 09946058 _____ () C:\Users\GIINOVA\Downloads\Starred.Up.2013.1080p.BluRay.REMUX.AVC.DTS-HD.MA.5.1-RARBG-NZBgeek.nzb
    2015-05-19 12:39 - 2015-05-19 12:39 - 03303154 _____ () C:\Users\GIINOVA\Downloads\Fury.2014.BluRay.Remux.1080p.AVC.DTS-HD.MA.5.1-HiFi.nzb
    2015-05-19 12:38 - 2015-05-19 12:38 - 03190557 _____ () C:\Users\GIINOVA\Downloads\Big.Hero.6.2014.BluRay.Remux.1080p.AVC.DTS-HD.MA.7.1-HiFi.nzb
    2015-05-19 12:38 - 2015-05-19 12:38 - 02720260 _____ () C:\Users\GIINOVA\Downloads\What.We.Did.On.Our.Holiday.2014.BluRay.Remux.1080p.Avc.Dts-Hd.Ma.5.1-HIFI.nzb
    2015-05-19 12:36 - 2015-05-19 12:36 - 05240154 _____ () C:\Users\GIINOVA\Downloads\Need.for.Speed.2014.BluRay.Remux.1080p.AVC.DTS-HD.MA.7.1-HiFi.nzb
    2015-05-19 12:35 - 2015-05-19 12:36 - 04646330 _____ () C:\Users\GIINOVA\Downloads\Dont.Be.A.Menace.To.South.Central.While.Drinking.Your.Juice.In.The.Hood.Remux.1080i.BluRay.DTS-HD.MA.5.1.AVC-LEGI0N.nzb
    2015-05-19 12:35 - 2015-05-19 12:35 - 04912764 _____ () C:\Users\GIINOVA\Downloads\The.Imitation.Game.2014.BluRay.Remux.1080p.AVC.DTS-HD.MA.5.1-decibeL.nzb
    2015-05-19 11:51 - 2015-05-19 12:00 - 42264460 _____ () C:\Users\GIINOVA\Downloads\166624_720x406_500k.mp4-
    2015-05-19 11:12 - 2015-05-19 11:12 - 00063214 _____ () C:\Users\GIINOVA\Downloads\Creamy Goodness.html
    2015-05-19 11:12 - 2015-05-19 11:12 - 00000000 ____D () C:\Users\GIINOVA\Downloads\Creamy Goodness_files
    2015-05-19 11:09 - 2015-05-19 11:09 - 00150108 _____ () C:\Users\GIINOVA\Downloads\Orgasms.And.Cumshot.nzb
    2015-05-19 11:09 - 2015-05-19 11:09 - 00079757 _____ () C:\Users\GIINOVA\Downloads\LeluLove.15.05.08.Clean.All.My.High.Heels.Ruined.Orgasm.XXX.1080p.WMV-TBP.nzb
    2015-05-19 11:08 - 2015-05-19 11:08 - 00090560 _____ () C:\Users\GIINOVA\Downloads\Hegre-Art.15.05.19.Leyla.Sunny.Climax.XXX.1080p.MP4-KTR.nzb
    2015-05-19 11:08 - 2015-05-19 11:08 - 00060805 _____ () C:\Users\GIINOVA\Downloads\Met-Art.15.05.19.Katherine.A.Zolty.XXX.1080p.MP4-KTR.nzb
    2015-05-19 11:08 - 2015-05-19 11:08 - 00060805 _____ () C:\Users\GIINOVA\Downloads\Met-Art.15.05.19.Katherine.A.Zolty.XXX.1080p.MP4-KTR (1).nzb
    2015-05-19 10:43 - 2015-05-19 10:43 - 00320253 _____ () C:\Users\GIINOVA\Downloads\f44652761.nzb
    2015-05-19 10:42 - 2015-05-19 10:42 - 00654148 _____ () C:\Users\GIINOVA\Downloads\f44703598.nzb
    2015-05-19 10:42 - 2015-05-19 10:42 - 00492646 _____ () C:\Users\GIINOVA\Downloads\f44699873.nzb
    2015-05-19 10:37 - 2015-05-19 10:37 - 00229853 _____ () C:\Users\GIINOVA\Downloads\f44604385.nzb
    2015-05-19 10:37 - 2015-05-19 10:37 - 00042296 _____ () C:\Users\GIINOVA\Downloads\f34265312.nzb
    2015-05-19 10:36 - 2015-05-19 10:36 - 00355044 _____ () C:\Users\GIINOVA\Downloads\f20981270.nzb
    2015-05-19 10:36 - 2015-05-19 10:36 - 00278681 _____ () C:\Users\GIINOVA\Downloads\f33737813.nzb
    2015-05-19 10:36 - 2015-05-19 10:36 - 00023689 _____ () C:\Users\GIINOVA\Downloads\f24752016.nzb
    2015-05-19 10:36 - 2015-05-19 10:36 - 00003296 _____ () C:\Users\GIINOVA\Downloads\f20702556.nzb
    2015-05-19 10:35 - 2015-05-19 10:35 - 00357107 _____ () C:\Users\GIINOVA\Downloads\f37719317.nzb
    2015-05-19 10:35 - 2015-05-19 10:35 - 00097590 _____ () C:\Users\GIINOVA\Downloads\f38916304.nzb
    2015-05-19 10:35 - 2015-05-19 10:35 - 00079622 _____ () C:\Users\GIINOVA\Downloads\f38631199.nzb
    2015-05-19 10:35 - 2015-05-19 10:35 - 00063526 _____ () C:\Users\GIINOVA\Downloads\f37147160.nzb
    2015-05-19 10:35 - 2015-05-19 10:35 - 00055904 _____ () C:\Users\GIINOVA\Downloads\f36882830.nzb
    2015-05-19 03:40 - 2015-05-19 03:40 - 00209121 _____ () C:\Users\GIINOVA\Downloads\BDMV Adventure Time S03 Blu-ray.nzb
    2015-05-19 03:09 - 2015-05-19 03:09 - 00095931 _____ () C:\Users\GIINOVA\Downloads\Looney Tunes and Merrie Melodies HQ Project - Part 2of4.nzb
    2015-05-19 02:53 - 2015-05-19 02:53 - 15764064 _____ () C:\Users\GIINOVA\Downloads\ABMC_irc_DejaToons_net_Looney_Tunes_and_Merrie_Melodies_HQ_Project_Part (2).nzb
    2015-05-19 02:53 - 2015-05-19 02:53 - 12900016 _____ () C:\Users\GIINOVA\Downloads\Looney_Tunes_and_Merrie_Melodies_HQ_Project_Part_ABMC_irc_DejaToons_net.nzb
    2015-05-19 01:54 - 2015-05-19 01:54 - 00000000 ____D () C:\Users\GIINOVA\AppData\Local\Steam
    2015-05-19 00:51 - 2015-05-19 00:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
    2015-05-19 00:51 - 2015-05-19 00:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcecm_01007.Wdf
    2015-05-19 00:51 - 2015-05-19 00:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
    2015-05-19 00:50 - 2015-05-19 00:50 - 00001188 _____ () C:\Users\Public\Desktop\Ooredoo 4G MyFi.lnk
    2015-05-19 00:50 - 2015-05-19 00:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
    2015-05-19 00:50 - 2015-05-19 00:50 - 00000000 ____D () C:\Program Files (x86)\Ooredoo 4G MyFi
    2015-05-19 00:50 - 2013-11-01 05:25 - 00376448 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_wwanecm.sys
    2015-05-19 00:50 - 2013-10-23 06:43 - 00121728 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_cdcacm.sys
    2015-05-19 00:50 - 2013-09-02 10:50 - 00456192 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
    2015-05-19 00:50 - 2013-06-29 12:17 - 00246272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
    2015-05-19 00:50 - 2013-03-04 11:32 - 00110592 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
    2015-05-19 00:50 - 2013-03-04 11:32 - 00091648 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
    2015-05-19 00:50 - 2013-03-04 11:32 - 00077312 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
    2015-05-19 00:50 - 2013-03-04 11:32 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
    2015-05-19 00:50 - 2013-03-04 11:21 - 00226048 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
    2015-05-19 00:50 - 2013-01-25 04:16 - 00109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
    2015-05-19 00:50 - 2012-12-22 04:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
    2015-05-19 00:50 - 2012-08-20 03:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
    2015-05-19 00:50 - 2010-10-08 11:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
    2015-05-19 00:50 - 2010-09-26 13:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
    2015-05-19 00:49 - 2015-05-19 00:51 - 00000000 ____D () C:\ProgramData\DatacardService
    2015-05-18 20:29 - 2015-05-18 20:29 - 05385492 _____ () C:\Users\GIINOVA\Downloads\attachments.zip
    2015-05-18 05:15 - 2015-05-18 05:15 - 00000815 _____ () C:\Users\GIINOVA\Desktop\µTorrent.lnk
    2015-05-18 05:15 - 2015-05-18 05:15 - 00000795 _____ () C:\Users\GIINOVA\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
    2015-05-18 00:52 - 2015-05-18 00:52 - 00399736 _____ (BitTorrent, Inc.) C:\Users\GIINOVA\Downloads\utorrent_2.2.1.25203.exe
    2015-05-18 00:51 - 2015-05-18 00:51 - 00289584 _____ (BitTorrent, Inc.) C:\Users\GIINOVA\Downloads\utorrent_1.8.5 (1).exe
    2015-05-18 00:50 - 2015-05-18 00:50 - 00000000 ____D () C:\Users\GIINOVA\Desktop\New folder (14)
    2015-05-18 00:31 - 2015-05-18 00:39 - 00093030 _____ (五福世纪科技有限公司) C:\Users\GIINOVA\Downloads\5F800Setup.exe
    2015-05-18 00:12 - 2015-05-18 00:12 - 48342136 _____ () C:\Users\GIINOVA\Downloads\ABMC_irc_DejaToons_net_Looney_Tunes_and_Merrie_Melodies_HQ_Project_Part (1).nzb
    2015-05-17 16:35 - 2015-05-17 16:35 - 00000000 ____D () C:\Users\GIINOVA\Desktop\dad's records
    2015-05-17 01:47 - 2015-05-17 01:48 - 3133794066 _____ () C:\Users\GIINOVA\Downloads\Archive-3394.zip
    2015-05-16 20:46 - 2015-05-16 20:46 - 10993783 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (17).rar
    2015-05-16 20:44 - 2015-05-16 20:45 - 10065920 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (16).rar
    2015-05-16 18:35 - 2015-05-16 18:35 - 48342136 _____ () C:\Users\GIINOVA\Downloads\ABMC_irc_DejaToons_net_Looney_Tunes_and_Merrie_Melodies_HQ_Project_Part.nzb
    2015-05-15 02:37 - 2015-05-15 02:37 - 00035843 _____ () C:\Users\GIINOVA\Downloads\rush-hour_english-759678.zip
    2015-05-15 02:37 - 2013-07-20 22:01 - 00096833 _____ () C:\Users\GIINOVA\Desktop\Rush.Hour.1.1998.720p.BRrip.x264.YIFY.srt
    2015-05-15 02:28 - 2015-05-15 01:41 - 644989466 _____ () C:\Users\GIINOVA\Downloads\VHB.Rush.Hour.1.1998.72.ESiR.part5.rar
    2015-05-14 19:57 - 2015-05-14 19:57 - 00048356 _____ () C:\Users\GIINOVA\Downloads\pk_english-1039809.zip
    2015-05-14 19:56 - 2015-05-14 19:56 - 00048048 _____ () C:\Users\GIINOVA\Downloads\pk_english-1054444.zip
    2015-05-14 02:02 - 2014-11-23 15:53 - 00000000 ____D () C:\Users\GIINOVA\Desktop\tmp
    2015-05-14 00:24 - 2015-05-14 00:24 - 00265712 _____ () C:\Users\GIINOVA\Downloads\BO2_GSC_Injector_Sample (3).rar
    2015-05-14 00:23 - 2015-05-14 00:24 - 07214512 _____ () C:\Users\GIINOVA\Downloads\(BLES01717)t6mp_ps3f (2).self
    2015-05-14 00:16 - 2015-05-14 00:16 - 14218072 _____ () C:\Users\GIINOVA\Downloads\(DEX)t6mp_ps3f.self
    2015-05-13 23:58 - 2015-05-13 23:58 - 00000000 ____D () C:\dlc for usb
    2015-05-13 23:38 - 2015-05-13 23:38 - 00102400 _____ () C:\Users\GIINOVA\Downloads\(BLES01717) Camo Pack 3 Fix By [XxUnkn0wnxX].pkg
    2015-05-13 23:38 - 2015-05-13 23:38 - 00102400 _____ () C:\Users\GIINOVA\Downloads\(BLES01717) B02 Paladin Camo Fix By [XxUnkn0wnxX].pkg
    2015-05-13 23:38 - 2015-05-13 23:38 - 00102400 _____ () C:\Users\GIINOVA\Downloads\(BLES01717) B02 Mega DLC Pack Fixes By [XxUnkn0wnxX] (1).pkg
    2015-05-13 23:38 - 2015-05-13 23:38 - 00102400 _____ () C:\Users\GIINOVA\Downloads\(BLES01717) B02 Cyborg & Dragon Camo Pack FIX [XxUnkn0wnxX].pkg
    2015-05-13 23:29 - 2015-05-13 23:29 - 00259293 _____ () C:\Users\GIINOVA\Downloads\COD.Advanced.Warfare.ALL.DLC.FIX.rar
    2015-05-13 23:29 - 2015-05-13 23:29 - 00004371 _____ () C:\Users\GIINOVA\Downloads\AW (1).rar
    2015-05-13 22:18 - 2015-05-13 22:30 - 1056324720 _____ () C:\Users\GIINOVA\Downloads\UP0002-BLUS31466_00-CODAW0000000TU13-A0113-V0100-PE.pkg
    2015-05-13 19:04 - 2015-05-13 19:04 - 00043634 _____ () C:\Users\GIINOVA\Downloads\UP0002 BLUS31466 00 CODAWMAP000HAVOC bg 1 b3c411204769fa8842b0bda1f148c1fb265508f7 pkg [Burnbit] (1).torrent
    2015-05-13 18:58 - 2015-05-13 18:58 - 00046376 _____ () C:\Users\GIINOVA\Downloads\kCmetGwjeaWcHqUHozeadIWJxAUpWjBbJgDnkkGpTYXEjzrVGwfwZORpodnYqRMt pkg [Burnbit].torrent
    2015-05-13 18:58 - 2015-05-13 18:58 - 00043634 _____ () C:\Users\GIINOVA\Downloads\UP0002 BLUS31466 00 CODAWMAP000HAVOC bg 1 b3c411204769fa8842b0bda1f148c1fb265508f7 pkg [Burnbit].torrent
    2015-05-13 18:56 - 2015-05-13 18:56 - 00040862 _____ () C:\Users\GIINOVA\Downloads\UP0002 BLUS31466 00 CODAW0000000TU13 A0113 V0100 PE pkg [Burnbit].torrent
    2015-05-13 18:17 - 2015-05-13 18:17 - 00150733 _____ () C:\Users\GIINOVA\Downloads\Fifty.Shades.of.Grey.2015.UNRATED.1080p.BluRay.AVC.DTS-HD.MA.5.1-RARBG-[rarbg.com].torrent
    2015-05-13 02:52 - 2015-05-13 02:53 - 857785241 _____ () C:\Users\GIINOVA\Downloads\CODASCENDANCEBLUS CYBERMANCHA.rar
    2015-05-13 02:31 - 2015-05-13 02:31 - 00000000 ____D () C:\Users\GIINOVA\Desktop\New folder (13)
    2015-05-13 00:59 - 2015-05-13 00:59 - 00004371 _____ () C:\Users\GIINOVA\Downloads\AW.rar
    2015-05-12 22:48 - 2015-05-12 22:48 - 00000550 _____ () C:\Users\GIINOVA\Documents\bo2 dlc.txt
    2015-05-11 20:23 - 2015-05-11 20:23 - 00880208 _____ (Google Inc.) C:\Users\Guest\Downloads\ChromeSetup.exe
    2015-05-11 14:53 - 2015-05-11 14:55 - 00000000 ____D () C:\Users\GIINOVA\Desktop\PSNDL
    2015-05-11 14:52 - 2015-05-11 14:53 - 03199179 _____ () C:\Users\GIINOVA\Downloads\PSNDL - v0.3 (1).zip
    2015-05-11 14:48 - 2015-05-11 14:48 - 02947422 _____ () C:\Users\GIINOVA\Downloads\psnstuff.zip
    2015-05-11 03:33 - 2015-05-11 03:33 - 00054783 _____ () C:\Users\GIINOVA\Downloads\DMoIhmoeRrzAxYvyVZOjjWLNYBptJCexFafnADjsaHqwSFkYRXhWxsXjZWFdHEFp pkg [Burnbit].torrent
    2015-05-11 03:32 - 2015-05-11 03:32 - 00102400 _____ () C:\Users\GIINOVA\Downloads\BO2 FIX BY TheRouLetteBoi (BLES01717).pkg
    2015-05-11 03:32 - 2015-05-11 03:32 - 00102400 _____ () C:\Users\GIINOVA\Downloads\(BLES01717) B02 Mega DLC Pack Fixes By [XxUnkn0wnxX].pkg
    2015-05-11 03:31 - 2015-05-11 03:31 - 00035564 _____ () C:\Users\GIINOVA\Downloads\QJFAdLnpVhVVwTRUxCsvUGYHiHUBJZdXbfwYKqxSurrfWsQmPUEDPievMGjemsQO pkg [Burnbit].torrent
    2015-05-11 03:30 - 2015-05-11 03:30 - 00037604 _____ () C:\Users\GIINOVA\Downloads\wEjkdqdYOibeCxFnQGmoUfVAHZEfqXPEbyNiRWRPAXazRwpFmSFZlAblhdNVsDmJ pkg [Burnbit].torrent
    2015-05-11 03:30 - 2015-05-11 03:30 - 00032904 _____ () C:\Users\GIINOVA\Downloads\iGZAqngEkWjjyPulBZMdJGdTbemCKofrLvZJnHudWscUHnEehyNuzETdjUVpHluk pkg [Burnbit].torrent
    2015-05-11 03:30 - 2015-05-11 03:30 - 00032904 _____ () C:\Users\GIINOVA\Downloads\iGZAqngEkWjjyPulBZMdJGdTbemCKofrLvZJnHudWscUHnEehyNuzETdjUVpHluk pkg [Burnbit] (1).torrent
    2015-05-10 21:46 - 2015-05-10 21:55 - 110470488 _____ (Kaspersky Lab ZAO) C:\Users\GIINOVA\Downloads\KVRT (2).exe
    2015-05-10 02:40 - 2015-05-10 02:41 - 10993783 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (15).rar
    2015-05-10 02:38 - 2015-05-10 02:45 - 12604264 _____ () C:\Users\GIINOVA\Downloads\KVRT (1).exe
    2015-05-10 02:33 - 2015-05-10 02:33 - 00457824 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\C95A9BD0.sys
    2015-05-10 02:31 - 2015-05-10 02:35 - 01244480 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (14).rar
    2015-05-10 02:27 - 2015-05-10 02:28 - 01190415 _____ () C:\Users\GIINOVA\Downloads\ProcessExplorer (1).zip
    2015-05-10 02:24 - 2015-05-10 02:26 - 00900416 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (13).rar
    2015-05-10 02:23 - 2015-05-10 02:24 - 858642975 _____ () C:\Users\GIINOVA\Downloads\Call of Duty Advance warfare.rar
    2015-05-10 02:23 - 2015-05-10 02:23 - 00102400 _____ () C:\Users\GIINOVA\Downloads\COD.Advanced.Warfare.AIO.USA.x23.DLC.FIX.BLUS31466-ZMK.pkg
    2015-05-09 14:00 - 2015-05-09 14:02 - 11526237 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (12).rar
    2015-05-07 19:31 - 2015-05-07 19:31 - 04028560 _____ () C:\Users\GIINOVA\Downloads\SEN_Enabler_v5.8.1_[CEX-DEX]_[4.70].pkg.291.v5.8.1_brewology_com.pkg
    2015-05-06 22:54 - 2015-05-06 22:54 - 07216416 _____ () C:\Users\GIINOVA\Downloads\EBOOT(BLUS31011).BIN
    2015-05-06 15:34 - 2015-05-06 15:34 - 01023776 _____ () C:\Users\GIINOVA\Downloads\B02 SAMPLE PACK 2 1.75 {SPRX V1.5}.rar
    2015-05-06 02:13 - 2015-05-06 02:14 - 09245656 _____ (TeamViewer GmbH) C:\Users\GIINOVA\Downloads\TeamViewer_Setup (5).exe
    2015-05-05 22:27 - 2015-05-05 22:28 - 07216416 _____ () C:\Users\GIINOVA\Downloads\EBOOT(BLES01717) (3).BIN
    2015-05-05 22:22 - 2015-05-05 22:23 - 14218200 _____ () C:\Users\GIINOVA\Downloads\EBOOT(Debug).BIN
    2015-05-05 22:11 - 2015-05-05 22:11 - 00350278 _____ () C:\Users\GIINOVA\Downloads\WebCruiser_Enterprise.rar
    2015-05-05 20:58 - 2015-05-05 21:01 - 09245656 _____ (TeamViewer GmbH) C:\Users\GIINOVA\Downloads\TeamViewer_Setup (4).exe
    2015-05-05 16:34 - 2015-05-05 16:34 - 00000000 ____D () C:\Users\GIINOVA\Desktop\Extortion GTA 1.23 Update4
    2015-05-05 14:20 - 2015-05-05 14:20 - 00265712 _____ () C:\Users\GIINOVA\Downloads\BO2_GSC_Injector_Sample (2).rar
    2015-05-05 13:06 - 2015-05-05 13:06 - 01190415 _____ () C:\Users\GIINOVA\Downloads\ProcessExplorer.zip
    2015-05-05 00:20 - 2015-05-05 00:20 - 07969034 _____ () C:\Users\GIINOVA\Downloads\BO2 Eboot-Self Builder v1.0.rar
    2015-05-05 00:14 - 2015-05-05 00:14 - 00317014 _____ () C:\Users\GIINOVA\Downloads\SPRX Files.rar
    2015-05-05 00:13 - 2015-05-05 00:14 - 07214528 _____ () C:\Users\GIINOVA\Downloads\EBOOT(BLES01717) (2).BIN
    2015-05-04 22:45 - 2015-05-04 22:45 - 00003296 _____ () C:\Users\GIINOVA\Downloads\BO2_GSC_Injector (1).cfg
    2015-05-04 22:44 - 2015-05-05 00:21 - 00000000 ____D () C:\Users\GIINOVA\Desktop\gsc mod menu for bo 1.19
    2015-05-04 22:44 - 2015-05-04 22:45 - 07214512 _____ () C:\Users\GIINOVA\Downloads\(BLES01717)t6mp_ps3f (1).self
    2015-05-04 22:44 - 2015-05-04 22:45 - 00045737 _____ () C:\Users\GIINOVA\Downloads\BO2_GSC_Injector (1).sprx
    2015-05-04 22:43 - 2015-05-04 22:44 - 00265712 _____ () C:\Users\GIINOVA\Downloads\BO2_GSC_Injector_Sample (1).rar
    2015-05-04 21:34 - 2015-05-04 21:35 - 07216416 _____ () C:\Users\GIINOVA\Downloads\EBOOT(BLES01717) (1).BIN
    2015-05-04 20:48 - 2015-05-04 20:49 - 10977983 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (11).rar
    2015-05-04 20:48 - 2015-05-04 20:49 - 10974338 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (10).rar
    2015-05-04 20:47 - 2015-05-04 20:48 - 11738828 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (9).rar
    2015-05-04 19:03 - 2015-05-04 19:03 - 01141898 _____ () C:\Users\Guest\Downloads\Reminder IAL Edexcel Exam 2015 (AS & A Level).zip
    2015-05-04 19:00 - 2015-05-04 19:01 - 00000000 ____D () C:\Users\Public\Documents\New folder
    2015-05-04 18:35 - 2015-05-04 18:35 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\DAEMON Tools Lite
    2015-05-04 18:32 - 2015-05-04 18:32 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\ImgBurn
    2015-05-04 18:31 - 2015-05-04 18:31 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\uTorrent
    2015-05-04 15:08 - 2009-11-03 15:23 - 325400576 _____ () C:\Users\Public\Documents\Tooth paste.VOB
    2015-05-04 15:08 - 2009-11-03 15:23 - 206944256 _____ () C:\Users\Public\Documents\Vitamin C.VOB
    2015-05-04 15:07 - 2009-11-03 15:23 - 416471040 _____ () C:\Users\Public\Documents\Plant Fibers.VOB
    2015-05-04 15:07 - 2009-11-03 15:23 - 337899520 _____ () C:\Users\Public\Documents\mitosis meiosis.VOB
    2015-05-04 15:07 - 2009-11-03 15:23 - 19269632 _____ () C:\Users\Public\Documents\enzyme graphs.VOB
    2015-05-04 15:07 - 2009-11-03 15:23 - 146280448 _____ () C:\Users\Public\Documents\Plant Tissue Culture.VOB
    2015-05-04 15:07 - 2009-11-03 15:23 - 125339648 _____ () C:\Users\Public\Documents\Minerals and Plant Growth.VOB
    2015-05-04 15:06 - 2009-11-03 15:23 - 476852224 _____ () C:\Users\Public\Documents\Daphnia Heartbeat.VOB
    2015-05-04 15:06 - 2009-11-03 15:23 - 318781440 _____ () C:\Users\Public\Documents\Beatroot.VOB
    2015-05-04 15:06 - 2009-11-03 15:23 - 263229440 _____ () C:\Users\Public\Documents\All Practical.VOB
    2015-05-04 15:06 - 2009-11-03 15:23 - 1073565696 ____R () C:\Users\Public\Documents\Enzyme Conc & Activity.VOB
    2015-05-04 15:03 - 2015-05-04 15:03 - 00000000 ____D () C:\Users\GIINOVA\Desktop\sandisk 4gb microsd may 2015
    2015-05-04 14:58 - 2015-05-04 14:58 - 00056320 _____ () C:\Users\GIINOVA\Downloads\update.bin
    2015-05-04 14:34 - 2015-05-04 14:34 - 00000000 ____D () C:\Users\GIINOVA\Desktop\Received files
    2015-05-03 20:51 - 2015-05-03 20:52 - 00900902 _____ () C:\Users\GIINOVA\Downloads\Calendar of Events - Academic Session 2015-16.zip
    2015-05-03 20:45 - 2015-05-03 20:45 - 00068134 _____ () C:\Users\GIINOVA\Downloads\Some new material.zip
    2015-05-03 16:02 - 2015-05-03 16:04 - 26714384 _____ () C:\Users\GIINOVA\Downloads\[BLUS30127]GTA-IV-CJ-PRODUCTION-4xx.pkg
    2015-05-03 16:02 - 2013-02-12 17:19 - 05963776 _____ () C:\Users\GIINOVA\Desktop\update.img
    2015-05-03 15:59 - 2015-05-03 16:00 - 03800057 _____ () C:\Users\GIINOVA\Downloads\GTA IV - CJ Mod Menu.rar
    2015-05-02 20:10 - 2015-05-02 20:18 - 117090583 _____ () C:\Users\GIINOVA\Downloads\[CEX-DEX][BLES-BLUS] GTA V 1.23 Bypass + 35 Scripts=3SockMM-2much4uMM + Garage Bypass + Extras v47 by Kris1EROOT1IK.rar
    2015-05-02 19:10 - 2015-05-02 19:10 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\3BB63724.sys
    2015-05-02 19:10 - 2015-05-02 19:10 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1BEF36F0.sys
    2015-05-01 22:06 - 2015-05-01 22:07 - 05133741 _____ () C:\Users\GIINOVA\Downloads\EVERYTHINGDEXEBOOT.rar
    2015-05-01 21:37 - 2015-05-01 21:38 - 1947749712 _____ () C:\Users\GIINOVA\Downloads\1.23 Restoration.pkg
    2015-04-30 15:53 - 2015-04-30 15:59 - 73238567 _____ () C:\Users\GIINOVA\Downloads\Endeavour.rar
    2015-04-28 13:16 - 2015-04-28 13:30 - 185982042 _____ () C:\Users\GIINOVA\Downloads\toy3 (1).rar
    2015-04-28 12:26 - 2015-04-28 12:33 - 80635226 _____ () C:\Users\GIINOVA\Downloads\toy3.rar
    2015-04-27 15:43 - 2015-04-27 15:43 - 00000000 ____D () C:\Users\GIINOVA\Documents\Visual Studio 2012
    2015-04-27 15:42 - 2015-04-27 15:42 - 00000000 ____D () C:\Program Files (x86)\NuGet
    2015-04-27 15:39 - 2015-04-27 15:39 - 00000000 ____D () C:\Windows\symbols
    2015-04-27 15:38 - 2015-04-27 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
    2015-04-27 15:38 - 2015-04-27 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 Express
    2015-04-27 15:38 - 2015-04-27 15:38 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
    2015-04-27 15:37 - 2015-04-27 15:42 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
    2015-04-27 15:37 - 2015-04-27 15:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
    2015-04-27 15:37 - 2015-04-27 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
    2015-04-27 15:37 - 2015-04-27 15:37 - 00000000 ____D () C:\Windows\SysWOW64\1033
    2015-04-27 15:37 - 2015-04-27 15:37 - 00000000 ____D () C:\Windows\system32\1033
    2015-04-27 15:37 - 2015-04-27 15:37 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
    2015-04-27 15:37 - 2015-04-27 15:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2015-04-27 15:37 - 2015-04-27 15:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
    2015-04-27 15:37 - 2015-04-27 15:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer
    2015-04-27 15:36 - 2015-04-27 15:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
    2015-04-27 15:30 - 2015-04-27 15:32 - 11741552 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (8).rar
    2015-04-27 15:27 - 2015-04-27 15:29 - 11761893 _____ () C:\Users\GIINOVA\Downloads\bkpps3 (7).rar
    2015-04-27 14:08 - 2015-04-27 14:08 - 00049337 _____ () C:\Users\GIINOVA\Downloads\VS2012 WDX ENU iso [Burnbit].torrent
    2015-04-27 14:07 - 2015-04-27 14:07 - 00934728 _____ (Microsoft Corporation) C:\Users\GIINOVA\Downloads\wdexpress_full.exe

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-27 03:32 - 2014-08-30 02:17 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\Skype
    2015-05-27 03:05 - 2014-08-29 14:30 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\vlc
    2015-05-27 02:46 - 2009-07-14 05:34 - 00000215 _____ () C:\Windows\system.ini
    2015-05-27 02:03 - 2014-08-28 18:36 - 01709576 _____ () C:\Windows\WindowsUpdate.log
    2015-05-27 00:50 - 2015-03-19 23:38 - 00000000 ____D () C:\Users\GIINOVA\Documents\iFree Skype Recorder
    2015-05-27 00:49 - 2009-07-14 07:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-05-27 00:49 - 2009-07-14 07:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-05-27 00:47 - 2014-09-03 00:45 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
    2015-05-27 00:46 - 2014-08-31 18:20 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\uTorrent
    2015-05-27 00:45 - 2015-02-08 00:36 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-05-27 00:44 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-05-27 00:44 - 2009-07-14 07:51 - 00154332 _____ () C:\Windows\setupact.log
    2015-05-26 21:06 - 2009-07-14 08:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-05-26 19:59 - 2014-09-01 21:06 - 00000000 ____D () C:\Program Files (x86)\Opera
    2015-05-26 16:11 - 2014-08-30 02:10 - 00173302 _____ () C:\Windows\PFRO.log
    2015-05-26 08:02 - 2014-08-28 18:31 - 00000000 ____D () C:\Users\GIINOVA
    2015-05-26 07:59 - 2015-04-26 00:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2015-05-26 07:57 - 2014-08-29 13:39 - 00000000 ____D () C:\Program Files (x86)\Google
    2015-05-26 07:56 - 2014-08-29 13:39 - 00000000 ____D () C:\Users\GIINOVA\AppData\Local\Google
    2015-05-26 03:48 - 2014-09-26 02:10 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\dvdcss
    2015-05-26 00:48 - 2015-03-19 17:43 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\BitTorrent Sync
    2015-05-26 00:44 - 2015-03-19 17:45 - 00000000 ____D () C:\Users\GIINOVA\Documents\IRD (1)
    2015-05-25 22:46 - 2014-12-11 02:55 - 00000515 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
    2015-05-25 16:55 - 2009-07-14 06:20 - 00000000 __RHD () C:\Users\Default
    2015-05-25 16:15 - 2014-12-26 01:52 - 00007605 _____ () C:\Users\GIINOVA\AppData\Local\resmon.resmoncfg
    2015-05-24 22:56 - 2014-08-29 14:49 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\TeamViewer
    2015-05-24 19:49 - 2015-03-15 00:00 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
    2015-05-24 10:08 - 2014-09-26 00:46 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
    2015-05-24 10:07 - 2015-01-03 21:54 - 00001039 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
    2015-05-24 10:07 - 2015-01-03 21:54 - 00001027 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
    2015-05-24 10:06 - 2015-04-11 14:17 - 00000000 ____D () C:\Program Files (x86)\Notepad++
    2015-05-24 10:06 - 2015-03-15 00:00 - 00001996 _____ () C:\Users\GIINOVA\Desktop\FileZilla Client.lnk
    2015-05-24 10:06 - 2015-03-15 00:00 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
    2015-05-24 09:59 - 2014-08-29 14:17 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
    2015-05-24 03:49 - 2015-02-13 17:18 - 00000000 ____D () C:\updates
    2015-05-23 23:56 - 2015-03-15 00:00 - 00000000 ____D () C:\Users\GIINOVA\AppData\Roaming\FileZilla
    2015-05-23 22:12 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\NDF
    2015-05-23 17:43 - 2015-01-16 00:50 - 00000000 ____D () C:\Users\GIINOVA\Desktop\newest nor backups january 2015
    2015-05-23 02:13 - 2009-07-14 06:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-05-22 16:04 - 2014-10-11 07:13 - 00001306 _____ () C:\Users\Guest\Desktop\ROBLOX Player.lnk
    2015-05-22 16:04 - 2014-10-11 07:10 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
    2015-05-21 20:39 - 2014-09-22 14:04 - 00110536 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-05-21 04:01 - 2015-04-11 00:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPhone Backup Extractor
    2015-05-21 01:43 - 2009-07-14 07:45 - 00415024 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-05-20 19:59 - 2014-09-01 21:06 - 00003834 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1409594811
    2015-05-20 04:17 - 2014-09-05 18:36 - 00000987 _____ () C:\Users\GIINOVA\Desktop\SABnzbd.lnk
    2015-05-19 20:23 - 2014-09-06 03:21 - 00000000 ____D () C:\Users\GIINOVA\AppData\Local\QuickPar
    2015-05-19 01:58 - 2014-09-24 03:10 - 00000000 ____D () C:\Program Files (x86)\Steam
    2015-05-19 01:15 - 2015-01-26 23:31 - 00000945 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
    2015-05-19 01:15 - 2015-01-26 23:31 - 00000939 _____ () C:\Users\Public\Desktop\µTorrent.lnk
    2015-05-19 01:10 - 2014-08-28 20:56 - 00110536 _____ () C:\Users\GIINOVA\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-05-19 00:49 - 2014-09-01 01:21 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppLteUU
    2015-05-19 00:48 - 2014-09-01 01:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2015-05-19 00:47 - 2014-12-17 20:35 - 00000000 ____D () C:\Users\GIINOVA\Mobile_Broadband_LTE
    2015-05-16 20:47 - 2015-01-28 19:22 - 00000000 ____D () C:\Users\GIINOVA\Desktop\sold cid
    2015-05-16 09:02 - 2014-10-12 07:35 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\vlc
    2015-05-15 00:54 - 2014-12-08 03:49 - 00004876 _____ () C:\Windows\system32\RaCoInst.log
    2015-05-13 22:18 - 2015-03-19 16:49 - 00000000 ____D () C:\Users\GIINOVA\Downloads\ird files
    2015-05-11 20:25 - 2014-09-22 14:04 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
    2015-05-11 14:28 - 2015-03-15 02:47 - 00000000 ____D () C:\KVRT_Data
    2015-05-04 18:31 - 2009-07-14 10:46 - 00000000 ____D () C:\Windows\RemotePackages
    2015-05-02 02:36 - 2014-08-30 02:17 - 00000000 ____D () C:\ProgramData\Skype
    2015-05-01 15:11 - 2015-02-08 00:36 - 00001098 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-05-01 15:11 - 2015-02-08 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-05-01 15:11 - 2015-02-08 00:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-04-27 15:42 - 2009-07-14 06:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
    2015-04-27 15:37 - 2009-07-14 08:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
    2015-04-27 15:36 - 2014-08-28 19:16 - 00000000 ____D () C:\ProgramData\Package Cache

    ==================== Files in the root of some directories =======

    2014-12-17 20:57 - 2014-12-17 21:00 - 0000600 _____ () C:\Users\GIINOVA\AppData\Local\PUTTY.RND
    2014-12-26 01:52 - 2015-05-25 16:15 - 0007605 _____ () C:\Users\GIINOVA\AppData\Local\resmon.resmoncfg
    2015-05-21 01:23 - 2015-05-21 01:23 - 0000000 _____ () C:\Users\GIINOVA\AppData\Local\{9E4A9185-F523-40D7-87D1-407804A5CE0B}

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-05-24 19:02

    ==================== End of log ============================
     
  18. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2015
    Ran by GIINOVA at 2015-05-27 03:35:14
    Running from C:\Users\GIINOVA\Desktop\frst
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-12834325-137255723-1760620863-500 - Administrator - Disabled)
    GIINOVA (S-1-5-21-12834325-137255723-1760620863-1000 - Administrator - Enabled) => C:\Users\GIINOVA
    Guest (S-1-5-21-12834325-137255723-1760620863-501 - Limited - Enabled) => C:\Users\Guest

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Kaspersky PURE 3.0 (Disabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
    AS: Kaspersky PURE 3.0 (Disabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
    AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Kaspersky PURE 3.0 (Disabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKLM-x32\...\uTorrent) (Version: 1.8.5 - )
    µTorrent (HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
    Alice Greenfingers 1.00 (HKLM-x32\...\Alice Greenfingers 1.00) (Version: - )
    Alice Greenfingers 2 1.00 (HKLM-x32\...\Alice Greenfingers 2 1.00) (Version: - )
    Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version: - Rebellion)
    AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Battlefield 2142 Deluxe Edition (HKLM-x32\...\{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}) (Version: 1.5.1.0 - Electronic Arts)
    Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
    Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.0 - EA Digital Illusions CE AB)
    BitTorrent Sync (HKLM-x32\...\BitTorrent Sync) (Version: 1.4.110 - BitTorrent Inc.)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
    Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
    Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch (x32 Version: - ) Hidden
    Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
    Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (x32 Version: - ) Hidden
    Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
    Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
    Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
    Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
    Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
    Charles (HKLM-x32\...\Charles_XK72) (Version: - )
    Connectify (HKLM\...\Connectify) (Version: 9.2.2.33000 - Connectify)
    Content Manager Assistant for PlayStation(R) (HKLM-x32\...\{961D5D7E-3DEC-4E3B-9065-EA8074923B18}) (Version: 3.31.7643.1 - Sony Computer Entertainment Inc.)
    ControlConsole API version 2.60 (HKLM-x32\...\{E6C0F5ED-B5EA-451D-8CB1-57902AA188DE}_is1) (Version: 2.60 - Enstone)
    DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
    Data Recovery for iPhone (build 4.5.0) (HKLM-x32\...\Data Recovery for iPhone_is1) (Version: - )
    D-Link DWA-125 (HKLM-x32\...\{E45CACFE-0576-4375-A84F-C34B99A7B652}) (Version: - D-Link)
    Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{32136776-FE3F-453D-80DA-CDD993BDB2A3}) (Version: 11.1.20810.00 - Microsoft Corporation)
    Fallout (HKLM-x32\...\Steam App 38400) (Version: - Interplay Inc.)
    Far Cry 4 - Gold Edition version Far Cry 4 - Gold Edition (HKLM-x32\...\Far Cry 4 - Gold Edition_is1) (Version: Far Cry 4 - Gold Edition - )
    FileZilla Client 3.11.0.1 (HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\FileZilla Client) (Version: 3.11.0.1 - Tim Kosse)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    GTA Online - Recovery Tool (HKLM-x32\...\{98DEAB74-5359-489A-B954-EE178BFCC9CF}_is1) (Version: 3.54 - iMCS Productions)
    HARMONIQ PRO (HKLM\...\C-Media CM106 Like Sound Driver) (Version: - )
    HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
    iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
    iFree Skype Recorder 6.0.15 (HKLM-x32\...\iFree Skype Recorder) (Version: 6.0.15 - iFree Skype Recorder)
    ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
    Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
    Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
    iPhone Backup Extractor (HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\iPhone Backup Extractor) (Version: 5.6.1.272 - Reincubate Ltd)
    iPhone Backup Extractor version 4.0.0 (HKLM-x32\...\iPhone Backup Extractor_is1) (Version: 4.0.0 - )
    iRoot (HKLM-x32\...\{1295E43F-382A-4CB2-9E0F-079C0D7401BB}_is1) (Version: 1.8.2.13135 - 深圳信壹网络有限公司)
    iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
    Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
    Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
    Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
    Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
    Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    Medal of Honor Allied Assault Warchest (HKLM-x32\...\{D61BA037-2326-4CEF-B3AC-252046D0476A}) (Version: 1.11.0.2 - Electronic Arts)
    Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
    Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
    Newsbin for Astraweb (HKLM\...\Newsbin6) (Version: 6.53 - DJI Interprises, LLC)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
    NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
    Ooredoo 4G MyFi (HKLM-x32\...\Ooredoo 4G MyFi) (Version: 1.12.00.1182 - Huawei Technologies Co.,Ltd)
    Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)
    Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
    Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
    Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
    PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
    PBP Unpacker v0.94 (HKLM-x32\...\PBP Unpacker_is1) (Version: - pdc)
    PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
    Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
    Qcma (HKLM\...\Qcma) (Version: 0.3.9 - codestation)
    QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
    Raptr (HKLM-x32\...\Raptr) (Version: - )
    RT 7 Lite (64-Bit) (HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\RT 7 Lite x64) (Version: 1.7.0 - Rockers Team)
    RT 7 Lite x64 (Version: 1.7.0 - Rockers Team) Hidden
    RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
    SABnzbd 0.7.20 (HKLM-x32\...\SABnzbd) (Version: 0.7.20 - The SABnzbd Team)
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
    SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
    Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
    SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
    Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
    TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42849 - TeamViewer)
    Tenorshare iPhone Data Recovery (HKLM-x32\...\Tenorshare iPhone Data Recovery) (Version: - Tenorshare, Inc.)
    The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
    The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED)
    Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore)
    Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    Virtual Router v1.0 (HKLM-x32\...\{BE905C46-2B34-4D73-AEE1-769ED138E0FF}) (Version: 1.0 - Chris Pietschmann)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    VLC Streamer 4.99 (HKLM-x32\...\VLC Streamer_is1) (Version: - )
    Warface (HKLM-x32\...\Steam App 291480) (Version: - Crytek)
    Windows Driver Package - libusb-win32 PS Vita Type B (02/23/2013 1.2.6.0) (HKLM\...\E88FB411ED92EFDB9BF3A5F94548DA4956C0D97B) (Version: 02/23/2013 1.2.6.0 - libusb-win32)
    Windows Updates Downloader (HKLM-x32\...\Windows Updates Downloader) (Version: 2.50 Build 1002 - Supremus Corporation)
    WinRAR 5.11 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.1 - win.rar GmbH)
    Wondershare Dr.Fone for iOS(Build 5.5.5.4) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 5.5.5.4 - Wondershare Software Co.,Ltd.)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Restore Points =========================

    26-05-2015 02:14:04 Installed Oracle VM VirtualBox 4.3.10
    27-05-2015 02:36:52 ComboFix created restore point

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 05:34 - 2015-05-25 22:42 - 00000065 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {3798C331-FA3D-44AB-A79B-323BD3AE320D} - System32\Tasks\Opera scheduled Autoupdate 1409594811 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software)
    Task: {6D1FC673-C66F-48D3-A578-90C30B4F2066} - System32\Tasks\{E7BAF522-CD4B-4B5E-A6B9-8C4FC068CFA8} => C:\Users\GIINOVA\Desktop\alice greenfingers\game\AliceGreenfingers.exe [2007-11-09] ( )
    Task: {8964EFD0-1B44-4F0A-8483-5A681686C65A} - System32\Tasks\{40AB31DF-0835-49E2-A6FD-10F3FA0C003F} => C:\Program Files (x86)\iMCS Productions\GTA Online - Recovery Tool\GTA Online - Recovery Tool.exe [2015-03-26] (iMCS Productions)
    Task: {8FD1F917-0728-4B27-B1C1-36D35C40000B} - System32\Tasks\{FFA8CD6F-4DAC-4922-95BF-A4CB3A48342B} => pcalua.exe -a "C:\Users\GIINOVA\Downloads\lgs510 (1).exe" -d C:\Users\GIINOVA\Downloads
    Task: {9B5EC12C-A730-4CD7-8C15-943D1DC4E7BB} - System32\Tasks\{4FF191D2-FEE9-4911-A060-EE628CBAA533} => C:\Users\GIINOVA\Desktop\alice greenfingers\game\AliceGreenfingers.exe [2007-11-09] ( )
    Task: {E55E7395-96C4-4F20-AC57-A5424DC589A8} - System32\Tasks\{32A3CA15-14A8-431A-A33C-FFF300B32FF2} => C:\Program Files (x86)\iMCS Productions\GTA Online - Recovery Tool\GTA Online - Recovery Tool.exe [2015-03-26] (iMCS Productions)

    ==================== Loaded Modules (Whitelisted) ==============

    2015-05-20 19:58 - 2015-05-20 19:58 - 00479352 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
    2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-12-08 03:46 - 2014-10-15 22:44 - 00377080 _____ () C:\Program Files (x86)\Connectify\NativeLibrary.dll
    2014-12-08 03:46 - 2014-10-15 22:44 - 00713976 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
    2014-12-08 03:46 - 2014-10-15 22:44 - 03564280 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll
    2014-12-08 03:46 - 2014-10-15 22:44 - 00354040 _____ () C:\Program Files (x86)\Connectify\LibDispatch.dll
    2015-05-22 17:44 - 2015-05-22 17:44 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
    2015-05-20 19:58 - 2015-05-20 19:58 - 01576568 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libglesv2.dll
    2015-05-20 19:58 - 2015-05-20 19:58 - 00081016 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libegl.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\C95A9BD0.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\C95A9BD0.sys => ""="Driver"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-12834325-137255723-1760620863-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\GIINOVA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1

    ==================== MSCONFIG/TASK MANAGER Error getting ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Content Manager Assistant for PlayStation(R).lnk => C:\Windows\pss\Content Manager Assistant for PlayStation(R).lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Virtual Router Manager.lnk => C:\Windows\pss\Virtual Router Manager.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^GIINOVA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SABnzbd.lnk => C:\Windows\pss\SABnzbd.lnk.Startup
    MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    MSCONFIG\startupreg: CancelAutoPlay_UU => "C:\Program Files (x86)\Qtel 4G LTE_LTE\CancelAutoPlay_UU.exe" run
    MSCONFIG\startupreg: Cm106Sound => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
    MSCONFIG\startupreg: D-Link D-Link DWA-125 => C:\Program Files (x86)\D-Link\DWA-125 revA\AirNCFG.exe
    MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
    MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
    MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\Qtel 4G LTE_LTE\UIExec.exe"
    MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe"
    MSCONFIG\startupreg: winlog => C:\Users\GIINOVA\AppData\Roaming\winnlog\svchost.exe
    MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{AA5901B2-45ED-4006-B82A-167AB5CD3B24}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{9F4F5E40-83DA-4738-8FBD-31C5A8603C22}] => (Allow) C:\Program Files\Newsbin\newsbinpro64.exe
    FirewallRules: [{87B89F90-8BB5-4869-A1F7-37AB4D2D0804}] => (Allow) C:\Program Files\Newsbin\newsbinpro64.exe
    FirewallRules: [{B998F118-1B22-4386-A880-3765CB3D4315}] => (Allow) C:\Program Files\Newsbin\newsbinpro64.exe
    FirewallRules: [{2A933046-653D-4386-B135-766348E09978}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{23933ED7-7CB2-424B-89B4-74667159D976}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{6E4D4A94-B1D7-4C52-ACA7-AD2008548472}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{FB6EAD75-33E4-48C8-8BCF-70D73EB7AACC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{9F6154BB-EF96-4B40-81FB-3B73148C8601}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
    FirewallRules: [{06382C76-D9B0-4BE5-A010-41591D0E900E}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
    FirewallRules: [{95FE30BF-0D43-4612-A61E-0BFD337E0F7C}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
    FirewallRules: [{E8EC698F-AF51-44EE-80F6-CC26D05E46DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{0D6C4808-3B92-447D-9113-4C83A9538DB6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{466D4B08-EC16-4C42-885B-9844DD1F047A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{2E66D214-3AD5-484F-BC2F-94B7790487D5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{0A3CA08D-ED26-45BB-BB49-C5B9B67E2445}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
    FirewallRules: [{4FE3CCD1-2EE7-4D1B-B25F-595C1058068B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
    FirewallRules: [{4CB8E120-4969-4F31-BD31-B6F377A4AAF7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{E61B7617-393D-4289-8732-5790E31694AE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{7E42285A-C4F1-491B-89DF-C3CDECDF6B64}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{6365223C-CE49-4902-AFF5-DB122F94580D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{C11C02C3-542E-45C6-8239-AF38E2E3B092}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
    FirewallRules: [{866A5862-CDE1-48F9-B319-F4ACD0B54016}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
    FirewallRules: [{63CCED77-CBFF-4053-AAC1-C93C90A3D6FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
    FirewallRules: [{CEAC0F6D-C5AA-4AD9-9031-EDD57C372F6C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
    FirewallRules: [{FAA07291-3744-428F-BAFB-9E8FAB556209}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
    FirewallRules: [{9F9F62C0-B46A-446B-9FE9-3DE919C6EC72}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
    FirewallRules: [{D28B05AE-3D14-469B-9FDA-C7F5CF48E158}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
    FirewallRules: [{5F58C9D5-3C07-49D3-A733-B50F77EFC556}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
    FirewallRules: [{0564CB88-B2E5-478C-9F36-F8E5008C8874}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
    FirewallRules: [{5E6CA33E-4FB4-4486-ADBB-5A59DAA7A315}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
    FirewallRules: [{94A9EB74-9E39-46C9-8FD8-2E125C39057C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warface\live\nw.exe
    FirewallRules: [{85967F41-6EA9-48A8-B8A3-6720856A43A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warface\live\nw.exe
    FirewallRules: [{02872D28-544A-4FA3-802D-CB1E73C09198}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{0F225E39-18B5-422A-9515-6133F99407E3}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{D62A8D0C-E634-4C34-B706-A25887C55A2B}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{881C8D96-E8EA-43E5-8014-0C4863F3230F}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{5BFE45AC-0F16-4834-8482-E0B553B63C71}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{FF000D80-4E55-45A9-9EDB-0EC816F34741}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout\FalloutLauncher.exe
    FirewallRules: [{37A6827C-A4B3-449C-989B-1ED2C1D7229B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout\FalloutLauncher.exe
    FirewallRules: [{CBD726E8-D0D8-4CB5-9072-D51299F556B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
    FirewallRules: [{48AB1A9D-3D49-409D-A6B9-FF9D98433A34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
    FirewallRules: [{40ADB28F-1C27-4EFF-9A7D-B4D3672F3FDA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\KillingFloor\System\KillingFloor.exe
    FirewallRules: [{48AA5231-BE07-49C7-8C95-4FF60BA26E1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\KillingFloor\System\KillingFloor.exe
    FirewallRules: [{FD291F42-BB99-4BF9-9845-EA0EFA05A976}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
    FirewallRules: [{537BF8F7-DBD4-48E2-A1B3-A96255F6E1C2}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
    FirewallRules: [{405B33EB-51F9-4CA9-B2DF-B7445096ABE1}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
    FirewallRules: [{FA8C5FF3-BD1E-4136-9B84-6DD971A659A8}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
    FirewallRules: [{C6E14155-34AB-4DFF-A988-5F0C7275F5FC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
    FirewallRules: [{BF6A1B74-2145-40F1-81CE-B26615CFEFF8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
    FirewallRules: [{CA1F6F8C-108A-4258-8BD0-186AF51C8505}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{B63D36F3-DED3-4011-B1BE-7B1C0F06673C}] => (Allow) C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
    FirewallRules: [{CEB6A1A8-D1C7-4F4D-91E5-590379DC9C47}] => (Allow) C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
    FirewallRules: [{7D7F10DE-D4C6-4C01-9944-546ABDDD2E1A}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Allied Assault Warchest\MOHAA.exe
    FirewallRules: [{A4DFB9FD-70D6-4BE0-AD1E-36C7B36752AE}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Allied Assault Warchest\MOHAA.exe
    FirewallRules: [{2A7732E5-601E-41C2-9EE6-D2D0F8DCC10A}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
    FirewallRules: [{CB58E155-03E1-488B-BE8F-AC9AF9E5FF68}] => (Allow) C:\Users\GIINOVA\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{E18C1EAA-6DB6-416F-9C30-02CB1BE910D4}] => (Allow) C:\Users\GIINOVA\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{CF46D3C3-0257-45D6-A200-C6E755EB8BC1}] => (Allow) C:\Program Files (x86)\Connectify\Connectify.exe
    FirewallRules: [{F578B3A7-5057-4932-99C1-32145ECE04EF}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{C98615AE-DBA7-41B7-8A40-D02C1CFFD6F2}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{83EED189-F70A-4ADD-908F-4706E0658A13}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{F775A30C-D440-47DA-B56C-E4F9727E94A6}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{7370CFD5-74C8-4318-AB1C-98CFF85955CD}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{2788F96B-08B7-4320-954E-D16238060D5E}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{C1C2E715-1863-49B0-9456-35A986592906}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{D40878D8-4AD7-48FC-90C9-B78C69B26215}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{79209906-1127-4989-A875-E4A6286CE1A4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{7F63A6CB-2CDB-41DF-AF80-E202CACCD1C3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{8C58274F-87B5-44D0-A6D0-D9BBB17B684A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{FC5E5A12-FF23-4734-928F-45F01A1ECDC8}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{2B4BD600-89AF-4748-AC63-755625699E98}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{A1067D8E-DB8C-48B0-B294-074273EE1DF9}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{D9754805-0BCD-4642-96E6-D89B28662177}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{B8CA3E27-F911-40A4-B40C-32EED7EC7A5D}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{A662FDD9-7E87-4C4F-BBEB-A86238CC5529}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{65C08CFE-0A8B-414F-AD2B-1707A4731F33}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{304A0F28-B391-436B-A5C2-E7A9F92450C7}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{D588B145-6844-42FC-8F16-5651675B9383}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{500572CF-CCF9-4280-AC91-B68BC68859DD}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{A932955D-2706-4866-BBF9-D869A64474B3}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{331E8140-0947-46B0-88DD-421D32E2EBD7}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{695E38E4-EF20-4CBE-8437-BC44727AB7D6}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{7B2DA912-D94D-4911-B348-233640AF6401}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{5456CDC8-1437-43A7-9106-1336CD8EACB5}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{B0CE2148-D9A4-4B94-879F-4E5E3EFE4B2F}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{600DDE49-6E45-485D-99FA-FB5888320B34}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{3916055F-614B-421D-9D68-3C519746B31F}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{8316EE8E-A6C4-4C4D-9ECA-4CEAF4F3545B}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{C7262F66-DC7B-405A-AF6A-2FC01C488720}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{226EE2FC-09B9-4ABC-B5CC-C4E7558C65F7}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{E93BA4ED-74D9-4C25-820E-CE27FD82B85A}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{67AD726B-2E12-4C4E-8CA1-EB341FF9B249}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{EF7EA265-CB93-4DAA-BD52-B695953681DD}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{6A308CFF-9408-4D5C-BF67-53D5F067745B}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{F79FFE81-0528-4B66-8CE7-91FA7DDF2B07}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{5216ADB1-B204-435E-A55D-7C4AA52F4E7F}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{D43D5C31-A605-437A-B72A-267A63726087}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{4BB0B5E5-6D9A-4561-A524-8C6BB52EA38A}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{C3795A76-2BDB-4389-91EE-F1A389713164}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{A159B0C2-9A8D-4D4D-8AE4-8B9E550FADA5}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{76A7ECB0-6BDA-480E-BEA7-A34AB9D253EB}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{63EBBEAB-996F-4D42-85B2-4832D1DFA5C6}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{D708EAFA-9332-465B-91C3-979DC4A606CC}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
    FirewallRules: [{B605CA24-9088-490E-8AE5-31CC8E360C6F}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
    FirewallRules: [{157E6727-7360-426E-BFDC-DE59EDA420BF}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
     
  19. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    ==================== Faulty Device Manager Devices =============

    Name: Universal Serial Bus (USB) Controller
    Description: Universal Serial Bus (USB) Controller
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: SM Bus Controller
    Description: SM Bus Controller
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (05/26/2015 05:24:25 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    Error: (05/26/2015 07:45:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program chrome.exe version 43.0.2357.65 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: c34

    Start Time: 01d0972930a929cf

    Termination Time: 432

    Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    Report Id:

    Error: (05/25/2015 11:54:21 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    Error: (05/25/2015 02:32:22 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: irecorder.exe, version: 6.0.15.0, time stamp: 0x5481b126
    Faulting module name: irecorder.exe, version: 6.0.15.0, time stamp: 0x5481b126
    Exception code: 0xc0000005
    Fault offset: 0x0003254a
    Faulting process id: 0x11f8
    Faulting application start time: 0xirecorder.exe0
    Faulting application path: irecorder.exe1
    Faulting module path: irecorder.exe2
    Report Id: irecorder.exe3

    Error: (05/24/2015 10:56:53 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: TeamViewer.exe, version: 10.0.42849.0, time stamp: 0x555cc432
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc000041d
    Fault offset: 0x002e0ce2
    Faulting process id: 0x9fc
    Faulting application start time: 0xTeamViewer.exe0
    Faulting application path: TeamViewer.exe1
    Faulting module path: TeamViewer.exe2
    Report Id: TeamViewer.exe3

    Error: (05/24/2015 10:56:50 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: TeamViewer.exe, version: 10.0.42849.0, time stamp: 0x555cc432
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x002e0ce2
    Faulting process id: 0x9fc
    Faulting application start time: 0xTeamViewer.exe0
    Faulting application path: TeamViewer.exe1
    Faulting module path: TeamViewer.exe2
    Report Id: TeamViewer.exe3

    Error: (05/24/2015 00:01:07 AM) (Source: Sound Recorder) (EventID: 32767) (User: )
    Description: Unknown Error, 0x80004003

    Error: (05/24/2015 00:01:07 AM) (Source: Sound Recorder) (EventID: 32767) (User: )
    Description: Unknown Error, 0x80004003

    Error: (05/24/2015 00:01:07 AM) (Source: Sound Recorder) (EventID: 32767) (User: )
    Description: Unknown Error, 0x80004003

    Error: (05/24/2015 00:01:07 AM) (Source: Sound Recorder) (EventID: 32767) (User: )
    Description: Unknown Error, 0x80004003


    System errors:
    =============
    Error: (05/27/2015 02:45:58 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
    Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

    Error: (05/27/2015 02:43:21 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
    Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

    Error: (05/27/2015 00:51:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

    Error: (05/27/2015 00:51:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Connectify service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (05/27/2015 00:51:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The VirtualRouterService service terminated unexpectedly. It has done this 1 time(s).

    Error: (05/27/2015 00:51:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The SAMSUNG Mobile Connectivity Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (05/27/2015 00:51:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The SQL Server VSS Writer service terminated unexpectedly. It has done this 1 time(s).

    Error: (05/27/2015 00:51:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).

    Error: (05/27/2015 00:51:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Intel(R) PROSet Monitoring Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (05/27/2015 00:51:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The HWDeviceService64.exe service terminated unexpectedly. It has done this 1 time(s).


    Microsoft Office:
    =========================

    CodeIntegrity Errors:
    ===================================
    Date: 2015-05-26 16:56:10.808
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-26 16:56:10.807
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-26 16:56:10.805
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-26 16:56:10.793
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-26 16:56:10.792
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-26 16:56:10.791
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-26 16:56:10.761
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-26 16:56:10.760
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-26 16:56:10.758
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-05-25 16:52:41.669
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
    Percentage of memory in use: 33%
    Total physical RAM: 8158.24 MB
    Available physical RAM: 5420.31 MB
    Total Pagefile: 16314.66 MB
    Available Pagefile: 13591.35 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:931.41 GB) (Free:28.28 GB) NTFS
    Drive d: (New Volume) (Fixed) (Total:1667.7 GB) (Free:7.92 GB) NTFS
    Drive e: (Backups) (Fixed) (Total:1863.01 GB) (Free:34.39 GB) NTFS
    Drive f: (external disk) (Fixed) (Total:931.51 GB) (Free:10.13 GB) NTFS
    Drive g: () (Fixed) (Total:195.31 GB) (Free:6.04 GB) NTFS
    Drive h: ( ) (CDROM) (Total:1.11 GB) (Free:0 GB) UDF

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 14F582E0)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 12E8059A)
    Partition 1: (Not Active) - (Size=1667.7 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E8CD06D6)
    Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 34C5BCEB)
    Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ==================== End of log ============================
     
  20. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
     

    Attached Files:

    Nova94 likes this.
  21. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    Fix result of Farbar Recovery Scan Tool (x64) Version: 25-05-2015
    Ran by GIINOVA at 2015-05-27 06:00:29 Run:2
    Running from C:\Users\GIINOVA\Desktop\frst
    Loaded Profiles: GIINOVA (Available Profiles: GIINOVA & Guest)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-12834325-137255723-1760620863-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    FF Extension: No Name - C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [not found]
    FF Extension: No Name - C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [not found]
    FF Extension: No Name - C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [not found]
    FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 massfilter_lte; system32\DRIVERS\massfilter_LTE.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    S3 zgdcat; system32\DRIVERS\zgdcat.sys [X]
    S3 zgdcdiag; system32\DRIVERS\zgdcdiag.sys [X]
    S3 zgdcmdm; system32\DRIVERS\zgdcmdm.sys [X]
    S3 zgdcnet; system32\DRIVERS\zgdcnet.sys [X]
    S3 zgdcnmea; system32\DRIVERS\zgdcnmea.sys [X]
    2014-12-17 20:57 - 2014-12-17 21:00 - 0000600 _____ () C:\Users\GIINOVA\AppData\Local\PUTTY.RND
    2014-12-26 01:52 - 2015-05-25 16:15 - 0007605 _____ () C:\Users\GIINOVA\AppData\Local\resmon.resmoncfg
    2015-05-21 01:23 - 2015-05-21 01:23 - 0000000 _____ () C:\Users\GIINOVA\AppData\Local\{9E4A9185-F523-40D7-87D1-407804A5CE0B}

    *****************

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
    HKU\S-1-5-21-12834325-137255723-1760620863-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
    C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi not found.
    C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi not found.
    C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi not found.
    C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
    catchme => Service not found.
    massfilter_lte => Service not found.
    Synth3dVsc => Service not found.
    tsusbhub => Service not found.
    VGPU => Service not found.
    zgdcat => Service not found.
    zgdcdiag => Service not found.
    zgdcmdm => Service not found.
    zgdcnet => Service not found.
    zgdcnmea => Service not found.
    "C:\Users\GIINOVA\AppData\Local\PUTTY.RND" => File/Folder not found.
    "C:\Users\GIINOVA\AppData\Local\resmon.resmoncfg" => File/Folder not found.
    "C:\Users\GIINOVA\AppData\Local\{9E4A9185-F523-40D7-87D1-407804A5CE0B}" => File/Folder not found.

    ==== End of Fixlog 06:00:29 ====
     
  22. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Last scans...

    [​IMG] Download Security Check from here or here and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
    NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
    NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
    NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


    [​IMG] Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
    • Make sure the following options are checked:
      • Internet Services
      • Windows Firewall
      • System Restore
      • Security Center
      • Windows Update
      • Windows Defender
      • Other Services
    • Press "Scan".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.

    [​IMG] Download Temp File Cleaner (TFC)
    Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.

    [​IMG] Download Sophos Free Virus Removal Tool and save it to your desktop.
    • Double click the icon and select Run
    • Click Next
    • Select I accept the terms in this license agreement, then click Next twice
    • Click Install
    • Click Finish to launch the program
    • Once the virus database has been updated click Start Scanning
    • If any threats are found click Details, then View log file... (bottom left hand corner)
    • Copy and paste the results in your reply
    • Close the Notepad document, close the Threat Details screen, then click Start cleanup
    • Click Exit to close the program
     
    Nova94 likes this.
  23. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    Results of screen317's Security Check version 1.002
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Disabled!
    Kaspersky PURE 3.0
    Antivirus up to date! (On Access scanning disabled!)
    `````````Anti-malware/Other Utilities Check:`````````
    Java 8 Update 25
    Java version 32-bit out of Date!
    Google Chrome (43.0.2357.65)
    Google Chrome (43.0.2357.81)
    ````````Process Check: objlist.exe by Laurent````````
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: 7%
    ````````````````````End of Log``````````````````````
     
  24. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    Farbar Service Scanner Version: 17-01-2015
    Ran by GIINOVA (administrator) on 27-05-2015 at 06:30:32
    Running from "C:\Users\GIINOVA\Downloads"
    Microsoft Windows 7 Ultimate Service Pack 1 (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall"=DWORD:0


    System Restore:
    ============

    System Restore Policy:
    ========================


    Action Center:
    ============


    Windows Update:
    ============

    Windows Autoupdate Disabled Policy:
    ============================


    Windows Defender:
    ==============

    Other Services:
    ==============


    File Check:
    ========
    C:\Windows\System32\nsisvc.dll => File is digitally signed
    C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
    C:\Windows\System32\dhcpcore.dll => File is digitally signed
    C:\Windows\System32\drivers\afd.sys => File is digitally signed
    C:\Windows\System32\drivers\tdx.sys => File is digitally signed
    C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
    C:\Windows\System32\dnsrslvr.dll => File is digitally signed
    C:\Windows\System32\mpssvc.dll => File is digitally signed
    C:\Windows\System32\bfe.dll => File is digitally signed
    C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
    C:\Windows\System32\SDRSVC.dll => File is digitally signed
    C:\Windows\System32\vssvc.exe => File is digitally signed
    C:\Windows\System32\wscsvc.dll => File is digitally signed
    C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
    C:\Windows\System32\wuaueng.dll => File is digitally signed
    C:\Windows\System32\qmgr.dll => File is digitally signed
    C:\Windows\System32\es.dll => File is digitally signed
    C:\Windows\System32\cryptsvc.dll => File is digitally signed
    C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
    C:\Windows\System32\ipnathlp.dll => File is digitally signed
    C:\Windows\System32\iphlpsvc.dll => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed


    **** End of log ****
     
  25. Nova94

    Nova94 TS Rookie Topic Starter Posts: 22

    2015-05-27 03:48:21.972 Sophos Virus Removal Tool version 2.5.4
    2015-05-27 03:48:21.972 Copyright (c) 2009-2014 Sophos Limited. All rights reserved.

    2015-05-27 03:48:21.972 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

    2015-05-27 03:48:21.972 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x100 PT=0x1 WOW64
    2015-05-27 03:48:21.972 Checking for updates...
    2015-05-27 03:48:25.601 Update progress: proxy server not available
    2015-05-27 03:48:27.778 Option all = no
    2015-05-27 03:48:27.778 Option recurse = yes
    2015-05-27 03:48:27.778 Option archive = no
    2015-05-27 03:48:27.778 Option service = yes
    2015-05-27 03:48:27.778 Option confirm = yes
    2015-05-27 03:48:27.778 Option sxl = yes
    2015-05-27 03:48:27.779 Option max-data-age = 35
    2015-05-27 03:48:27.779 Option EnableSafeClean = yes
    2015-05-27 03:48:29.073 Option vdl-logging = yes
    2015-05-27 03:48:29.077 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
    2015-05-27 03:48:29.077 Machine ID: 20da9f9a2e9242debdfe32d67dbcb8b6
    2015-05-27 03:48:29.077 Component SVRTcli.exe version 2.5.4
    2015-05-27 03:48:29.078 Component control.dll version 2.5.4
    2015-05-27 03:48:29.078 Component SVRTservice.exe version 2.5.4
    2015-05-27 03:48:29.078 Component engine\osdp.dll version 1.44.1.2200
    2015-05-27 03:48:29.078 Component engine\veex.dll version 3.60.0.2200
    2015-05-27 03:48:29.078 Component engine\savi.dll version 8.1.7.2200
    2015-05-27 03:48:29.078 Component rkdisk.dll version 1.5.30.0
    2015-05-27 03:48:29.078 Version info: Product version 2.5.4
    2015-05-27 03:48:29.079 Version info: Detection engine 3.60.0
    2015-05-27 03:48:29.079 Version info: Detection data 5.14
    2015-05-27 03:48:29.079 Version info: Build date 4/28/2015
    2015-05-27 03:48:29.079 Version info: Data files added 341
    2015-05-27 03:48:29.079 Version info: Last successful update (not yet updated)
    2015-05-27 03:50:01.327 Downloading updates...
    2015-05-27 03:50:01.327 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0
    2015-05-27 03:50:01.327 Update progress: [I49502] Found supplement SAVIW32 LATEST
    2015-05-27 03:50:01.327 Update progress: [I49502] Found supplement IDE515 LATEST
    2015-05-27 03:50:01.327 Update progress: [I49502] Found supplement IDE516 LATEST
    2015-05-27 03:50:01.328 Update progress: [I49502] Found supplement IDE517 LATEST
    2015-05-27 03:50:01.328 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
    2015-05-27 03:50:01.328 Update progress: [I19463] Syncing product SAVIW32 54
    2015-05-27 03:50:04.670 Update progress: [I19463] Syncing product IDE515 171
    2015-05-27 03:50:06.271 Installing updates...
    2015-05-27 03:50:06.872 Error level 1
    2015-05-27 03:50:06.884 Update progress: [I19463] Syncing product IDE516 174
    2015-05-27 03:50:06.884 Update progress: [I19463] Syncing product IDE517 1
    2015-05-27 03:50:22.035 Update successful
    2015-05-27 03:50:37.737 Option all = no
    2015-05-27 03:50:37.737 Option recurse = yes
    2015-05-27 03:50:37.737 Option archive = no
    2015-05-27 03:50:37.737 Option service = yes
    2015-05-27 03:50:37.737 Option confirm = yes
    2015-05-27 03:50:37.737 Option sxl = yes
    2015-05-27 03:50:37.738 Option max-data-age = 35
    2015-05-27 03:50:37.738 Option EnableSafeClean = yes
    2015-05-27 03:50:37.772 Option vdl-logging = yes
    2015-05-27 03:50:37.775 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
    2015-05-27 03:50:37.775 Machine ID: 20da9f9a2e9242debdfe32d67dbcb8b6
    2015-05-27 03:50:37.775 Component SVRTcli.exe version 2.5.4
    2015-05-27 03:50:37.775 Component control.dll version 2.5.4
    2015-05-27 03:50:37.776 Component SVRTservice.exe version 2.5.4
    2015-05-27 03:50:37.776 Component engine\osdp.dll version 1.44.1.2200
    2015-05-27 03:50:37.776 Component engine\veex.dll version 3.60.0.2200
    2015-05-27 03:50:37.776 Component engine\savi.dll version 8.1.7.2200
    2015-05-27 03:50:37.776 Component rkdisk.dll version 1.5.30.0
    2015-05-27 03:50:37.776 Version info: Product version 2.5.4
    2015-05-27 03:50:37.777 Version info: Detection engine 3.60.0
    2015-05-27 03:50:37.777 Version info: Detection data 5.14G
    2015-05-27 03:50:37.777 Version info: Build date 4/28/2015
    2015-05-27 03:50:37.777 Version info: Data files added 341
    2015-05-27 03:50:37.777 Version info: Last successful update 5/27/2015 6:50:22 AM

    2015-05-27 04:00:02.113 Could not open C:\hiberfil.sys
    2015-05-27 04:00:02.962 Could not open C:\pagefile.sys
    2015-05-27 04:10:01.356 >>> Virus 'Mal/Generic-S' found in file C:\Program Files (x86)\R.G. Freedom\Far Cry 4 - Gold Edition\bin\FC4Launcher.exe
    2015-05-27 04:10:01.356 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-12834325-137255723-1760620863-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
    2015-05-27 04:10:01.356 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-12834325-137255723-1760620863-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
    2015-05-27 04:10:01.356 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
    2015-05-27 04:14:24.600 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
    2015-05-27 04:14:24.600 Could not open C:\System Volume Information\{495b9758-03f0-11e5-a029-08002700a80a}{3808876b-c176-4e48-b7ae-04046e6cc752}
    2015-05-27 04:32:17.442 Could not check C:\Users\GIINOVA\AppData\Roaming\Opera Software\Opera Stable\Extension Rules\LOCK (virus scan failed)
    2015-05-27 04:32:17.447 Could not check C:\Users\GIINOVA\AppData\Roaming\Opera Software\Opera Stable\Extension State\LOCK (virus scan failed)
    2015-05-27 04:32:17.510 Could not check C:\Users\GIINOVA\AppData\Roaming\Opera Software\Opera Stable\File System\Origins\LOCK (virus scan failed)
    2015-05-27 04:32:17.925 Could not check C:\Users\GIINOVA\AppData\Roaming\Opera Software\Opera Stable\Sync Extension Settings\knohfebhibeknbfioecpdmdkjkjdnjnl\LOCK (virus scan failed)
    2015-05-27 04:46:32.012 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
    2015-05-27 04:46:32.013 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
    2015-05-27 04:46:33.819 Could not open C:\Windows\System32\config\RegBack\DEFAULT
    2015-05-27 04:46:33.833 Could not open C:\Windows\System32\config\RegBack\SAM
    2015-05-27 04:46:33.834 Could not open C:\Windows\System32\config\RegBack\SECURITY
    2015-05-27 04:46:33.835 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
    2015-05-27 04:46:33.836 Could not open C:\Windows\System32\config\RegBack\SYSTEM
    2015-05-27 05:24:35.775 >>> Virus 'Mal/Zbot-DY' found in file E:\seagate 500gb portable disk backup\Local Disk I\backup\Backup from turkish laptop hardrive 320 gb\local disk backup 074307092012\Backup\files from root of c drive\sn0wbreeze\itunnel.exe
    2015-05-27 05:24:35.775 >>> Virus 'Mal/Zbot-DY' found in file HKU\S-1-5-21-12834325-137255723-1760620863-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
    2015-05-27 05:24:35.775 >>> Virus 'Mal/Zbot-DY' found in file HKU\S-1-5-21-12834325-137255723-1760620863-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
    2015-05-27 05:24:35.775 >>> Virus 'Mal/Zbot-DY' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
    2015-05-27 05:44:37.908 >>> Virus 'Troj/Sirefef-T' found in file F:\New folder\New folder\1 NTFS\LostFiles2\Downloads\EFLC 64-bit FIX\LaunchEFLC.exe
    2015-05-27 05:44:37.908 >>> Virus 'Troj/Sirefef-T' found in file HKU\S-1-5-21-12834325-137255723-1760620863-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
    2015-05-27 05:44:37.909 >>> Virus 'Troj/Sirefef-T' found in file HKU\S-1-5-21-12834325-137255723-1760620863-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
    2015-05-27 05:44:37.909 >>> Virus 'Troj/Sirefef-T' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
    2015-05-27 05:46:37.815 >>> Virus 'Troj/Sirefef-T' found in file F:\New folder\New folder\1 NTFS\LostFiles2\New folder (3)\Downloads\EFLC 64-bit FIX\LaunchEFLC.exe
    2015-05-27 05:46:37.815 >>> Virus 'Troj/Sirefef-T' found in file HKU\S-1-5-21-12834325-137255723-1760620863-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
    2015-05-27 05:46:37.816 >>> Virus 'Troj/Sirefef-T' found in file HKU\S-1-5-21-12834325-137255723-1760620863-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
    2015-05-27 05:46:37.816 >>> Virus 'Troj/Sirefef-T' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
    2015-05-27 05:50:02.498 The following items will be cleaned up:
    2015-05-27 05:50:02.498 Mal/Generic-S
    2015-05-27 05:50:02.498 Mal/Zbot-DY
    2015-05-27 05:50:02.498 Troj/Sirefef-T
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...