Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-06-2016 Ran by Ankit (2016-06-10 13:11:32) Running from C:\Users\Anki\Downloads\Programs Windows 10 Pro Version 1511 (X64) (2016-06-09 09:44:34) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-787172512-2198361898-3063716444-500 - Administrator - Disabled) Ankit (S-1-5-21-787172512-2198361898-3063716444-1001 - Administrator - Enabled) => C:\Users\Anki DefaultAccount (S-1-5-21-787172512-2198361898-3063716444-503 - Limited - Disabled) Guest (S-1-5-21-787172512-2198361898-3063716444-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.34 - GIGABYTE) µTorrent (HKU\S-1-5-21-787172512-2198361898-3063716444-1001\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.) 7-Zip 15.05 beta x64 (HKLM\...\7-Zip) (Version: - ) 7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version: - ) ACP Application (Version: 2016.0602.1640.44 - Advanced Micro Devices, Inc.) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated) Adobe Flash Player 10 ActiveX (HKLM-x32\...\{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}) (Version: 10.1.52.14 - Adobe Systems, Inc.) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.) Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.) Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.) Anki (HKLM-x32\...\Anki) (Version: - ) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) Autodesk Content Service (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk) Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk) Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk) Bandicam (HKLM-x32\...\Bandicam) (Version: - Bandisoft) Benge's Animated Sprite Pack For FPS Creator (HKLM-x32\...\{AED21179-5EBE-4737-94B0-37BFFDF8DA66}) (Version: - ) Brackets (HKLM-x32\...\{D20AE926-9B7C-45F2-9201-B161CD30350D}) (Version: 1.4 - brackets.io) Catalyst Control Center Next Localization BR (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform) C-Free 5.0 Professional (HKLM-x32\...\C-Free 5.0_is1) (Version: - Program Arts) Color Efex Pro 4 (HKLM-x32\...\Color Efex Pro 4) (Version: 4.0.0.2 - Nik Software, Inc.) Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu) Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: - ) Counter-Strike Global Offensive [No-Steam] (HKLM-x32\...\Counter-Strike Global Offensive_is1) (Version: 1.33.0.0 - Valve Software) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Data Lifeguard Diagnostic for Windows 1.28 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation) Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan) Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software) Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team) Dolphin x86 (HKLM-x32\...\Dolphin x86) (Version: 4.0.2 - Dolphin Development Team) Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden DuOS (HKLM\...\{D642C486-5337-4882-A7F3-91A4C797ABFA}) (Version: 2.0.6.8063 - American Megatrends Inc.) Easy Tune 6 B14.1020.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Easy Tune 6 B14.1020.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated) FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production) FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - ) FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line) FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - ) FPS Creator (HKLM-x32\...\{B91E4360-298A-4306-9E95-9AD91A0952A1}) (Version: - ) FPS Creator Model Pack - 10 (HKLM-x32\...\{24EB39DB-B958-413D-818E-C0875101C96B}) (Version: - ) FPS Creator Model Pack - 11 (HKLM-x32\...\{15014839-85AF-439E-9C3C-A93BB74957B1}) (Version: - ) FPS Creator Model Pack - 12 (HKLM-x32\...\{E189B3B5-487D-430E-8668-A77CEF120F2D}) (Version: - ) FPS Creator Model Pack - 13 (HKLM-x32\...\{09847DC5-6C6D-45CD-AE31-CD27CE1FE48F}) (Version: - ) FPS Creator Model Pack - 16 (HKLM-x32\...\{BDB48672-B567-4A4B-989E-0A7C2E220B6F}) (Version: - ) FPS Creator Model Pack - 17 (HKLM-x32\...\{8151518B-A59D-4FC2-89AA-D99084EBC0FD}) (Version: - ) FPS Creator Model Pack - 18 (HKLM-x32\...\{66FF89F1-6FDB-450E-AA45-21A529008E39}) (Version: - ) FPS Creator Model Pack - 19 (HKLM-x32\...\{CF098B60-678F-4CFE-A1BB-0EA3B81AAF13}) (Version: - ) FPS Creator Model Pack - 2 (HKLM-x32\...\{3B78E403-D116-4C56-9D1E-4C245AFC82D9}) (Version: - ) FPS Creator Model Pack - 22 (HKLM-x32\...\{38FC732E-764D-46A2-A79E-A4E484130A3B}) (Version: - ) FPS Creator Model Pack - 23 (HKLM-x32\...\{E5E3254B-D0FF-4CEA-9BA0-4F4E05F7DD1C}) (Version: - ) FPS Creator Model Pack - 24 (HKLM-x32\...\{F75260DA-D2E8-4B19-9090-A2F0E6D7A871}) (Version: - ) FPS Creator Model Pack - 25 (HKLM-x32\...\{5613BDB3-38C5-4274-9DD6-96F1EF1959D9}) (Version: - ) FPS Creator Model Pack - 26 (HKLM-x32\...\{C4094DCF-F965-4D28-B126-A1DE101568B7}) (Version: - ) FPS Creator Model Pack - 28 (HKLM-x32\...\{A9802493-BA56-4304-A2F3-EDF7D35FBA5D}) (Version: - ) FPS Creator Model Pack - 29 (HKLM-x32\...\{F827FC20-1238-4EF8-B5D9-FD0E980DF877}) (Version: - ) FPS Creator Model Pack - 3 (HKLM-x32\...\{E6342632-BA22-4FE2-A32E-E664684AD659}) (Version: - ) FPS Creator Model Pack - 30 (HKLM-x32\...\{576C3F37-F3B6-4119-AFCA-F3E4D8150364}) (Version: - ) FPS Creator Model Pack - 37 (HKLM-x32\...\{4B92FA58-EF89-4331-8175-3AF061612A23}) (Version: - ) FPS Creator Model Pack - 4 (HKLM-x32\...\{4F4BB48A-7F05-4CB8-B8F4-81581DC51090}) (Version: - ) FPS Creator Model Pack - 5 (HKLM-x32\...\{71E13F8B-365D-4FCF-BA69-9209FAF9D680}) (Version: - ) FPS Creator Model Pack - 6 (HKLM-x32\...\{F964E0BB-3AD6-4188-B985-453037BE8FFD}) (Version: - ) FPS Creator Model Pack - 7 (HKLM-x32\...\{F6D05799-9659-48CD-8B8A-1AC424A572A9}) (Version: - ) FPS Creator Model Pack - 9 (HKLM-x32\...\{444E3FAE-DC6D-498B-BF98-6B6B61CA46D9}) (Version: - ) FPS Creator Model Pack (HKLM-x32\...\{AFEA5739-4FFC-4304-BF1E-BAE4772CF54D}) (Version: - ) fragMOTION 1.3.4 (HKLM-x32\...\fragMOTION 1.3.4_is1) (Version: - ) Fraps (HKLM-x32\...\Fraps) (Version: - ) Gears of War (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.) Google Input Hindi (HKLM\...\GoogleInputHindi) (Version: - Google Inc.) Google Input Tools (HKLM\...\GoogleInputFramework) (Version: - Google Inc.) Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - ) HackingToolkit3DS version 5 (HKLM-x32\...\{9EE56FC9-CB0B-4201-918E-59CF020EF24A}_is1) (Version: 5 - Asia81) HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - ) HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version: - ) IcoFX 2.11 (HKLM-x32\...\IcoFX 2_is1) (Version: - ) IconChanger (HKLM-x32\...\{C912EFA0-0076-11d5-B04A-BD6C80DF2479}) (Version: - ) IDM Crack 6.25 build 15 (HKLM-x32\...\IDM Crack 6.25 build 15) (Version: build 15 - SandySeedings Team) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) Image To PDF 1.7.2.0 (HKLM-x32\...\{D6CAA5A8-AC4B-45DC-8752-CAE32943C621}_is1) (Version: 1.7.2.0 - zxt2007.com) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.1.0.7 - IObit) IP Messenger for Win (HKLM-x32\...\IPMSG for Win32) (Version: - ) IVONA 2 (HKLM-x32\...\IVONA 2) (Version: 1.6.60 - IVONA Software Sp. z o.o.) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation) Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation) Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation) K-Lite Mega Codec Pack 11.6.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.6.0 - ) KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - ) KQEMU virtualisation module for QEMU (HKLM-x32\...\KQEMU) (Version: - ) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS) Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation) Microsoft Visual C++ 2015 RC Redistributable (x86) - 14.0.22816 (HKLM-x32\...\{714692fa-709b-4925-8170-821d51135f42}) (Version: 14.0.22816.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{17c2e197-cf26-443b-8beb-53151940df3f}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation) Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - ) MMX353G 3G USB Manager version 5.525 (HKLM-x32\...\MMX353G 3G USB Manager Normal Version_is1) (Version: - ) Model Pack - 14 (HKLM-x32\...\{5CAEC6B6-24D0-4E6C-A064-B6F7D66394D5}) (Version: - ) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 47.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla) MySQL Connector Net 6.9.8 (HKLM-x32\...\{D01DF7C8-6F2D-46BC-923B-418233EB1D14}) (Version: 6.9.8 - Oracle) MySQL Installer - Community (HKLM-x32\...\{87EB0134-AF79-47E0-A558-C0B11F876B16}) (Version: 1.4.11.0 - Oracle Corporation) Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS (HKLM-x32\...\Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS) (Version: - ) NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org) NetCut 2.1.4 (HKLM-x32\...\NetCut_is1) (Version: - arcai.com) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team) ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) ON_OFF Charge 2 B13.1028.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Opera Stable 37.0.2178.43 (HKLM-x32\...\Opera 37.0.2178.43) (Version: 37.0.2178.43 - Opera Software) Oracle VM VirtualBox 5.0.14 (HKLM\...\{82022940-639B-48A3-86D9-B139864105F7}) (Version: 5.0.14 - Oracle Corporation) Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.0.2 - Panda Security) Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - ) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - ) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Performance Tools for Visual Studio 2015 RC (HKLM-x32\...\{9b2ef1d0-aac9-4f77-857f-f4f742e229c1}) (Version: 14.0.22823.1 - Microsoft Corporation) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek) Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - ) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games) RPG Maker VX Ace (HKLM-x32\...\RPGVXAce_E_is1) (Version: 1.02 - Enterbrain) RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain) SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association) SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology) Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) SharpDevelop 5.1 Beta 2 (HKLM-x32\...\{A26AC86C-AB1A-428F-BE13-B9C07852702D}) (Version: 5.1.5071 - ic#code) Sp5 (x32 Version: 5.1.4324.0 - Microsoft) Hidden Sp5Intl (x32 Version: 5.1.4324.0 - Microsoft) Hidden Sp5TTInt (x32 Version: 5.1.4324.0 - Microsoft) Hidden SpCommon (x32 Version: 5.1.4324.0 - Microsoft) Hidden SpPhones (x32 Version: 6.0.3122.0 - Microsoft) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Sylenth1 v2.20 (HKLM\...\Sylenth1_is1) (Version: - ) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector) UltraISO Premium V9.36 (HKLM-x32\...\UltraISO_is1) (Version: - ) Unity (HKLM-x32\...\Unity) (Version: 5.1.2f1 - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-787172512-2198361898-3063716444-1001\...\UnityWebPlayer) (Version: 5.3.1f1 - Unity Technologies ApS) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{9F6B3627-AF9E-40A5-AAD5-3497C4327616}) (Version: - Microsoft) Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony) Vegasaur 2.4 (HKLM\...\Vegasaur2_is1) (Version: - Vegasaur.com) VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0-6) (Version: 1.0.11.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.11.0 (Version: 1.0.11.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1-2) (Version: 1.0.3.1 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.3.1 (Version: 1.0.3.1 - LunarG, Inc.) Hidden WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden WhoCrashed 5.51 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.) WinDjView 2.0.2 (HKLM\...\WinDjView) (Version: 2.0.2 - Andrew Zhezherun) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinUSB Drivers x64 (HKLM\...\{D119FEAC-8CDD-40B6-BC1D-18F75492F559}) (Version: 2012.17.1.239 - Nokia) WordWeb (HKLM-x32\...\WordWeb) (Version: 7 - WordWeb Software) WWE 2K15 DLC Pack Addon (HKLM-x32\...\V1dFMksxNQ==_is1) (Version: 1 - ) XAMPP (HKLM-x32\...\xampp) (Version: 5.5.30-6 - Bitnami) Zombie Apocalypse for FPS Creator (HKLM-x32\...\{48DDD673-F87A-43E6-8A22-A1C0820E83B6}) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-787172512-2198361898-3063716444-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Anki\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {053A38B4-91A9-46BC-A061-19B17A00E517} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {1A07750B-3760-439F-9610-53AD3860D52E} - \klcp_update -> No File <==== ATTENTION Task: {1B975452-D045-4A01-A604-0E5E50234310} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-09] (Google Inc.) Task: {1D49A056-A8DC-47C9-8C09-E0FAB079B589} - System32\Tasks\Opera scheduled Autoupdate 1451459063 => C:\Program Files (x86)\Opera\launcher.exe [2016-05-09] (Opera Software) Task: {27DDCB83-892C-4B8B-A806-3707D68E4F0F} - System32\Tasks\Uninstaller_SkipUac_Ankit => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-10-20] (IObit) Task: {32F87703-4295-4D94-B7B6-DB37519526D9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {45F48E3F-4CC2-4732-88A3-E5A45EB3F34D} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [2015-08-20] (Oracle Corporation) Task: {63BB8D58-C72E-49CB-B8B6-334CFAA82D60} - \AdobeAAMUpdater-1.0-CTOS-Ankit -> No File <==== ATTENTION Task: {678D4D06-58B5-4CB3-9278-19AA55FE9392} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {6F27E80D-AA9F-4EEC-9861-23E5930E7659} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {7E56B2C9-A856-41B5-9242-9ABE8EDDB7F3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {83FDC1CE-468F-44BA-AAAC-859E8C0DEAA8} - System32\Tasks\2927a99a0bd0b025a611ec5b62b11ac1 => powershell.exe -NoProfile -NoLogo -NonInteractive -ExecutionPolicy Bypass -File C:\WINDOWS\2927a99a0bd0b025a611ec5b62b11ac1.ps1 Task: {84B5D9B6-162C-4EFD-A301-14994B01C5FB} - \Winupdate -> No File <==== ATTENTION Task: {867C494F-D0C2-4EB1-BE49-6B27930DCE80} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {8F31D882-FCC0-4197-B5D3-24A400A9ADBD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-02] (Piriform Ltd) Task: {94F48546-B24F-42D9-AAB6-B6F9DE51595C} - \EssentialUpdateMachine -> No File <==== ATTENTION Task: {9BB6DBF7-8BF9-455C-945D-951C63F95251} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-09] (Google Inc.) Task: {9DE21392-42F2-4AF0-9719-53D7550768E2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {A27A759F-BDA3-4771-ACB8-142588D71E03} - \AutoPico Daily Restart -> No File <==== ATTENTION Task: {A55FA50C-3EC8-4515-8D5C-C9227119FB78} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION Task: {A601A029-A252-4037-B8C6-9621E884EF48} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {A84C21AD-74BC-4965-AE1D-A38667052960} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {C3D650B8-C2D8-4F97-AF3C-331411BF16A6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {CA1F798E-146E-4C28-A68D-8B53C8BCCFA1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: {CF2F8C89-975A-4EAF-AEB9-E35131B56BFD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {D5062F40-4D99-4898-890A-F8B6B934B838} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {D826D514-FD75-4F07-B6EB-B11CB674C6B3} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-06-02] (Advanced Micro Devices, Inc.) Task: {DB26ECEC-4054-49B8-B61E-7181483E5D67} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {DDEE07E4-E0EC-41C1-9D63-EE722CD3EDD3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {DE514FC2-8B4D-4C9B-B656-A7DEEC9B7D09} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION Task: {E36653D2-2E63-4B3F-8F79-362E6315BC46} - \AdobeAAMUpdater-1.0-CTOS-Anki -> No File <==== ATTENTION Task: {F1F4865F-A909-467C-A4F8-EEE4ACC5B291} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION Task: {F80CC68E-B41C-4544-B5E7-D59FD107B07F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-14] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Ankit.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 12:48 - 2015-10-30 12:48 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-07-09 20:34 - 2012-01-07 16:16 - 00114688 _____ () C:\ProgramData\ChgService.exe 2016-06-10 09:19 - 2016-03-29 15:50 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-06-10 09:19 - 2016-03-29 15:50 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-06-09 15:19 - 2016-06-09 15:19 - 00959168 _____ () C:\Users\Anki\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2015-01-21 14:59 - 2015-01-21 14:59 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2016-06-09 17:49 - 2016-06-09 18:26 - 00118784 _____ () C:\ProgramData\Microsoft\Network\Dsq\browser\syshostctl.exe 2016-04-27 11:40 - 2016-04-27 11:40 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-06-10 09:19 - 2016-04-23 09:55 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-06-10 09:19 - 2016-04-23 09:32 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-06-10 09:19 - 2016-04-23 09:28 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-06-10 09:19 - 2016-04-23 09:28 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-06-10 09:19 - 2016-04-23 09:31 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll 2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2015-12-09 18:05 - 2015-09-21 10:49 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2013-04-12 22:53 - 2013-04-12 22:53 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll 2015-12-09 18:05 - 2015-09-21 10:49 - 00348960 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl 2015-12-09 18:05 - 2015-09-21 10:49 - 00183584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl 2015-12-09 18:05 - 2015-09-21 10:49 - 00050976 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl 2015-07-13 07:04 - 2014-01-03 19:45 - 02927360 _____ () C:\WINDOWS\wweb32.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences [0] AlternateDataStreams: C:\Users\Anki\AppData\Local\SIx442ci:PnbfvWGK6YONl62RE0FRtY7qe [2458] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKU\S-1-5-21-787172512-2198361898-3063716444-1001\Software\Classes\regfile: regedit.exe "%1" <===== ATTENTION ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-787172512-2198361898-3063716444-1001\...\skillport.com -> skillport.com IE trusted site: HKU\S-1-5-21-787172512-2198361898-3063716444-1001\...\skillwsa.com -> skillwsa.com ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 18:55 - 2016-06-09 17:45 - 00001474 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 ssl.bandisoft.com 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com\ 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-787172512-2198361898-3063716444-1001\Control Panel\Desktop\\Wallpaper -> c:\users\anki\appdata\roaming\microsoft\windows photo viewer\windows photo viewer wallpaper.jpg DNS Servers: 115.254.108.244 - 124.124.204.36 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "VIAxHCUtl" HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "SwitchBoard" HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE" HKU\S-1-5-21-787172512-2198361898-3063716444-1001\...\StartupApproved\StartupFolder: => "ati.EXE" HKU\S-1-5-21-787172512-2198361898-3063716444-1001\...\StartupApproved\Run: => "GameTracker" HKU\S-1-5-21-787172512-2198361898-3063716444-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-787172512-2198361898-3063716444-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-787172512-2198361898-3063716444-1001\...\StartupApproved\Run: => "Iksoft" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{2966266A-D6E5-4C66-A913-1C66AB66CE89}] => (Allow) LPort=1688 FirewallRules: [{7A6339D8-F86B-47BA-ACBE-28A4BBFD4A8A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{D5AB7C2F-8C6E-4134-AA40-3DBA24F14748}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [UDP Query User{BB12B989-ED0D-4437-BFFE-0CB79F74C861}C:\users\anki\downloads\programs\fg758p.exe] => (Allow) C:\users\anki\downloads\programs\fg758p.exe FirewallRules: [TCP Query User{6EC26A47-1575-442E-B987-181CA1D93D2D}C:\users\anki\downloads\programs\fg758p.exe] => (Allow) C:\users\anki\downloads\programs\fg758p.exe FirewallRules: [{AB3E0FA0-8562-4AE0-9390-0353285CE505}] => (Allow) C:\Program Files\AMI\DuOS\..\DuoVM\DuoVMHeadless.exe FirewallRules: [{2DDB5119-AA67-4492-87ED-0987B5F0166E}] => (Allow) C:\Program Files\AMI\DuOS\..\DuoVM\DuoVMHeadless.exe FirewallRules: [{CE835500-784C-47F3-9870-3B751780FC41}] => (Allow) C:\Program Files\AMI\DuOS\SensorService.exe FirewallRules: [{9FB34391-8B7E-4F7F-953A-C29C3C36C811}] => (Allow) C:\Program Files\AMI\DuOS\SensorService.exe FirewallRules: [{7AEF59F9-874D-426F-B765-4663331FFADE}] => (Allow) C:\Program Files\AMI\DuOS\CamProvider.exe FirewallRules: [{97392563-8CD5-49CD-8D1B-FCD0B1F505BC}] => (Allow) C:\Program Files\AMI\DuOS\CamProvider.exe FirewallRules: [{9E707F39-06C9-4A42-89DB-8025F398B3D5}] => (Allow) C:\Program Files\AMI\DuOS\locationservice.exe FirewallRules: [{A9D09F80-FB55-49C7-BFBC-EEB02B8B5339}] => (Allow) C:\Program Files\AMI\DuOS\locationservice.exe FirewallRules: [{3C6D3DAB-C8D2-4731-9829-741E9004F346}] => (Allow) C:\Program Files\AMI\DuOS\SysEvent.exe FirewallRules: [{0566EC9E-3710-4E9E-875B-CEB2BC8D269F}] => (Allow) C:\Program Files\AMI\DuOS\SysEvent.exe FirewallRules: [{274AC4BA-DB79-4896-88C2-A17C7BBA8B74}] => (Allow) C:\Program Files\AMI\DuOS\Dsync.exe FirewallRules: [{C309018A-3BB0-4E9A-BF59-DDE59E3113E0}] => (Allow) C:\Program Files\AMI\DuOS\Dsync.exe FirewallRules: [{DBEAA5E3-A78B-4C61-9948-D3A4DA48BE9F}] => (Allow) C:\Program Files\AMI\DuOS\Ubusd.exe FirewallRules: [{91DE9491-9C5C-437D-B871-F83E004B82DE}] => (Allow) C:\Program Files\AMI\DuOS\Ubusd.exe FirewallRules: [{9B9421E9-703B-4CC6-975D-415821DDBE46}] => (Allow) C:\Program Files\AMI\DuOS\DuOS.exe FirewallRules: [{254C62F1-130F-4E4E-B640-5D23EF62AD62}] => (Allow) C:\Program Files\AMI\DuOS\DuOS.exe FirewallRules: [UDP Query User{92610986-F08A-40A0-A5CE-F3CD3E0A5572}C:\program files\java\jdk1.8.0_05\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\java.exe FirewallRules: [TCP Query User{09FBD099-D9AA-476E-B10C-7117DC4B4300}C:\program files\java\jdk1.8.0_05\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\java.exe FirewallRules: [UDP Query User{A7007EB6-1B33-4ADB-BDA3-1EEE7FD210A5}C:\program files (x86)\brackets\node.exe] => (Block) C:\program files (x86)\brackets\node.exe FirewallRules: [TCP Query User{592D3EAA-35F2-4ECE-B335-41CE3BA04C37}C:\program files (x86)\brackets\node.exe] => (Block) C:\program files (x86)\brackets\node.exe FirewallRules: [UDP Query User{CCB0897B-ADA7-4E51-B6E5-35FF6F9A6A39}C:\xamppnew\mysql\bin\mysqld.exe] => (Allow) C:\xamppnew\mysql\bin\mysqld.exe FirewallRules: [TCP Query User{42EDDD81-253A-46D9-B833-FA76191DD0C0}C:\xamppnew\mysql\bin\mysqld.exe] => (Allow) C:\xamppnew\mysql\bin\mysqld.exe FirewallRules: [UDP Query User{17553EF1-F086-4283-A491-B0A7ECC16A34}C:\xamppnew\apache\bin\httpd.exe] => (Allow) C:\xamppnew\apache\bin\httpd.exe FirewallRules: [TCP Query User{6572C02B-9B9A-4B7C-993E-DF2A06A47E59}C:\xamppnew\apache\bin\httpd.exe] => (Allow) C:\xamppnew\apache\bin\httpd.exe FirewallRules: [UDP Query User{719EACD3-1423-4398-BB32-7BCBBA682500}I:\counter strike\hl.exe] => (Allow) I:\counter strike\hl.exe FirewallRules: [TCP Query User{218A2866-1685-4C89-B652-5B386E74DC77}I:\counter strike\hl.exe] => (Allow) I:\counter strike\hl.exe FirewallRules: [UDP Query User{ECBF4E16-B23E-4E33-A8AF-9CAFD9A5D1BF}F:\emulators\ppsspp\ppssppwindows64.exe] => (Allow) F:\emulators\ppsspp\ppssppwindows64.exe FirewallRules: [TCP Query User{2A8F859D-B3F0-4196-84A0-0B31D43D7CF7}F:\emulators\ppsspp\ppssppwindows64.exe] => (Allow) F:\emulators\ppsspp\ppssppwindows64.exe FirewallRules: [UDP Query User{4461FA9F-2396-42EB-8A01-036544B1231B}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Block) C:\program files\unity\monodevelop\bin\monodevelop.exe FirewallRules: [TCP Query User{2D0DEBFB-11E6-4E0A-B64B-47692FF2E053}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Block) C:\program files\unity\monodevelop\bin\monodevelop.exe FirewallRules: [UDP Query User{53164CDE-9E2A-4DF6-896B-A6C0C1416D4B}F:\emulators\citra\citra-qt.exe] => (Allow) F:\emulators\citra\citra-qt.exe FirewallRules: [TCP Query User{D98A4AF0-E20A-4BA4-9D47-3B5405029AEB}F:\emulators\citra\citra-qt.exe] => (Allow) F:\emulators\citra\citra-qt.exe FirewallRules: [UDP Query User{9D2AFC15-746D-441F-AFE8-7893B525D1EC}E:\cryptchat.exe] => (Allow) E:\cryptchat.exe FirewallRules: [TCP Query User{231FD189-D695-493F-9FEB-9BAAA79C8349}E:\cryptchat.exe] => (Allow) E:\cryptchat.exe FirewallRules: [UDP Query User{20F43491-F4F2-4B13-A5C4-76E511393E7E}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe FirewallRules: [TCP Query User{591D486F-6B57-4246-9654-3C680FE9EBFE}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe FirewallRules: [UDP Query User{464BE571-5E8C-4C62-A91B-4E584361E826}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe FirewallRules: [TCP Query User{2D09510C-A8C9-436E-AA61-90E948B38DDE}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe FirewallRules: [{CA66578A-CFAC-4A4C-A586-CBFB45BA15B4}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{259067BF-D609-4209-9BC0-15E12FADA9D1}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{6C5F17AB-039A-4225-BDDB-442A422464C7}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{652875E7-0715-477B-9768-3956A0532973}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{FB2A53AF-18C4-46B5-962A-6BCEB3ACC65C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{6959F83C-52DB-4CDD-BE3F-D6F10213B2D9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{D26BFA15-F13A-49E6-9879-9FF786F1BDC4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{B1CB9563-96A9-44DD-81AF-3AF925E5E1E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{EE8E7F9B-2D6B-4503-9F51-16C32B32B2BD}] => (Allow) I:\KMSpico\KMSELDI.exe FirewallRules: [{67A21785-F7C3-484D-8B40-80CB6573AF64}] => (Allow) I:\KMSpico\KMSELDI.exe FirewallRules: [{9E041178-D84B-4C08-A799-6ABAA77C9D95}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{31DDA690-4DD6-43C7-AAF4-216DDEF23823}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D58E76A8-A6B9-4106-B663-9C58B948FDD2}] => (Allow) C:\Users\Anki\AppData\Roaming\Andy_45_Online\Setup.exe FirewallRules: [{5B8002E6-462B-468D-A712-53589E72243E}] => (Allow) C:\Users\Anki\AppData\Roaming\Andy_45_Online\Setup.exe FirewallRules: [UDP Query User{7CCE0475-3516-4198-A833-8CAE27A9FF63}C:\users\anki\documents\visual studio 2012\projects\cryptchat\cryptchat\bin\debug\cryptchat.vshost.exe] => (Allow) C:\users\anki\documents\visual studio 2012\projects\cryptchat\cryptchat\bin\debug\cryptchat.vshost.exe FirewallRules: [TCP Query User{2D6845FC-EBFA-4D20-80AF-ED6347AC6935}C:\users\anki\documents\visual studio 2012\projects\cryptchat\cryptchat\bin\debug\cryptchat.vshost.exe] => (Allow) C:\users\anki\documents\visual studio 2012\projects\cryptchat\cryptchat\bin\debug\cryptchat.vshost.exe FirewallRules: [UDP Query User{746F56A1-3948-4534-A260-31D39B580322}C:\users\anki\documents\visual studio 2012\projects\cryptchat\cryptchat\bin\debug\cryptchat.exe] => (Allow) C:\users\anki\documents\visual studio 2012\projects\cryptchat\cryptchat\bin\debug\cryptchat.exe FirewallRules: [TCP Query User{01D928E3-990D-4128-9CA7-4407B8C90C03}C:\users\anki\documents\visual studio 2012\projects\cryptchat\cryptchat\bin\debug\cryptchat.exe] => (Allow) C:\users\anki\documents\visual studio 2012\projects\cryptchat\cryptchat\bin\debug\cryptchat.exe FirewallRules: [UDP Query User{6DE71068-D211-4E73-A3A4-84DE24858BC3}C:\users\anki\documents\visual studio 2012\projects\chat app\chat app\bin\debug\chat app.vshost.exe] => (Allow) C:\users\anki\documents\visual studio 2012\projects\chat app\chat app\bin\debug\chat app.vshost.exe FirewallRules: [TCP Query User{11EBA2FF-EB9E-47C2-8F01-D3D9EA98B33D}C:\users\anki\documents\visual studio 2012\projects\chat app\chat app\bin\debug\chat app.vshost.exe] => (Allow) C:\users\anki\documents\visual studio 2012\projects\chat app\chat app\bin\debug\chat app.vshost.exe FirewallRules: [UDP Query User{B3FEF6D2-13B7-49A1-8E5E-3AB63191DCC3}F:\games\wwe 2k15\wwe2k15_x64.exe] => (Allow) F:\games\wwe 2k15\wwe2k15_x64.exe FirewallRules: [TCP Query User{3122D48E-8DA0-4377-8442-42DAB2726FE9}F:\games\wwe 2k15\wwe2k15_x64.exe] => (Allow) F:\games\wwe 2k15\wwe2k15_x64.exe FirewallRules: [UDP Query User{6CDBB3F6-082E-4C93-9103-87106E906585}C:\users\anki\documents\visual studio 2012\projects\chat app\chat app\bin\debug\chat app.exe] => (Allow) C:\users\anki\documents\visual studio 2012\projects\chat app\chat app\bin\debug\chat app.exe FirewallRules: [TCP Query User{47F65264-BF41-45D5-B8C0-75D1929891B0}C:\users\anki\documents\visual studio 2012\projects\chat app\chat app\bin\debug\chat app.exe] => (Allow) C:\users\anki\documents\visual studio 2012\projects\chat app\chat app\bin\debug\chat app.exe FirewallRules: [UDP Query User{7275EA9D-200D-4629-986E-ABD3F34E3832}C:\users\anki\documents\visual studio 2012\projects\servertcp\servertcp\bin\debug\servertcp.exe] => (Allow) C:\users\anki\documents\visual studio 2012\projects\servertcp\servertcp\bin\debug\servertcp.exe FirewallRules: [TCP Query User{61C001B8-E221-403F-9C7C-BADA1B33C088}C:\users\anki\documents\visual studio 2012\projects\servertcp\servertcp\bin\debug\servertcp.exe] => (Allow) C:\users\anki\documents\visual studio 2012\projects\servertcp\servertcp\bin\debug\servertcp.exe FirewallRules: [UDP Query User{276308BD-CF13-4848-9004-2ECBEE009D94}C:\users\anki\documents\visual studio 2012\projects\servertcp\servertcp\bin\debug\servertcp.vshost.exe] => (Allow) C:\users\anki\documents\visual studio 2012\projects\servertcp\servertcp\bin\debug\servertcp.vshost.exe FirewallRules: [TCP Query User{9CB7E0F5-74B0-4987-A1B1-EA1C1A46C0FF}C:\users\anki\documents\visual studio 2012\projects\servertcp\servertcp\bin\debug\servertcp.vshost.exe] => (Allow) C:\users\anki\documents\visual studio 2012\projects\servertcp\servertcp\bin\debug\servertcp.vshost.exe FirewallRules: [UDP Query User{A096FC20-C6FB-4881-8AC7-7A77191A03E2}C:\users\anki\documents\visual studio 2012\projects\networking\networking\bin\debug\networking.exe] => (Allow) C:\users\anki\documents\visual studio 2012\projects\networking\networking\bin\debug\networking.exe FirewallRules: [TCP Query User{0E8619F3-9D8D-4423-950C-B87F73738631}C:\users\anki\documents\visual studio 2012\projects\networking\networking\bin\debug\networking.exe] => (Allow) C:\users\anki\documents\visual studio 2012\projects\networking\networking\bin\debug\networking.exe FirewallRules: [UDP Query User{6187D56F-D226-4215-A1E7-D491CB339B24}C:\users\anki\documents\visual studio 2012\projects\networking\networking\bin\debug\networking.vshost.exe] => (Allow) C:\users\anki\documents\visual studio 2012\projects\networking\networking\bin\debug\networking.vshost.exe FirewallRules: [TCP Query User{58B99496-E807-4D97-8B4C-A5988415B5FC}C:\users\anki\documents\visual studio 2012\projects\networking\networking\bin\debug\networking.vshost.exe] => (Allow) C:\users\anki\documents\visual studio 2012\projects\networking\networking\bin\debug\networking.vshost.exe FirewallRules: [UDP Query User{1330CCC0-F0EC-46BA-9B04-25F2D84582A1}F:\games\cs 1.6\hlds.exe] => (Allow) F:\games\cs 1.6\hlds.exe FirewallRules: [TCP Query User{82829C71-AD24-4356-8EB2-D9346B546AA5}F:\games\cs 1.6\hlds.exe] => (Allow) F:\games\cs 1.6\hlds.exe FirewallRules: [UDP Query User{30C6D008-C2A0-458B-8864-684BC562C562}F:\games\cs 1.6\hl.exe] => (Allow) F:\games\cs 1.6\hl.exe FirewallRules: [TCP Query User{FAA08F25-E561-4320-A3A9-4EF771DAB162}F:\games\cs 1.6\hl.exe] => (Allow) F:\games\cs 1.6\hl.exe FirewallRules: [{09C64B2F-C30A-4BE4-B6E5-6F34E135B798}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe FirewallRules: [UDP Query User{A773E7F9-4045-4EBF-B44B-B803A382C190}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe FirewallRules: [TCP Query User{B1D0145D-61ED-4692-892C-F64D587AE3DD}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe FirewallRules: [UDP Query User{B64332F0-508F-4F52-9B48-6DC8176B5C31}F:\games\grand theft auto v\gta5.exe] => (Allow) F:\games\grand theft auto v\gta5.exe FirewallRules: [TCP Query User{5964F9E6-A2F8-42F3-88B3-84EF50131ADB}F:\games\grand theft auto v\gta5.exe] => (Allow) F:\games\grand theft auto v\gta5.exe FirewallRules: [{677622AC-BB41-4685-BF09-2291D699C3FC}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe FirewallRules: [{B2BE1719-02B9-444D-AF5E-40CDDAA8D407}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe FirewallRules: [UDP Query User{A55FB0E9-784C-4AC4-80D5-94BEB13BAD9B}C:\program files (x86)\ipmsg\ipmsg.exe] => (Allow) C:\program files (x86)\ipmsg\ipmsg.exe FirewallRules: [TCP Query User{2365A2A0-0B2C-4172-BC36-091B5926C66A}C:\program files (x86)\ipmsg\ipmsg.exe] => (Allow) C:\program files (x86)\ipmsg\ipmsg.exe FirewallRules: [{983FF4B4-4E66-40EE-9CB3-DDD6DBDE2890}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{7B09A95E-AA43-40BC-B519-D37D12A8035C}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [UDP Query User{0DC0149A-9580-42B5-A89B-03D1C36BCE9A}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe FirewallRules: [TCP Query User{F71CCFC6-62FD-488D-BA57-379E45B6E6E2}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe FirewallRules: [{E9A81107-77E2-4A8C-B701-C815A9AA9239}] => (Allow) LPort=1900 FirewallRules: [{9E21124E-6F8E-4983-BCCD-C83DF1F2294C}] => (Allow) LPort=2869 FirewallRules: [{5CF67A1E-982A-4089-A750-CAA173C17760}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [UDP Query User{69F98936-A3A8-46DE-9A90-B89F9D1DE4B1}F:\games\counter-strike global offensive\csgo.exe] => (Allow) F:\games\counter-strike global offensive\csgo.exe FirewallRules: [TCP Query User{24F8EA27-5ACE-41F4-B6BE-F1413B6BE9B6}F:\games\counter-strike global offensive\csgo.exe] => (Allow) F:\games\counter-strike global offensive\csgo.exe FirewallRules: [{A002B954-3BE5-40BB-88EC-FC060B519D9F}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{AB266D2F-78C2-4DA8-B3F3-921C79553D6A}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [UDP Query User{CA4C13BC-7FF4-4E9C-AD57-4C5D835E4A2F}D:\microsoft office 2013 professional plus activation crack\microsoft toolkit 2.4.5.exe] => (Allow) D:\microsoft office 2013 professional plus activation crack\microsoft toolkit 2.4.5.exe FirewallRules: [TCP Query User{0350702B-C224-4038-800E-D316B0F1587C}D:\microsoft office 2013 professional plus activation crack\microsoft toolkit 2.4.5.exe] => (Allow) D:\microsoft office 2013 professional plus activation crack\microsoft toolkit 2.4.5.exe FirewallRules: [{CA34D32F-4F88-4009-B130-2E92A32423B2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{53241C3D-2330-4329-96AE-52CDFFEADF88}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{EA8B8701-80BA-4283-87F2-C43BECB7F26F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{4E4DF0EE-365D-47F1-83CC-5BB9CDDDA831}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{6F4E819D-32A1-4165-9AE4-818EFE3DED36}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{ADA9E16D-ED4B-4F88-85FD-A0591F11DA32}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{853FF893-92E4-4148-A3F7-E4CE95703612}] => (Allow) C:\Users\Anki\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2F4ECC78-EB2D-4D5F-8829-C96EAAB2F21B}] => (Allow) C:\Users\Anki\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{63A537DA-61AE-4555-AABB-2C5D10C43829}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{776308C2-09C1-4255-88EE-BC3600686488}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe ==================== Restore Points ========================= 09-06-2016 16:57:40 Installed Realtek High Definition Audio Driver ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/10/2016 12:59:07 PM) (Source: ATIeRecord) (EventID: 16387) (User: ) Description: ATI EEU Service event error Error: (06/10/2016 12:38:08 PM) (Source: ATIeRecord) (EventID: 16387) (User: ) Description: ATI EEU Service event error Error: (06/10/2016 12:20:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: plugin-container.exe, version: 47.0.0.5999, time stamp: 0x5753660e Faulting module name: mozglue.dll, version: 47.0.0.5999, time stamp: 0x57535438 Exception code: 0x80000003 Fault offset: 0x0000f3ad Faulting process id: 0xef8 Faulting application start time: 0xplugin-container.exe0 Faulting application path: plugin-container.exe1 Faulting module path: plugin-container.exe2 Report Id: plugin-container.exe3 Faulting package full name: plugin-container.exe4 Faulting package-relative application ID: plugin-container.exe5 Error: (06/10/2016 11:52:21 AM) (Source: ATIeRecord) (EventID: 16388) (User: ) Description: ATI EEU Client event error Error: (06/10/2016 11:42:26 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: GoogleInputHandler.exe, version: 1.1.3.18, time stamp: 0x50757732 Faulting module name: GoogleInputHandler.exe, version: 1.1.3.18, time stamp: 0x50757732 Exception code: 0xc0000005 Fault offset: 0x000684bf Faulting process id: 0xa10 Faulting application start time: 0xGoogleInputHandler.exe0 Faulting application path: GoogleInputHandler.exe1 Faulting module path: GoogleInputHandler.exe2 Report Id: GoogleInputHandler.exe3 Faulting package full name: GoogleInputHandler.exe4 Faulting package-relative application ID: GoogleInputHandler.exe5 Error: (06/10/2016 11:42:24 AM) (Source: ATIeRecord) (EventID: 16387) (User: ) Description: ATI EEU Service event error Error: (06/10/2016 06:40:02 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: ) Description: Acquisition of End User License failed. hr=0xC004C003 Sku Id=49cd895b-53b2-4dc4-a5f7-b18aa019ad37 Error: (06/10/2016 06:40:02 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: ) Description: License acquisition failure details. hr=0xC004C003 Error: (06/09/2016 07:58:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Explorer.EXE, version: 10.0.10586.104, time stamp: 0x56aaffa0 Faulting module name: GoogleInputTools.ime, version: 1.1.3.18, time stamp: 0x507579c2 Exception code: 0xc0000005 Fault offset: 0x000000000008a723 Faulting process id: 0x122c Faulting application start time: 0xExplorer.EXE0 Faulting application path: Explorer.EXE1 Faulting module path: Explorer.EXE2 Report Id: Explorer.EXE3 Faulting package full name: Explorer.EXE4 Faulting package-relative application ID: Explorer.EXE5 Error: (06/09/2016 07:12:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: PSUAMain.exe, version: 4.0.0.646, time stamp: 0x56291049 Faulting module name: CC3290MT.DLL, version: 9.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x0005d522 Faulting process id: 0x1a1c Faulting application start time: 0xPSUAMain.exe0 Faulting application path: PSUAMain.exe1 Faulting module path: PSUAMain.exe2 Report Id: PSUAMain.exe3 Faulting package full name: PSUAMain.exe4 Faulting package-relative application ID: PSUAMain.exe5 System errors: ============= Error: (06/10/2016 01:02:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Ziwecultkorus Host service failed to start due to the following error: %%2 Error: (06/10/2016 01:00:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Service KMSELDI service failed to start due to the following error: %%1053 Error: (06/10/2016 01:00:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Service KMSELDI service to connect. Error: (06/10/2016 01:00:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The SkypeUpdateEx service failed to start due to the following error: %%1053 Error: (06/10/2016 01:00:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the SkypeUpdateEx service to connect. Error: (06/10/2016 01:00:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Autodesk Content Service service failed to start due to the following error: %%1053 Error: (06/10/2016 01:00:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Autodesk Content Service service to connect. Error: (06/10/2016 12:59:47 PM) (Source: sptd) (EventID: 4) (User: ) Description: Driver detected an internal error in its data structures for . Error: (06/10/2016 12:59:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_3f00d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (06/10/2016 12:59:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_3f00d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. CodeIntegrity: =================================== Date: 2016-06-10 11:52:05.808 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-10 11:21:26.315 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-10 11:21:25.054 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-09 15:08:09.098 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-09 15:04:28.635 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-09 14:44:10.913 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD FX(tm)-6300 Six-Core Processor Percentage of memory in use: 28% Total physical RAM: 8173.55 MB Available physical RAM: 5861.04 MB Total Virtual: 9453.55 MB Available Virtual: 6851.23 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:194.97 GB) (Free:41.83 GB) NTFS Drive e: () (Fixed) (Total:195.31 GB) (Free:183.7 GB) NTFS Drive f: () (Fixed) (Total:540.89 GB) (Free:274.84 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E54F4675) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================