Jump to content

Eutropios

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral
  1. FRST: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015Ran by MoatazM (administrator) on MOATAZ on 20-03-2015 10:06:29Running from C:\Users\MoatazM\DesktopLoaded Profiles: MoatazM & (Available profiles: MoatazM)Platform: Windows 8.1 Pro (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: FF)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe(AMD) C:\Windows\System32\atieclxx.exe(Intel Corporation) C:\Windows\System32\igfxCUIService.exe(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(Intel Corporation) C:\Windows\System32\igfxEM.exe(Intel Corporation) C:\Windows\System32\igfxHK.exe(Intel Corporation) C:\Windows\System32\igfxTray.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.0.17\Lightshot.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(www.BitComet.com) C:\Program Files\BitComet\BitComet.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(www.BitComet.com) C:\Program Files\BitComet\tools\BitCometService.exe(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Farbar) C:\Users\MoatazM\Desktop\FRST64 (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-20] (IDT, Inc.)HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-05] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)HKLM-x32\...\Run: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [847576 2015-02-03] (BlueStack Systems, Inc.)HKLM-x32\...\Run: [AntiLogger] => C:\Program Files (x86)\AntiLogger\AntiLogger.exe [14679464 2014-12-30] (Zemana Ltd.)HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [509216 2015-02-16] (QFX Software Corporation)HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\Run: [iDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3886672 2015-01-15] (Tonec Inc.)HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3730192 2014-12-09] (Disc Soft Ltd)HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\Run: [MurGee.com Auto Clicker] => C:\Users\MoatazM\AppData\Local\Auto Clicker\AutoClicker.exe [108048 2015-01-04] (MurGee.com)HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\Run: [CMD] => cmd.exe /c start http://zenigameblinger.org&& exit <===== ATTENTION HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\MountPoints2: {262e6541-a5d7-11e4-8253-7446a079f191} - "K:\setup.exe" HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\MountPoints2: {27f06a2e-9d6b-11e4-8251-7446a079f191} - "G:\autorun.exe" HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\MountPoints2: {27f06a53-9d6b-11e4-8251-7446a079f191} - "H:\autorun.exe" HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\MountPoints2: {296c3f18-9c32-11e4-824f-7446a079f191} - "D:\Launch.exe" HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\MountPoints2: {296c3f68-9c32-11e4-824f-7446a079f191} - "F:\autorun.exe" HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\MountPoints2: {c34de7a4-a284-11e4-8252-7446a079f191} - "J:\setup.exe" HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\MountPoints2: {f4b50d9e-aa03-11e4-8254-7446a079f191} - "L:\setup.exe" HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\MountPoints2: {fb1f1f62-9ff3-11e4-8251-7446a079f191} - "I:\setup.exe" HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3886672 2015-01-15] (Tonec Inc.)HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3730192 2014-12-09] (Disc Soft Ltd)HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [MurGee.com Auto Clicker] => C:\Users\MoatazM\AppData\Local\Auto Clicker\AutoClicker.exe [108048 2015-01-04] (MurGee.com)HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CMD] => cmd.exe /c start http://zenigameblinger.org&& exit <===== ATTENTION HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {262e6541-a5d7-11e4-8253-7446a079f191} - "K:\setup.exe" HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {27f06a2e-9d6b-11e4-8251-7446a079f191} - "G:\autorun.exe" HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {27f06a53-9d6b-11e4-8251-7446a079f191} - "H:\autorun.exe" HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {296c3f18-9c32-11e4-824f-7446a079f191} - "D:\Launch.exe" HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {296c3f68-9c32-11e4-824f-7446a079f191} - "F:\autorun.exe" HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {c34de7a4-a284-11e4-8252-7446a079f191} - "J:\setup.exe" HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f4b50d9e-aa03-11e4-8254-7446a079f191} - "L:\setup.exe" HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {fb1f1f62-9ff3-11e4-8251-7446a079f191} - "I:\setup.exe" AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [94664 2014-12-30] (Zemana Ltd.)AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [86400 2014-12-30] (Zemana Ltd.)Startup: C:\Users\MoatazM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnkShortcutTarget: GameRanger.lnk -> C:\Users\MoatazM\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies)ShellIconOverlayIdentifiers: [baiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll No FileShellIconOverlayIdentifiers: [iDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: [s-1-5-21-3020525582-1626846548-3339513900-1001] => http=127.0.0.1:8080ProxyServer: [s-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => http=127.0.0.1:8080HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.comHKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.comHKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comHKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.comHKU\S-1-5-21-3020525582-1626846548-3339513900-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ar-sa/?ocid=iehpHKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ar-sa/?ocid=iehpSearchScopes: HKU\S-1-5-21-3020525582-1626846548-3339513900-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-3020525582-1626846548-3339513900-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=ST750LM022XHN-M750MBB_S2SUJ9FD108001&ts=1421810276&type=default&q={searchTerms}SearchScopes: HKU\S-1-5-21-3020525582-1626846548-3339513900-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=ST750LM022XHN-M750MBB_S2SUJ9FD108001&ts=1421810276&type=default&q={searchTerms}SearchScopes: HKU\S-1-5-21-3020525582-1626846548-3339513900-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=ST750LM022XHN-M750MBB_S2SUJ9FD108001&ts=1421810276&type=default&q={searchTerms}SearchScopes: HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=ST750LM022XHN-M750MBB_S2SUJ9FD108001&ts=1421810276&type=default&q={searchTerms}SearchScopes: HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=ST750LM022XHN-M750MBB_S2SUJ9FD108001&ts=1421810276&type=default&q={searchTerms}SearchScopes: HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=ST750LM022XHN-M750MBB_S2SUJ9FD108001&ts=1421810276&type=default&q={searchTerms}BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2014-12-05] (Internet Download Manager, Tonec Inc.)BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2014-12-05] (Internet Download Manager, Tonec Inc.)BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-28] (Oracle Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-28] (Oracle Corporation)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 192.168.1.1StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox:========FF ProfilePath: C:\Users\MoatazM\AppData\Roaming\Mozilla\Firefox\Profiles\mtb0gmtn.defaultFF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-28] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-28] (Oracle Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)FF Plugin-x32: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll [2008-07-09] (BYOND)FF Plugin HKU\S-1-5-21-3020525582-1626846548-3339513900-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MoatazM\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-18] (Unity Technologies ApS)FF Plugin HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MoatazM\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-18] (Unity Technologies ApS)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbyond.dll [2008-07-09] (BYOND)FF Extension: Reddit Enhancement Suite - C:\Users\MoatazM\AppData\Roaming\Mozilla\Firefox\Profiles\mtb0gmtn.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2015-01-24]FF Extension: Bluhell Firewall - C:\Users\MoatazM\AppData\Roaming\Mozilla\Firefox\Profiles\mtb0gmtn.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2015-01-24]FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-02-14]FF HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\MoatazM\AppData\Roaming\IDM\idmmzcc5FF Extension: IDM CC - C:\Users\MoatazM\AppData\Roaming\IDM\idmmzcc5 [2015-01-15]FF HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\MoatazM\AppData\Roaming\IDM\idmmzcc5FF HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\MoatazM\AppData\Roaming\IDM\idmmzcc5FF HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\MoatazM\AppData\Roaming\IDM\idmmzcc5 Chrome: =======CHR HomePage: Default -> ?type=hpppCHR StartupUrls: Default -> "?type=hppp"CHR DefaultSearchKeyword: Default -> CHR DefaultSearchURL: Default -> web/?type=dspp&q={searchTerms}CHR Profile: C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-14]CHR Extension: (Google Docs) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-14]CHR Extension: (Google Drive) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-14]CHR Extension: (YouTube) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-14]CHR Extension: (Adblock Plus) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-14]CHR Extension: (Google Search) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-14]CHR Extension: (Tampermonkey) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-03-19]CHR Extension: (Google Sheets) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-14]CHR Extension: (Hola Better Internet) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-01-18]CHR Extension: (IDM Integration Module) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2015-01-15]CHR Extension: (Grammarly Spell Checker & Grammar Checker) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2015-02-09]CHR Extension: (Reddit Enhancement Suite) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-01-14]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]CHR Extension: (Google Dictionary (by Google)) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2015-01-17]CHR Extension: (Ghostery) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-01-15]CHR Extension: (Google Wallet) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-14]CHR Extension: (Gmail) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-14]CHR Extension: (Google Similar Pages) - C:\Users\MoatazM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjnfggphgdjblhfjaphkjhfpiiekbbej [2015-02-19]CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-12-07]CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-12-07] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2015-02-03] (BlueStack Systems, Inc.)R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-02-03] (BlueStack Systems, Inc.)R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [794328 2015-02-03] (BlueStack Systems, Inc.)S3 Disc Soft Ultra Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [1378576 2014-12-09] (Disc Soft Ltd)S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174624 2015-01-24] (EasyAntiCheat Ltd)R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-13] (Hi-Rez Studios) [File not signed]R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [925480 2015-02-13] (AnchorFree Inc.)S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2015-02-13] ()R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [558376 2015-02-13] ()R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-02] (Intel Corporation)R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-12] () [File not signed]S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2015-01-17] (Tunngle.net GmbH)R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [335360 2014-12-08] (Company) [File not signed]S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-22] (Advanced Micro Devices, Inc.)R1 AntiLog32; C:\Windows\system32\drivers\AntiLog64.sys [49752 2015-03-02] (Zemana Ltd.)R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2015-02-03] (BlueStack Systems)R3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30352 2015-01-15] (Disc Soft Ltd)R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-01-20] (LogMeIn Inc.)R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [76520 2014-12-30] (Zemana Ltd.)R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [223696 2015-02-07] (QFX Software Corporation)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-20] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-20 10:06 - 2015-03-20 10:07 - 00026966 _____ () C:\Users\MoatazM\Desktop\FRST.txt2015-03-20 10:06 - 2015-03-20 10:06 - 02095616 _____ (Farbar) C:\Users\MoatazM\Downloads\FRST64 (1).exe2015-03-20 10:06 - 2015-03-20 10:06 - 02095616 _____ (Farbar) C:\Users\MoatazM\Desktop\FRST64 (1).exe2015-03-20 10:06 - 2015-03-20 10:06 - 00000000 ____D () C:\FRST2015-03-20 10:05 - 2015-03-20 10:05 - 02095616 _____ (Farbar) C:\Users\MoatazM\Downloads\FRST64.exe2015-03-20 09:54 - 2015-03-20 09:54 - 00119273 _____ () C:\Users\MoatazM\Downloads\[kickass.to]monty.python.and.the.holy.grail.1974.720p.brrip.x264.x0r.torrent2015-03-19 18:38 - 2015-03-19 18:51 - 00000000 ____D () C:\Users\MoatazM\.VirtualBox2015-03-19 18:09 - 2015-03-19 18:37 - 4214226944 _____ () C:\Users\MoatazM\Downloads\Windows10_TechnicalPreview_x64_EN-US_9926.iso2015-03-19 18:08 - 2015-03-19 18:08 - 00001092 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk2015-03-19 18:08 - 2015-03-19 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox2015-03-19 18:08 - 2015-03-16 17:36 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys2015-03-19 18:07 - 2015-03-19 18:07 - 00000000 ____D () C:\Program Files\Oracle2015-03-19 18:07 - 2015-03-16 17:35 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys2015-03-19 18:05 - 2015-03-19 18:06 - 111145672 _____ (Oracle Corporation) C:\Users\MoatazM\Downloads\VirtualBox-4.3.26-98988-Win.exe2015-03-19 16:27 - 2015-03-19 16:27 - 00023795 _____ () C:\Users\MoatazM\Downloads\[kickass.to]interstellar.2014.1080p.brrip.x264.yify.torrent2015-03-19 15:46 - 2015-03-19 15:46 - 00061493 _____ () C:\Users\MoatazM\Downloads\interstellar_HI_english-1080820.zip2015-03-19 15:46 - 2015-03-16 13:50 - 00167644 _____ () C:\Users\MoatazM\Documents\Interstellar.2014.1080p.BluRay.x264.YIFY.CHI.srt2015-03-19 01:07 - 2015-03-19 01:07 - 00000000 ____D () C:\Users\MoatazM\AppData\Local\Supraball_Launcher2015-03-18 23:58 - 2015-03-18 23:58 - 00001926 _____ () C:\Users\MoatazM\Desktop\Supraball.lnk2015-03-18 23:58 - 2015-03-18 23:58 - 00000000 ____D () C:\Users\MoatazM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Supraball2015-03-18 23:56 - 2015-03-18 23:57 - 00000000 ____D () C:\Program Files (x86)\Supraball2015-03-18 22:08 - 2015-03-18 22:08 - 00000000 ____D () C:\Users\MoatazM\Documents\Reus2015-03-18 22:06 - 2015-03-18 22:06 - 00001148 _____ () C:\Users\MoatazM\Desktop\Reus.lnk2015-03-18 22:06 - 2015-03-18 22:06 - 00000000 ____D () C:\Users\MoatazM\AppData\Roaming\Reus2015-03-18 22:00 - 2015-03-18 22:00 - 00012535 _____ () C:\Users\MoatazM\Downloads\[kickass.to]reus.r.g.mechanics.torrent2015-03-18 21:24 - 2015-03-18 21:24 - 00033752 _____ () C:\Users\MoatazM\Downloads\[kickass.to]ryse.son.of.rome.codex.torrent2015-03-18 21:23 - 2015-03-18 21:23 - 00000000 ____D () C:\Windows\Sun2015-03-18 21:23 - 2015-03-18 21:23 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab2015-03-18 21:23 - 2015-03-18 21:23 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab2015-03-18 14:59 - 2015-03-18 14:59 - 00065947 _____ () C:\Users\MoatazM\Downloads\this-is-the-end_HI_english-785783.zip2015-03-18 00:13 - 2015-03-18 00:13 - 00018896 _____ () C:\Users\MoatazM\Downloads\[kickass.to]dune.torrent2015-03-16 20:03 - 2015-03-16 20:03 - 00000000 ____D () C:\ProgramData\Riot Games2015-03-16 17:35 - 2015-03-16 17:35 - 00204264 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll2015-03-16 17:35 - 2015-03-16 17:35 - 00156360 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys2015-03-16 17:35 - 2015-03-16 17:35 - 00141440 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys2015-03-16 15:28 - 2015-03-16 15:28 - 00001625 _____ () C:\Users\Public\Desktop\League of Legends.lnk2015-03-16 15:28 - 2015-03-16 15:28 - 00000000 ____D () C:\Riot Games2015-03-16 15:28 - 2015-03-16 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends2015-03-16 15:28 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll2015-03-16 15:28 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll2015-03-16 15:28 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll2015-03-16 15:14 - 2015-03-16 15:40 - 00000000 ____D () C:\Users\MoatazM\AppData\Roaming\Riot Games2015-03-16 15:13 - 2015-03-16 15:14 - 30668968 _____ (Riot Games) C:\Users\MoatazM\Downloads\LeagueofLegends_EUW_Installer_9_15_2014 (1).exe2015-03-16 15:11 - 2015-03-16 15:20 - 30668968 _____ (Riot Games) C:\Users\MoatazM\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe2015-03-15 23:44 - 2015-03-15 23:45 - 01681145 _____ () C:\Users\MoatazM\Downloads\smart_ai_v2.zip2015-03-14 11:55 - 2015-03-14 11:55 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT2015-03-14 11:55 - 2015-03-14 11:55 - 00000003 _____ () C:\Windows\system32\HRUPPROG.EXIT2015-03-13 20:15 - 2015-03-13 20:16 - 02374700 _____ () C:\Users\MoatazM\Downloads\Events and Decisions.7z2015-03-13 20:06 - 2015-03-13 20:06 - 00104925 _____ () C:\Users\MoatazM\Downloads\dawn-of-the-planet-of-the-apes_arabic-1013080 (1).zip2015-03-13 19:46 - 2015-03-13 19:46 - 00104925 _____ () C:\Users\MoatazM\Downloads\dawn-of-the-planet-of-the-apes_arabic-1013080.zip2015-03-13 19:46 - 2014-11-15 23:17 - 00052479 ____N () C:\Users\MoatazM\Documents\Dawn of the Planet of the Apes 2014.srt2015-03-13 10:52 - 2015-03-13 10:52 - 00012279 _____ () C:\Users\MoatazM\Downloads\[kickass.to]gladiator.2000.720p.brrip.x264.yify.torrent2015-03-13 00:34 - 2015-03-13 00:34 - 00078503 _____ () C:\Users\MoatazM\Downloads\exodus-gods-and-kings_HI_arabic-1077292.zip2015-03-13 00:34 - 2015-03-13 00:34 - 00078503 _____ () C:\Users\MoatazM\Downloads\exodus-gods-and-kings_HI_arabic-1077292 (1).zip2015-03-13 00:14 - 2015-03-13 00:14 - 00010471 _____ () C:\Users\MoatazM\Downloads\[kickass.to]exodus.gods.and.kings.2014.720p.brrip.x264.yify.torrent2015-03-12 23:55 - 2015-03-12 23:55 - 00021504 ___SH () C:\Users\MoatazM\Downloads\Thumbs.db2015-03-11 22:06 - 2015-03-11 23:04 - 00000000 ____D () C:\Users\MoatazM\AppData\Roaming\Golly2015-03-11 22:06 - 2015-03-11 22:06 - 03908481 _____ () C:\Users\MoatazM\Downloads\golly-2.6-win.zip2015-03-11 21:43 - 2015-03-11 21:43 - 00001633 _____ () C:\Users\Public\Desktop\Hotline Miami 2 - Wrong Number.lnk2015-03-11 21:38 - 2015-03-11 21:38 - 00020841 _____ () C:\Users\MoatazM\Downloads\[kickass.to]hotline.miami.2.wrong.number.multi7.fitgirl.repack.torrent2015-03-11 19:34 - 2015-03-11 19:34 - 04372317 _____ () C:\Users\MoatazM\Downloads\Communitas_3.17_Time_Capsule.7z2015-03-11 19:33 - 2015-03-11 19:33 - 00001330 _____ () C:\Users\MoatazM\Desktop\Sid Meier's Civilization 5.lnk2015-03-11 19:33 - 2015-03-11 19:33 - 00000000 ____D () C:\Users\MoatazM\AppData\Roaming\Sid Meier's Civilization 52015-03-10 21:25 - 2015-03-10 21:25 - 00000000 ____D () C:\Users\MoatazM\Documents\Colossal Order2015-03-10 21:25 - 2015-03-10 21:25 - 00000000 ____D () C:\Users\MoatazM\AppData\Roaming\Colossal Order2015-03-10 21:22 - 2015-03-10 21:22 - 00000000 ____D () C:\Users\MoatazM\AppData\Roaming\Steam2015-03-10 21:22 - 2015-03-10 21:22 - 00000000 ____D () C:\Users\MoatazM\AppData\Roaming\.mono2015-03-10 21:22 - 2015-03-10 21:22 - 00000000 ____D () C:\Users\MoatazM\AppData\Local\Colossal Order2015-03-10 21:22 - 2015-03-10 21:22 - 00000000 ____D () C:\ProgramData\.mono2015-03-10 21:20 - 2015-03-10 21:20 - 00001946 _____ () C:\Users\Public\Desktop\Cities Skylines.lnk2015-03-10 21:20 - 2015-03-10 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities Skylines2015-03-10 21:17 - 2015-03-10 21:25 - 00000000 ____D () C:\Program Files (x86)\Cities Skylines2015-03-08 17:58 - 2015-03-08 17:58 - 05555712 _____ () C:\Users\MoatazM\Downloads\6- دروس لغوية - الوظيفة النحويَّة.ppt2015-03-08 17:57 - 2015-03-08 17:57 - 00283681 _____ () C:\Users\MoatazM\Downloads\كتاب النشاط 4.rar2015-03-07 14:49 - 2015-03-07 14:49 - 00000000 ____D () C:\Users\MoatazM\Documents\UnrealTournament2015-03-07 14:30 - 2015-03-07 14:30 - 00000000 ____D () C:\Users\MoatazM\AppData\Local\UnrealEngineLauncher2015-03-07 14:30 - 2015-03-07 14:30 - 00000000 ____D () C:\Users\MoatazM\AppData\Local\EpicGamesLauncher2015-03-07 14:29 - 2015-03-07 14:32 - 00000000 ____D () C:\Program Files\Epic Games2015-03-07 14:29 - 2015-03-07 14:30 - 00000000 ____D () C:\ProgramData\Epic2015-03-07 14:29 - 2015-03-07 14:29 - 00001228 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk2015-03-07 14:29 - 2015-03-07 14:29 - 00001216 _____ () C:\Users\Public\Desktop\Epic Games Launcher.lnk2015-03-06 23:45 - 2015-03-06 23:45 - 00019129 _____ () C:\Users\MoatazM\Downloads\[kickass.to]the.usual.suspects.1995.1080p.bluray.x264.anoxmous.torrent2015-03-06 12:47 - 2015-03-06 12:47 - 00025567 _____ () C:\Users\MoatazM\Downloads\[kickass.to]conan.2015.03.04.conan.in.cuba.hdtv.x264.crooks.eztv.torrent2015-03-06 12:25 - 2015-03-06 12:25 - 00018761 _____ () C:\Users\MoatazM\Downloads\game-of-thrones-first-season_HI_english-430046.zip2015-03-06 12:24 - 2015-03-06 12:24 - 00019431 _____ () C:\Users\MoatazM\Downloads\[kickass.to]game.of.thrones.s01e01.hdtv.vostfr.gillop.avi.torrent2015-03-06 11:13 - 2015-03-06 11:13 - 00267941 _____ () C:\Users\MoatazM\Downloads\boardwalk-empire-first-season_HI_english-806011.zip2015-03-06 11:13 - 2015-03-06 11:13 - 00028629 _____ () C:\Users\MoatazM\Downloads\[kickass.to]boardwalk.empire.s01e01.boardwalk.empire.hdtv.xvid.fqm.eztv.torrent2015-03-05 20:25 - 2015-03-05 20:25 - 00014920 _____ () C:\Users\MoatazM\Downloads\[kickass.to]kim.kardashian.leaked.sex.tape.torrent2015-03-03 20:03 - 2015-03-03 20:33 - 00001328 _____ () C:\Users\Public\Desktop\Launch Sid Meier's Civilization 4 - Warlords.lnk2015-03-03 19:49 - 2015-03-03 20:31 - 00001344 _____ () C:\Users\Public\Desktop\Launch Sid Meier's Civilization 4.lnk2015-03-03 19:49 - 2015-03-03 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firaxis Games2015-03-03 19:48 - 2015-03-03 19:48 - 00000000 ____D () C:\Program Files (x86)\Firaxis Games2015-03-03 19:18 - 2015-03-03 19:18 - 00064568 _____ () C:\Users\MoatazM\Downloads\[kickass.to]civilization.iv.all.expansions.pc.games.multi.5 (1).torrent2015-03-03 19:15 - 2015-03-03 19:15 - 00064569 _____ () C:\Users\MoatazM\Downloads\[kickass.to]civilization.iv.all.expansions.pc.games.multi.5.torrent2015-03-02 19:52 - 2015-03-02 19:52 - 00000000 ____D () C:\Windows\SysWOW64\Hotspot Shield2015-03-02 19:51 - 2015-03-02 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler2015-03-02 19:51 - 2015-03-02 19:51 - 00000000 ____D () C:\Program Files (x86)\KeyScrambler2015-03-02 19:51 - 2015-02-07 06:37 - 00223696 _____ (QFX Software Corporation) C:\Windows\system32\Drivers\keyscrambler.sys2015-03-02 19:41 - 2015-03-02 19:41 - 01552128 _____ () C:\Users\MoatazM\Downloads\KeyScrambler_Setup.exe2015-03-02 19:39 - 2015-03-02 19:39 - 00049752 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\AntiLog64.sys2015-03-02 19:39 - 2015-03-02 19:39 - 00000925 _____ () C:\Users\Public\Desktop\AntiLogger.lnk2015-03-02 19:39 - 2015-03-02 19:39 - 00000000 __HDC () C:\ProgramData\{02A8F2F7-A05E-4DC5-950D-52243BB4C610}2015-03-02 19:39 - 2015-03-02 19:39 - 00000000 ____D () C:\Windows\SysWOW64\ZALSDK_uninst2015-03-02 19:39 - 2015-03-02 19:39 - 00000000 ____D () C:\Users\MoatazM\AppData\Local\Zemana2015-03-02 19:39 - 2015-03-02 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiLogger2015-03-02 19:39 - 2015-03-02 19:39 - 00000000 ____D () C:\Program Files (x86)\KeyCryptSDK2015-03-02 19:39 - 2015-03-02 19:39 - 00000000 ____D () C:\Program Files (x86)\AntiLogger2015-03-02 19:39 - 2014-12-30 13:31 - 07039960 _____ (Zemana Ltd.) C:\Windows\SysWOW64\ZALSDKCore.dll2015-03-02 19:39 - 2014-12-30 13:31 - 00076520 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\KeyCrypt64.sys2015-03-02 19:38 - 2015-03-02 19:38 - 14739888 _____ (Zemana Ltd. ) C:\Users\MoatazM\Downloads\Zemana_AntiLogger_1.9.3.602.exe2015-03-02 19:32 - 2015-03-02 19:33 - 01614448 _____ () C:\Users\MoatazM\Downloads\KeyScramblerPremium_Setup.exe2015-03-02 19:24 - 2015-03-02 19:24 - 00001191 _____ () C:\Users\MoatazM\Downloads\[kickass.to]keyscrambler.premium.3.6.eng.serial.torrent2015-03-02 19:12 - 2015-03-02 19:12 - 00000000 ____D () C:\Users\MoatazM\AppData\Roaming\QFX Software2015-03-02 19:12 - 2015-03-02 19:12 - 00000000 ____D () C:\ProgramData\QFX Software2015-03-02 19:11 - 2015-03-02 19:11 - 00002803 _____ () C:\Users\MoatazM\Downloads\[kickass.to]keyscrambler.3.6.0.0.premium.patch.xenocoder.menin.torrent2015-03-02 18:10 - 2015-03-02 18:14 - 00000000 ____D () C:\Users\MoatazM\Desktop\TANJIUPDATE2015-03-02 18:10 - 2015-03-02 18:10 - 00432727 _____ () C:\Users\MoatazM\Downloads\Tanji (1).rar2015-03-02 17:59 - 2015-03-02 17:59 - 02480770 _____ () C:\Users\MoatazM\Documents\RELEASE63-201502251120-169508205.swf2015-03-02 17:57 - 2015-03-02 17:58 - 00000000 ____D () C:\Users\MoatazM\Desktop\ikb2015-03-02 17:57 - 2015-03-02 17:57 - 00116274 _____ () C:\Users\MoatazM\Downloads\iBP.rar2015-03-02 17:56 - 2015-03-02 17:56 - 00015555 _____ () C:\Users\MoatazM\Downloads\SFFBot Extension v2.zip2015-03-02 17:55 - 2015-03-02 18:13 - 00000000 ____D () C:\Users\MoatazM\AppData\Local\Arachis2015-03-02 17:55 - 2015-03-02 18:09 - 00000000 ____D () C:\Users\MoatazM\Desktop\Tanji2015-03-02 17:54 - 2015-03-02 17:54 - 00432727 _____ () C:\Users\MoatazM\Downloads\Tanji.rar2015-03-01 19:24 - 2015-03-01 20:33 - 00381423 _____ () C:\Users\MoatazM\Desktop\log 2015-03-01 (7 24 pm).htm2015-02-28 09:41 - 2015-02-28 09:41 - 00059628 _____ () C:\Users\MoatazM\Downloads\no-country-for-old-men_HI_english-813506.zip2015-02-28 09:41 - 2013-11-05 14:11 - 00071960 ____N () C:\Users\MoatazM\Documents\No.Country.For.Old.Men.2007.720p.BrRip.x264.YIFY.srt2015-02-28 09:12 - 2015-02-28 09:12 - 00015905 _____ () C:\Users\MoatazM\Downloads\No Country For Old Men (2007) [720p] YIFY - YTS.torrent2015-02-27 16:49 - 2015-02-27 16:49 - 00017762 _____ () C:\Users\MoatazM\Downloads\[kickass.to]europa.universalis.iv.v1.10.0.windows.viruz.torrent2015-02-27 11:39 - 2015-02-27 11:39 - 00062113 _____ () C:\Users\MoatazM\Downloads\the-departed_HI_english-888132.zip2015-02-27 11:39 - 2015-02-27 11:39 - 00062113 _____ () C:\Users\MoatazM\Downloads\the-departed_HI_english-888132 (1).zip2015-02-27 11:39 - 2014-04-01 13:14 - 00162178 ____N () C:\Users\MoatazM\Documents\The Departed (2006) BDRip 1080p DTS multisub HighCode-PHD .HI.srt2015-02-27 11:05 - 2015-02-27 11:07 - 04712874 _____ () C:\Users\MoatazM\Documents\Snoop Dogg - Gin And Juice (Lyrics).wav2015-02-27 11:05 - 2015-02-27 11:07 - 04101738 _____ () C:\Users\MoatazM\Documents\Star_Wars-_The_Imperial_March_(Darth_Vaders_Theme).wav2015-02-27 11:02 - 2015-02-27 11:14 - 00000000 ____D () C:\Users\MoatazM\Desktop\HLDJ2015-02-27 11:01 - 2015-02-27 11:01 - 01855815 _____ () C:\Users\MoatazM\Downloads\hldj64_1.6.02.zip2015-02-27 04:45 - 2015-02-27 17:18 - 00000000 ____D () C:\Users\MoatazM\Desktop\Europa Universalis IV2015-02-26 14:48 - 2015-02-26 14:48 - 00016272 _____ () C:\Users\MoatazM\Downloads\[kickass.to]the.departed.2006.720p.brrip.x264.750mb.yify.torrent2015-02-25 18:55 - 2015-02-25 18:55 - 00275007 _____ () C:\Users\MoatazM\Downloads\آمنة الصبحي ...التحليل الادبي ((عاطل متواكل) الوحدة الرابعة قضايا العمل .rar2015-02-25 18:55 - 2010-03-07 07:57 - 00291367 _____ () C:\Users\MoatazM\Desktop\آمنة الصبحي ...التحليل الادبي ((عاطل متواكل) الوحدة الرابعة قضايا العمل ..pptx2015-02-24 18:53 - 2015-02-24 18:53 - 00096890 _____ () C:\Users\MoatazM\Downloads\Chapter 5 Review.pptx2015-02-23 21:49 - 2015-02-23 21:49 - 00000000 ____D () C:\Users\MoatazM\AppData\Roaming\Unity2015-02-23 21:40 - 2015-02-23 21:40 - 01081088 _____ (Unity Technologies ApS) C:\Users\MoatazM\Downloads\UnityWebPlayer.exe2015-02-23 21:40 - 2015-02-23 21:40 - 00000000 ____D () C:\Users\MoatazM\AppData\Local\Unity2015-02-22 18:45 - 2015-02-22 18:45 - 00000000 ____D () C:\Users\MoatazM\AppData\Local\Steam2015-02-22 14:44 - 2015-02-22 14:44 - 00001039 _____ () C:\Users\MoatazM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 10 Technical Preview.lnk2015-02-21 20:50 - 2015-02-21 20:50 - 00048051 _____ () C:\Users\MoatazM\Downloads\oceans-eleven_HI_english-922797.zip2015-02-21 20:50 - 2014-05-28 07:06 - 00131789 ____N () C:\Users\MoatazM\Documents\Ocean's.Eleven.2001.720p.Bluray.x264.YIFY.CHI.srt2015-02-20 23:23 - 2015-02-20 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crusader Kings II - Collection2015-02-20 23:19 - 2015-02-20 23:19 - 00000000 ____D () C:\Program Files (x86)\Crusader Kings II - Collection2015-02-20 23:14 - 2015-02-20 23:14 - 00013082 _____ () C:\Users\MoatazM\Downloads\[kickass.to]crusader.kings.ii.collection.repack.yuzutu.2.3.2 (2).torrent2015-02-20 23:14 - 2015-02-20 23:14 - 00013082 _____ () C:\Users\MoatazM\Downloads\[kickass.to]crusader.kings.ii.collection.repack.yuzutu.2.3.2 (1).torrent2015-02-20 16:48 - 2015-02-20 16:48 - 00000000 ____D () C:\Users\MoatazM\AppData\Local\CrashRpt2015-02-19 21:03 - 2015-02-19 21:03 - 00013082 _____ () C:\Users\MoatazM\Downloads\[kickass.to]crusader.kings.ii.collection.repack.yuzutu.2.3.2.torrent2015-02-19 17:08 - 2015-02-19 17:08 - 03683328 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll2015-02-19 17:08 - 2015-02-19 17:08 - 02039808 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll2015-02-19 17:08 - 2015-02-19 17:08 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll2015-02-19 17:08 - 2015-02-19 17:08 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll2015-02-19 17:08 - 2015-02-19 17:08 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll2015-02-19 17:08 - 2015-02-19 17:08 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll2015-02-19 17:08 - 2015-02-19 17:08 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll2015-02-19 17:08 - 2015-02-19 17:08 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll2015-02-19 17:08 - 2015-02-19 17:08 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll2015-02-19 17:08 - 2015-02-19 17:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll2015-02-19 17:08 - 2015-02-19 17:08 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll2015-02-19 17:08 - 2015-02-19 17:08 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll2015-02-19 17:08 - 2015-02-19 17:08 - 00056288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe2015-02-19 17:08 - 2015-02-19 17:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll2015-02-19 17:08 - 2015-02-19 17:08 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe2015-02-19 17:08 - 2015-02-19 17:08 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe2015-02-19 17:08 - 2015-02-19 17:08 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll2015-02-19 17:08 - 2015-02-19 17:08 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll2015-02-19 17:08 - 2015-02-19 17:08 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll2015-02-19 15:37 - 2015-02-19 15:37 - 00001064 _____ () C:\Users\Public\Desktop\Hotspot Shield.lnk2015-02-18 21:51 - 2015-02-18 21:51 - 00072708 _____ () C:\Users\MoatazM\Downloads\[kickass.to]apocalypto.2006.bluray.720p.900mb.ganool.torrent ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-20 10:05 - 2015-01-15 16:39 - 00000000 ____D () C:\Users\MoatazM\AppData\Roaming\BitComet2015-03-20 10:03 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\sru2015-03-20 10:02 - 2015-01-15 09:11 - 01867194 _____ () C:\Windows\WindowsUpdate.log2015-03-20 09:51 - 2015-01-14 22:23 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3020525582-1626846548-3339513900-10012015-03-20 09:50 - 2015-01-21 06:21 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-03-20 09:50 - 2015-01-14 22:22 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A391B60C-2AEB-4EE0-BD36-B141E77205A6}2015-03-20 09:49 - 2015-01-24 03:53 - 00000000 __RDO () C:\Users\MoatazM\OneDrive2015-03-20 09:48 - 2015-01-14 22:25 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-03-20 09:44 - 2015-01-15 09:06 - 00059074 _____ () C:\Windows\PFRO.log2015-03-20 09:44 - 2013-08-22 17:46 - 00043842 _____ () C:\Windows\setupact.log2015-03-20 09:44 - 2013-08-22 17:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2015-03-20 02:24 - 2015-01-15 17:17 - 00000406 _____ () C:\Windows\Tasks\update-S-1-5-21-3020525582-1626846548-3339513900-1001.job2015-03-20 01:35 - 2015-01-21 18:26 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2015-03-20 01:35 - 2015-01-14 22:25 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-03-20 00:41 - 2015-01-14 22:48 - 00000000 ____D () C:\Program Files (x86)\Steam2015-03-20 00:03 - 2015-01-16 21:25 - 00000000 ____D () C:\Users\MoatazM\AppData\Local\Popcorn-Time2015-03-19 23:21 - 2015-01-15 17:17 - 00000406 _____ () C:\Windows\Tasks\update-sys.job2015-03-19 22:27 - 2015-01-15 22:35 - 00000000 ____D () C:\Users\MoatazM\AppData\Roaming\vlc2015-03-19 18:51 - 2015-01-15 09:16 - 00000000 ____D () C:\Users\MoatazM2015-03-19 18:44 - 2015-01-14 23:10 - 00000000 ____D () C:\ProgramData\Package Cache2015-03-18 23:58 - 2015-01-19 04:32 - 00000000 ___HD () C:\Windows\msdownld.tmp2015-03-18 23:58 - 2015-01-19 04:32 - 00000000 ____D () C:\Windows\SysWOW64\directx2015-03-18 22:08 - 2015-01-24 20:21 - 00000000 ____D () C:\Users\MoatazM\AppData\Local\SKIDROW2015-03-18 22:06 - 2015-01-18 04:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics2015-03-18 22:03 - 2015-01-18 03:02 - 00000000 ____D () C:\Program Files (x86)\R.G. Mechanics2015-03-18 14:45 - 2015-01-15 17:07 - 00000000 ____D () C:\Users\MoatazM\AppData\Roaming\DMCache2015-03-17 00:02 - 2015-01-15 17:07 - 00000000 ____D () C:\Users\MoatazM\Downloads\Compressed2015-03-14 13:32 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\AppReadiness2015-03-13 15:36 - 2015-01-14 22:27 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-03-13 15:26 - 2015-02-03 15:20 - 00000000 ____D () C:\Users\MoatazM\AppData\Local\LogMeIn Hamachi2015-03-13 15:23 - 2013-08-22 16:25 - 00262144 ___SH () C:\Windows\system32\config\BBI2015-03-13 13:48 - 2015-01-14 22:18 - 00000000 ____D () C:\Users\MoatazM\AppData\Local\VirtualStore2015-03-13 13:04 - 2015-01-22 01:25 - 00000000 ____D () C:\Users\MoatazM\Documents\BYOND2015-03-12 20:32 - 2015-01-17 16:54 - 00000000 ____D () C:\Users\MoatazM\Documents\My Games2015-03-11 21:43 - 2015-01-25 21:18 - 00000000 ____D () C:\Games2015-03-11 14:38 - 2015-01-21 18:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2015-03-10 17:53 - 2015-02-13 22:15 - 00000000 ____D () C:\Users\MoatazM\AppData\Roaming\Mumble2015-03-10 17:50 - 2015-01-15 18:41 - 00000000 ____D () C:\Users\MoatazM\AppData\Roaming\TS3Client2015-03-08 21:39 - 2015-01-21 18:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2015-03-07 14:30 - 2015-01-15 23:04 - 00527935 _____ () C:\Windows\DirectX.log2015-03-06 16:38 - 2015-01-31 17:56 - 00000000 ____D () C:\Users\MoatazM\Documents\Lightshot2015-03-03 21:35 - 2015-01-23 18:37 - 00000000 ____D () C:\Users\MoatazM\AppData\Local\My Games2015-03-03 20:36 - 2015-01-15 00:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2015-02-28 15:04 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\rescache2015-02-28 09:19 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\NDF2015-02-28 00:04 - 2015-01-15 09:15 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI2015-02-19 17:09 - 2013-08-22 18:20 - 00000000 ____D () C:\Windows\CbsTemp2015-02-19 15:37 - 2015-02-14 12:52 - 00000000 ____D () C:\Program Files (x86)\Hotspot Shield ==================== Files in the root of some directories ======= 2015-01-15 17:17 - 2015-01-15 17:17 - 0000003 _____ () C:\Users\MoatazM\AppData\Local\updater.log2015-01-15 17:17 - 2015-01-15 17:17 - 0000425 _____ () C:\Users\MoatazM\AppData\Local\UserProducts.xml2015-01-21 06:21 - 2015-01-21 06:21 - 0000020 _____ () C:\ProgramData\bc.ini Some content of TEMP:====================C:\Users\MoatazM\AppData\Local\Temp\2A7E2D71-66FF-BE2E-C26E-C2D5A109A50C.dllC:\Users\MoatazM\AppData\Local\Temp\2A7E2D71-66FF-BE2E-C26E-C2D5A109A50C.exeC:\Users\MoatazM\AppData\Local\Temp\A1D76FF97175BF79025AB7AA1DDF0A2A.dllC:\Users\MoatazM\AppData\Local\Temp\CC34498B-331E-46AF-DC57-22917986DE8E.exeC:\Users\MoatazM\AppData\Local\Temp\core.exeC:\Users\MoatazM\AppData\Local\Temp\HiPatchSelfUpdateWindow.exeC:\Users\MoatazM\AppData\Local\Temp\HiRezLauncherControls.dllC:\Users\MoatazM\AppData\Local\Temp\max.exeC:\Users\MoatazM\AppData\Local\Temp\msvcr80.dllC:\Users\MoatazM\AppData\Local\Temp\SimPack.exeC:\Users\MoatazM\AppData\Local\Temp\SRLDetectionLibrary8714093483883803185.dllC:\Users\MoatazM\AppData\Local\Temp\start.exeC:\Users\MoatazM\AppData\Local\Temp\Uninstall.exeC:\Users\MoatazM\AppData\Local\Temp\updating.exeC:\Users\MoatazM\AppData\Local\Temp\utt2740.tmp.exeC:\Users\MoatazM\AppData\Local\Temp\xmlUpdater.exeC:\Users\MoatazM\AppData\Local\Temp\zlib1.dllC:\Users\MoatazM\AppData\Local\Temp\_is5F0F.exeC:\Users\MoatazM\AppData\Local\Temp\_isA2F4.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-20 02:03 ==================== End Of Log ============================ addition: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015Ran by MoatazM at 2015-03-20 10:08:18Running from C:\Users\MoatazM\DesktopBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 0 A.D. (HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\0 A.D.) (Version: r15849-alpha - Wildfire Games)0 A.D. (HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0 A.D.) (Version: r15849-alpha - Wildfire Games)Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)Alien Swarm (HKLM-x32\...\Steam App 630) (Version: - Valve)alien_crossfire (HKLM\...\{fa451eea-8a73-486b-9ea0-9628c2c2c3ad}.sdb) (Version: - )alpha_centauri (HKLM\...\{fe81cd48-2ed2-4e7d-886c-b65767350095}.sdb) (Version: - )AntiLogger (HKLM-x32\...\AntiLogger) (Version: - Zemana Ltd.)AntiLogger (x32 Version: 1.9.3.602 - Zemana Ltd.) HiddenApotheon (HKLM-x32\...\Apotheon_is1) (Version: - Alientrap)Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Arena: Cyber Evolution (HKLM-x32\...\Steam App 285580) (Version: - Spearhead Games)Auto Clicker v1.9 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 1.9 - MurGee.com)AutoOffers (HKLM-x32\...\{14645C74-A586-4537-A4B9-91CEA26E10C1}) (Version: 4.3.0.0 - Fora@Jan)BitComet 1.37 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.37 - CometNetwork)BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.11.4119 - BlueStack Systems, Inc.)BlueStacks Notification Center (HKLM-x32\...\{E78B4959-B348-4913-874B-FF982378E035}) (Version: 0.9.11.4119 - BlueStack Systems, Inc.)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)BYOND (HKLM-x32\...\BYOND) (Version: 506.1249 - BYOND)Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: 1.0 - Релиз от R.G. Steamgames)ComicRack v0.9.176 (HKLM\...\ComicRack) (Version: v0.9.176 - cYo Soft)Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)Crusader Kings II - Collection version 2.3.2 (HKLM-x32\...\{3445D0C4-33FB-40B3-A30D-21038416E574}_is1) (Version: 2.3.2 - Yuzutu, Inc.)Crusader Kings II Way of Life (HKLM-x32\...\Crusader Kings II Way of Life_is1) (Version: - )DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 3.0.0.0309 - Disc Soft Ltd)Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)Epic Games Launcher (HKLM\...\{325AC861-EDAF-440B-97DD-259906E216D3}) (Version: 1.1.24.0 - Epic Games, Inc.)Europa Universalis IV - Collection version 1.9.2 (HKLM-x32\...\{77B398F2-FEE1-47B8-9868-F3C1E3147C4C}_is1) (Version: 1.9.2 - Yuzutu, Inc.)GameRanger (HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\GameRanger) (Version: - GameRanger Technologies)GameRanger (HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GameRanger) (Version: - GameRanger Technologies)Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)Gear Up (HKLM-x32\...\Steam App 214420) (Version: - Doctor Entertainment AB)Geometry Wars 3 Dimensions (HKLM-x32\...\Geometry Wars 3 Dimensions_is1) (Version: - )Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) HiddenGoogle Update Helper (x32 Version: 1.3.26.9 - Google Inc.) HiddenGtk# for .Net 2.12.25 (HKLM-x32\...\{889E7D77-2A98-4020-83B1-0296FA1BDE8A}) (Version: 2.12.25 - Xamarin, Inc.)Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)Hotline Miami 2: Wrong Number (HKLM-x32\...\Hotline Miami 2: Wrong Number_is1) (Version: - )Hotspot Shield 3.69 (HKLM-x32\...\HotspotShield) (Version: 3.69 - AnchorFree Inc.)HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)JetBrains PyCharm 4.0.4 (HKLM-x32\...\PyCharm 4.0.4) (Version: 139.1001 - JetBrains s.r.o.)KeyCrypt SDK version 1.8.1.199 (HKLM-x32\...\{5575EADE-4685-4E15-A9CD-6036BC2A3F75}_is1) (Version: 1.8.1.199 - Zemana Ltd.)KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.6.0.0 - QFX Software Corporation)King Arthur's Gold (HKLM-x32\...\Steam App 219830) (Version: - )KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)League of Legends (x32 Version: 3.0.1 - Riot Games) HiddenLightshot-5.2.0.17 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.0.17 - Skillbrains)LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.)LogMeIn Hamachi (x32 Version: 2.2.0.303 - LogMeIn, Inc.) HiddenMalwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.00.0000 - SEGA)Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)Midori 0.5.9 (HKLM-x32\...\Midori) (Version: 0.5.9 - Christian Dywan)Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment)Mozilla Firefox 36.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-GB)) (Version: 36.0.1 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig)My Game Long Name (HKLM\...\UDK-e5632249-bb5d-47c7-9ebf-f6b05343d2a7) (Version: - Epic Games, Inc.)North and South version 0.404 (HKLM-x32\...\{C0C24D7F-3B0D-4169-AC92-4999D18FB04D}_is1) (Version: 0.404 - Antietam Studios)Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 150131.101358 - Square Enix Ltd)Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)Oracle VM VirtualBox 4.3.26 (HKLM\...\{5771F59A-BFC9-4FAF-A883-7642EF4BA3C3}) (Version: 4.3.26 - Oracle Corporation)osu! (HKLM-x32\...\{a3d45a69-bb26-43ac-9a86-031c8679ca8f}) (Version: latest - ppy Pty Ltd)Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 5.1 - Popcorn Time)Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version: - Daum Kakao Corp.)Python 3.4.2 (HKLM-x32\...\{2583CDBA-8A53-4622-BB67-1D163714C1B4}) (Version: 3.4.16349 - Python Software Foundation)Quake Live (HKLM-x32\...\Steam App 282440) (Version: - id Software)Reus (HKLM-x32\...\Reus_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)Rise of Nations: Extended Edition (HKLM-x32\...\Rise of Nations: Extended Edition_is1) (Version: - Microsoft Studios)Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)Sid Meier's Alpha Centauri (HKLM-x32\...\GOGPACKSIDMEIERSALPHACENTAURI_is1) (Version: 2.0.0.19 - GOG.com)Sid Meier's Civilization 4 - Beyond the Sword (HKLM-x32\...\{32E4F0D2-C135-475E-A841-1D59A0D22989}) (Version: 3.03 - Firaxis Games)Sid Meier's Civilization 4 - Warlords (HKLM-x32\...\{3E4B349F-10B5-4586-9D99-489A90A8B228}) (Version: 2.13 - Firaxis Games)Sid Meier's Civilization 4 (HKLM-x32\...\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}) (Version: 1.74 - Firaxis Games)Sid Meier's Civilization 4 (x32 Version: 1.00.0000 - Firaxis Games) HiddenSid Meier's Civilization 5 (HKLM-x32\...\Sid Meier's Civilization 5_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.2.2636.0 - Hi-Rez Studios)SpeeditUp (HKLM-x32\...\C44E3C59-3E0A-54BC-517E-C1123687066A) (Version: - SpeeditUp-software) <==== ATTENTIONSteam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)Super Socks5Cap X86/X64 3.0.0.0 (HKLM-x32\...\{10578CAB-AE86-442E-97F0-96656404CD6F}_is1) (Version: - www.networktunnel.net)Supraball (HKLM-x32\...\Supraball) (Version: - Supra Games Gbr)Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)System Requirements Lab (HKLM-x32\...\{8DCAB1D8-F20C-4733-9B5F-646DDFEB59C9}) (Version: 6.1.1.0 - Husdawg, LLC)Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)Total War - Rome II (HKLM-x32\...\Total War - Rome II_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)Total War: ROME II Emperor Edition (HKLM-x32\...\VG90YWxXYXJST01FSUlFbXBlcm9yRWRpdGlvbg==_is1) (Version: 1 - )Transformice (HKLM-x32\...\Steam App 335240) (Version: - Atelier 801)Tunngle (HKLM-x32\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)Unity Web Player (HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\UnityWebPlayer) (Version: 4.6.3f1 - Unity Technologies ApS)Unity Web Player (HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 4.6.3f1 - Unity Technologies ApS)Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)WinRAR 5.21 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.1 - win.rar GmbH)Xamarin Studio 5.7 (HKLM-x32\...\{FEBAEC51-10ED-469F-8BFC-578B2636FFB0}) (Version: 5.7.0.660 - Xamarin) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3020525582-1626846548-3339513900-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 03-03-2015 19:48:52 Installed Sid Meier's Civilization 407-03-2015 14:29:34 Installed DirectX10-03-2015 21:21:07 Installed DirectX16-03-2015 15:27:30 Installed Microsoft Visual C++ 2005 Redistributable (x64)18-03-2015 22:04:53 Installed DirectX18-03-2015 22:06:00 Installed DirectX ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 16:25 - 2015-03-02 18:14 - 00000908 ____A C:\Windows\system32\Drivers\etc\hosts127.0.0.3 www.anchorfree.net127.0.0.2 www.mefeedia.com127.0.0.3 anchorfree.net ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {04C1511C-CED7-4D4C-A938-52A9C7E81830} - System32\Tasks\update-S-1-5-21-3020525582-1626846548-3339513900-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-29] ()Task: {1CAE9696-CE90-466E-9AF3-1C6EFBB2D061} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {25C7BB94-4207-4A75-98C5-C4BE7F7B4FA2} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-12] ()Task: {4FA44301-B747-4A42-9BC1-BFF2FB6B004C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)Task: {58ECC715-FFD6-4703-A58E-034156AC9B9D} - System32\Tasks\Opera scheduled Autoupdate 1421803744 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-16] (Opera Software)Task: {8702F697-C31D-4EBA-81DC-279CF5C8B475} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-29] ()Task: {9EEC5DB4-C55E-461D-AF5E-D9A6ACDB8188} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-14] (Google Inc.)Task: {CC4655FF-1C37-4E58-980D-C501A0E6E14E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-14] (Google Inc.)Task: {D4BFA7C3-8096-4CFD-AFB4-25E9DC19C0D4} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-29] (Synaptics Incorporated)Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\update-S-1-5-21-3020525582-1626846548-3339513900-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exeTask: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Loaded Modules (whitelisted) ============== 2015-02-13 03:36 - 2015-02-13 03:36 - 00558376 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe2015-02-13 03:30 - 2015-02-13 03:30 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll2015-02-13 03:42 - 2015-02-13 03:42 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll2015-03-13 15:36 - 2015-03-07 09:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\libglesv2.dll2015-03-13 15:36 - 2015-03-07 09:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\libegl.dll2015-03-13 15:36 - 2015-03-07 09:13 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\pdf.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\MoatazM\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpgHKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpgDNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"HKLM\...\StartupApproved\Run32: => "AntiLogger"HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\StartupApproved\StartupFolder: => "GameRanger.lnk"HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\StartupApproved\Run: => "MurGee.com Auto Clicker"HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent"HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\StartupApproved\Run: => "IDMan"HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\StartupApproved\Run: => "Steam"HKU\S-1-5-21-3020525582-1626846548-3339513900-1001\...\StartupApproved\Run: => "CMD"HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "GameRanger.lnk"HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "MurGee.com Auto Clicker"HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent"HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "IDMan"HKU\S-1-5-21-3020525582-1626846548-3339513900-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam" ==================== Accounts: ============================= Administrator (S-1-5-21-3020525582-1626846548-3339513900-500 - Administrator - Disabled)Guest (S-1-5-21-3020525582-1626846548-3339513900-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-3020525582-1626846548-3339513900-1004 - Limited - Enabled)MoatazM (S-1-5-21-3020525582-1626846548-3339513900-1001 - Administrator - Enabled) => C:\Users\MoatazM ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28)Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI DeviceDescription: PCI DeviceClass Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28)Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: HP Truevision HDDescription: USB Video DeviceClass Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}Manufacturer: MicrosoftService: usbvideoProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Ralink_RT3290_Bluetooth_01Description: Ralink_RT3290_Bluetooth_01Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28)Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors:==================Error: (03/20/2015 09:46:28 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (03/19/2015 05:19:15 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: vlc.exe, version: 2.1.5.0, time stamp: 0x00000004Faulting module name: vlc.exe, version: 2.1.5.0, time stamp: 0x00000004Exception code: 0xc0000005Fault offset: 0x000018c5Faulting process id: 0xb6cFaulting application start time: 0xvlc.exe0Faulting application path: vlc.exe1Faulting module path: vlc.exe2Report Id: vlc.exe3Faulting package full name: vlc.exe4Faulting package-relative application ID: vlc.exe5 Error: (03/19/2015 01:39:42 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: a94 Start Time: 01d06230f76b16b5 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe Report Id: 3e09e309-ce24-11e4-825f-7446a079f191 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (03/19/2015 04:38:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 1297 Error: (03/19/2015 04:38:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 1297 Error: (03/19/2015 04:38:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (03/19/2015 00:00:28 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: UDK.exe, version: 1.0.12097.0, time stamp: 0x530255e2Faulting module name: UDK.exe, version: 1.0.12097.0, time stamp: 0x530255e2Exception code: 0xc0000005Fault offset: 0x001c7dd6Faulting process id: 0x89cFaulting application start time: 0xUDK.exe0Faulting application path: UDK.exe1Faulting module path: UDK.exe2Report Id: UDK.exe3Faulting package full name: UDK.exe4Faulting package-relative application ID: UDK.exe5 Error: (03/18/2015 02:43:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 4922 Error: (03/18/2015 02:43:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 4922 Error: (03/18/2015 02:43:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second System errors:=============Error: (03/20/2015 09:46:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s). Error: (03/20/2015 09:46:28 AM) (Source: Service Control Manager) (EventID: 7023) (User: )Description: The BlueStacks Android Service service terminated with the following error: %%1064 Error: (03/20/2015 09:45:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: %%1053 Error: (03/20/2015 09:45:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect. Error: (03/20/2015 09:44:09 AM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)Description: The system watchdog timer was triggered. Error: (03/20/2015 09:44:52 AM) (Source: EventLog) (EventID: 6008) (User: )Description: The previous system shutdown at 2:30:49 AM on ‎3/‎20/‎2015 was unexpected. Error: (03/15/2015 01:08:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s). Error: (03/15/2015 01:08:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: )Description: The BlueStacks Android Service service terminated with the following error: %%1064 Error: (03/15/2015 01:08:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: %%1053 Error: (03/15/2015 01:08:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect. Microsoft Office Sessions:=========================Error: (03/20/2015 09:46:28 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (03/19/2015 05:19:15 PM) (Source: Application Error) (EventID: 1000) (User: )Description: vlc.exe2.1.5.000000004vlc.exe2.1.5.000000004c0000005000018c5b6c01d0617318b68020C:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\Program Files (x86)\VideoLAN\VLC\vlc.exeeb73cbc1-ce42-11e4-825f-7446a079f191 Error: (03/19/2015 01:39:42 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: LiveComm.exe17.5.9600.20689a9401d06230f76b16b54294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe3e09e309-ce24-11e4-825f-7446a079f191microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (03/19/2015 04:38:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 1297 Error: (03/19/2015 04:38:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 1297 Error: (03/19/2015 04:38:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (03/19/2015 00:00:28 AM) (Source: Application Error) (EventID: 1000) (User: )Description: UDK.exe1.0.12097.0530255e2UDK.exe1.0.12097.0530255e2c0000005001c7dd689c01d061be6a4bd7c5C:\Program Files (x86)\Supraball\Binaries\Win32\UDK.exeC:\Program Files (x86)\Supraball\Binaries\Win32\UDK.exece216dc3-cdb1-11e4-825f-7446a079f191 Error: (03/18/2015 02:43:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 4922 Error: (03/18/2015 02:43:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 4922 Error: (03/18/2015 02:43:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second ==================== Memory info =========================== Processor: Intel® Core i7-3632QM CPU @ 2.20GHzPercentage of memory in use: 37%Total physical RAM: 8090.36 MBAvailable physical RAM: 5072.43 MBTotal Pagefile: 8666.36 MBAvailable Pagefile: 4651.64 MBTotal Virtual: 131072 MBAvailable Virtual: 131071.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:698.29 GB) (Free:375.46 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: E6489D01)Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=698.3 GB) - (Type=07 NTFS) ==================== End Of Log ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.