Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016 Ran by Chewy (2016-07-04 21:43:21) Running from C:\Users\Chewy\Downloads Windows 10 Home Version 1511 (X64) (2016-01-04 11:07:30) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1551321902-3525539811-1481564533-500 - Administrator - Disabled) Chewy (S-1-5-21-1551321902-3525539811-1481564533-1002 - Administrator - Enabled) => C:\Users\Chewy DefaultAccount (S-1-5-21-1551321902-3525539811-1481564533-503 - Limited - Disabled) Guest (S-1-5-21-1551321902-3525539811-1481564533-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1551321902-3525539811-1481564533-1106 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.) 7-Zip 15.14 (HKLM-x32\...\{23170F69-40C1-2701-1514-000001000000}) (Version: 15.14.00.0 - Igor Pavlov) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated) Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.8.142.61628 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 3.8.142.61628 - Alcor Micro Corp.) Hidden Amazon 1Button App (x32 Version: 2.3.4 - Amazon) Hidden <==== ATTENTION Amazon Assistant (HKLM-x32\...\Amazon Assistant) (Version: 2.3.4 - Amazon) <==== ATTENTION AOMEI Partition Assistant Lite Edition 6.0 (HKLM-x32\...\{02F850ED-FD1E-4ED1-BE0B-5498165BF305}_is1) (Version: - AOMEI Technology Co., Ltd.) Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS) ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS) ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.020 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0005 - ASUS) ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS) ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0026 - ASUS) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.95.29 - Broadcom Corporation) Brother MFL-Pro Suite MFC-J450DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform) CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.) Critter Crunch (HKLM-x32\...\Steam App 61730) (Version: - Capybara Games) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) Dropbox (HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\Dropbox) (Version: 5.4.24 - Dropbox, Inc.) ELAN Touchpad 11.5.19.2_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.19.2 - ELAN Microelectronic Corp.) Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated) Fitbit Connect (HKLM-x32\...\{F76678F2-2FF6-40D7-9B16-A39B0A820ED2}) (Version: 1.0.3.5512 - Fitbit Inc.) Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden GDR 4033 for SQL Server 2008 R2 (KB2977320) (64-bit) (HKLM\...\KB2977320) (Version: 10.52.4033.0 - Microsoft Corporation) GDR 4042 for SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.) Google Chrome Canary (HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\Google Chrome SxS) (Version: 54.0.2787.0 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation) LEGO MINDSTORMS EV3 (HKLM-x32\...\LEGO_SW.{5B0CB826-E499-4E6B-94F0-75B6327ED934}) (Version: 1.0.0 - The LEGO Group) LEGO MINDSTORMS EV3 Home Content (x32 Version: 1.1.50 - The LEGO Group) Hidden LEGO MINDSTORMS EV3 Home Edition (x32 Version: 1.1.50 - The LEGO Group) Hidden LEGO MINDSTORMS EV3 Home English Support (x32 Version: 1.1.50 - The LEGO Group) Hidden LEGO MINDSTORMS EV3 Uninstaller (x32 Version: 1.0.11 - The LEGO Group) Hidden LEGO MINDSTORMS NXT x64 Driver (HKLM\...\{A0831C28-A6FA-49A3-86AE-B5AE3C9EE19C}) (Version: 1.20.115.0 - LEGO) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft SQL Server 2000 Sample Database Scripts (HKLM-x32\...\{ABB6AC00-F1D8-4EBF-8128-830D090B76C0}) (Version: 1.0.0 - Microsoft) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{B2213E4E-F502-4D36-BE95-9293C866EF3F}) (Version: 10.52.4042.0 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Setup (English) (HKLM\...\{5DDC2234-4B37-45BC-AD33-41F1469B4D83}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.0.2100.60 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team) MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS) NI .NET Framework 4 (x32 Version: 4.00.49152 - National Instruments) Hidden NI EulaDepot (x32 Version: 3.20.363 - National Instruments) Hidden NI MDF Support (x32 Version: 3.20.363 - National Instruments) Hidden NI Security Update (KB 67L8LCQW) (64-bit) (Version: 1.0.29.0 - National Instruments) Hidden NI Security Update (KB 67L8LCQW) (x32 Version: 1.0.29.0 - National Instruments) Hidden NI Uninstaller (x32 Version: 3.20.363 - National Instruments) Hidden NI VC2008MSMs x64 (Version: 9.0.401 - National Instruments) Hidden NI VC2008MSMs x86 (x32 Version: 9.0.401 - National Instruments) Hidden NVIDIA 3D Vision Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation) NVIDIA Graphics Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation) NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge) Photobook Designer (HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\Photobook Designer) (Version: Photobook Designer 2015.2.0 - Photobook Worldwide) PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd) PyQt GPL v4.8.1 for Python v2.7 (HKLM-x32\...\PyQt GPL v4.8.1 for Python v2.7) (Version: 4.8.1-1 - ) Python 2.7 networkx-1.6 (HKLM-x32\...\networkx-py2.7) (Version: - ) Python 2.7 numpy-1.5.1 (HKLM-x32\...\numpy-py2.7) (Version: - ) Python 2.7 PIL-1.1.7 (HKLM-x32\...\PIL-py2.7) (Version: - ) Python 2.7 PyQt4.Qwt5-5.2.1 (HKLM-x32\...\PyQt4.Qwt5-py2.7) (Version: - ) Python 2.7 pywin32-214 (HKLM-x32\...\pywin32-py2.7) (Version: - ) Python 2.7 scipy-0.9.0 (HKLM-x32\...\scipy-py2.7) (Version: - ) Python 2.7 setuptools-0.6c11 (HKLM-x32\...\setuptools-py2.7) (Version: - ) Python 2.7.2 (HKLM-x32\...\{2E295B5B-1AD4-4d36-97C2-A316084722CF}) (Version: 2.7.2150 - Python Software Foundation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.) SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Management Studio (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Tongbu Assistant 2.1.0.1 (HKLM-x32\...\Tongbu2) (Version: 2.1.0.1 - Xiamen Tongbu Network Ltd.) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.4900 - Broadcom Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS) WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft) XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games) 影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden 微软设备健康助手 (HKLM-x32\...\{2EAC4B0F-6E44-4FF6-AA5E-5D100F2BAA59}) (Version: 1.5.3.1 - Microsoft Corporation) 搜狗拼音输入法 7.9正式版 (HKLM-x32\...\Sogou Input) (Version: 7.9.0.7504 - Sogou.com) 支付宝安全控件 5.3.0.3807 (HKLM-x32\...\alieditplus) (Version: 5.3.0.3807 - Alipay.com Co., Ltd.) 照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden 酷狗音乐 (HKLM-x32\...\酷狗音乐) (Version: 8.0.31.18500 - 酷狗音乐) 阿里旺旺2015Beta1 (HKLM-x32\...\阿里旺旺2015Beta1) (Version: - 阿里巴巴(中国)有限公司) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Chewy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Chewy\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B}\InprocServer32 -> C:\Program Files (x86)\AliWangWang\8.10.25C\AliIMX_64.dll (Alibaba software (Shanghai) Corporation.) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Chewy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Chewy\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Chewy\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chewy\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chewy\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chewy\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chewy\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chewy\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chewy\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chewy\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chewy\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Chewy\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {000E0CD8-C7E5-4BBE-9BBE-DD4E37265873} - System32\Tasks\Funshion\FsLibraryLogonUpdate => C:\Program Files (x86)\Funshion Online\3.0.3.68\FsLibrary.exe Task: {02DE772F-8A61-47D1-88D4-5ACDE2795503} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {0BC2CC55-7F12-4BA9-A877-BA66CCFD4522} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-02] (AVAST Software) Task: {0C15B018-80F9-4F56-887D-5C61EFBEDD00} - System32\Tasks\微软设备健康助手自动更新 => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exe [2015-01-30] (Microsoft Corporation) Task: {0E601C66-1674-449D-A231-1B4FC53A58BE} - System32\Tasks\SogouImeMgr => C:\Program Files (x86)\SogouInput\SogouExe\SogouExe.exe [2016-02-29] (Sogou.com Inc.) Task: {1C624D4B-1F15-4957-B136-5256D9ECDD26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1551321902-3525539811-1481564533-1002UA => C:\Users\Chewy\AppData\Local\Google\Update\GoogleUpdate.exe [2016-06-25] (Google Inc.) Task: {2D1F8B05-087B-4C44-8CFB-93FDE34BD5DA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {2FAC6CCE-28FA-4191-98B5-8C9FEE204E03} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {38FAA7B3-A6AB-4B8D-B108-DC356924C1B8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.) Task: {3FD47B0F-3751-46EA-8ACB-579099A0EC06} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1551321902-3525539811-1481564533-1002UA => C:\Users\Chewy\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-15] (Dropbox, Inc.) Task: {44AF3DEA-7F81-4060-9475-FDDE38C9691A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {46F3E572-F144-4F36-9CDF-EF08EB0A123E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.) Task: {4CFA3615-F185-4D1D-B65A-C135E73CCAF8} - System32\Tasks\微软设备健康助手开机检测 => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exe [2015-01-30] (Microsoft Corporation) Task: {5749D5F5-D295-4F68-AB76-FF7DC3929396} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe Task: {5AF765C8-A924-4B34-A384-9BC874DC0A0C} - System32\Tasks\AliUpdater{1507325E-D5F9-4CDE-B33F-B31F893ADFE7} => C:\Program Files (x86)\AliWangWang\AliTask.exe [2016-06-23] (Alibaba software (Shanghai) Corporation.) Task: {60995033-6425-4B06-AF96-8D4359B0DA0C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {6352EC5F-6588-40E6-81B2-D15469D4243F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {6C048400-75C8-469E-8FB5-787F2DEF0D87} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {6ED33819-E38D-4027-A66E-F74C05D99B0F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {745F3AF7-5184-4C3C-A118-D7EE20410121} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.) Task: {78D65D96-9B0E-4BA2-BF12-4AB6D0154D3E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {804D5C3A-D114-439F-91C4-0B43AEE68717} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {82655C6A-F88F-486C-865D-16DBBD32873A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1551321902-3525539811-1481564533-1002Core => C:\Users\Chewy\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-15] (Dropbox, Inc.) Task: {84C7AAF5-1F23-4645-AD0B-ADB47C719313} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.) Task: {8998DDBB-A27E-457B-85B7-EE58F5188A98} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {8DE28117-76B3-4D7D-9DE9-DEC2E40599A2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-17] (Microsoft Corporation) Task: {90285DFD-BE45-41C3-9C81-296FC6E2797F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {9E330856-D153-4AD1-A5FA-D131AE76896D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {9E943153-1999-4D1F-9A26-5850568417E6} - System32\Tasks\DistromaticUpdater-periodic => C:\Program Files (x86)\Amazon Browser Settings\updater.exe [2016-04-03] (Distromatic) <==== ATTENTION Task: {9FA8A741-EFD2-468E-B127-3ACE8D5AEC22} - System32\Tasks\DistromaticSearchProtect-logon => C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe [2016-04-03] (Distromatic) <==== ATTENTION Task: {A5F731A4-1B28-4CEC-BDC0-DD6D1DA6C54B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {A8B5112D-3309-484D-8E9B-B18667D25623} - System32\Tasks\DistromaticSearchProtect-hourly => C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe [2016-04-03] (Distromatic) <==== ATTENTION Task: {AD7BECCE-0C7F-4858-A1F0-882EE74950F4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd) Task: {B92BCB21-B848-49AE-A594-88C74C4FEA66} - System32\Tasks\Funshion\FsLibraryDailyUpdate => C:\Program Files (x86)\Funshion Online\3.0.3.68\FsLibrary.exe Task: {BBA41980-2D27-48BC-9042-A4A963705673} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {BC778488-C85D-4920-8570-07F0C36C86FE} - System32\Tasks\DistromaticUpdater-logon => C:\Program Files (x86)\Amazon Browser Settings\updater.exe [2016-04-03] (Distromatic) <==== ATTENTION Task: {C32F2148-AB9F-4D8B-8E38-C8364FC81517} - System32\Tasks\Yahoo! Powered mirer => Wscript.exe "C:\ProgramData\{CC150976-4657-83B0-C091-1DF25AD3963C}\cimo.txt" "687474703a2f2f7761676e672e636f6d" "433a5c50726f6772616d446174615c7b43433135303937362d343635372d383342302d433039312d3144463235414433393633437d5c6c6f6e656c69" "433a5c50726f6772616d446174615c7b43433135303937362d343635372d383342302d433039 (the data entry has 78 more characters). Task: {C72962A8-D1EB-4306-8FAE-58E03106B816} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {D7EB2E39-0AEB-4685-B68E-8F1F185D42B2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {DB625A58-1026-4530-9253-A4F9181A84A4} - System32\Tasks\{33ACF9EE-FBBA-4BEF-A12A-2981D1BD5E7F} => pcalua.exe -a C:\Users\Chewy\AppData\Local\{A557930B-81FF-FFB3-EC67-DA5BC80F26C3}\uninst.exe -d C:\Windows\ImmersiveControlPanel -c -FN="C:\Users\Chewy\AppData\Roaming\{A50A93B1-8058-FEC7-EB6E-D91537BC242B}\HelperUpdate.exe"-P=/Uninstall /s /noun /DelSelfDir Task: {E2118C39-0FA1-4A13-AF79-9EDE9CB894FE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: {E263ACB4-97B2-4A81-9E7E-BB50F2DFAC53} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.) Task: {E8327778-A2F2-4C33-AC6D-4F7337303FDE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1551321902-3525539811-1481564533-1002Core => C:\Users\Chewy\AppData\Local\Google\Update\GoogleUpdate.exe [2016-06-25] (Google Inc.) Task: {ED9A19C0-83CF-4FBB-BF9C-0A2F0766D87D} - System32\Tasks\微软设备健康助手设备检查 => C:\Program Files (x86)\Microsoft Device Health\PluginManager\DhPluginMgrScheduler.exe [2015-01-30] (Microsoft Corporation) Task: {EE917874-6B45-4FEA-B52D-F864CB961F1C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {EF2F2B08-C4B6-47D8-BA2D-E1E7E1776F1A} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS) Task: {F2BA3728-4B3F-4303-A112-EE88789DE8D1} - System32\Tasks\SafeZone scheduled Autoupdate 1458688531 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software) Task: {FBD26C55-0FBA-4AB0-A15D-B3C3018B3EB6} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2014-01-29] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\AliUpdater{1507325E-D5F9-4CDE-B33F-B31F893ADFE7}.job => C:\Program Files (x86)\AliWangWang\AliTask.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1551321902-3525539811-1481564533-1002Core.job => C:\Users\Chewy\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1551321902-3525539811-1481564533-1002UA.job => C:\Users\Chewy\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1551321902-3525539811-1481564533-1002Core.job => C:\Users\Chewy\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1551321902-3525539811-1481564533-1002UA.job => C:\Users\Chewy\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Yahoo! Powered mirer.job => C:\ProgramData\{CC150976-4657-83B0-C091-1DF25AD3963C}\cimo.txt <==== ATTENTION Task: C:\WINDOWS\Tasks\微软设备健康助手开机检测.job => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exe /EnableDHWORKGROUP\CHE$H此任务用于微软设备健康助手的状态检测和自我修复。了解更多,请查阅hxxp:/support.microsoft.com Task: C:\WINDOWS\Tasks\微软设备健康助手自动更新.job => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exeWORKGROUP\CHE$Z此服务属于微软设备健康助手,用于获取最新的版本,有助于提高设备健康度及保障支付安全。了解更多,请查阅hxxp:/support.microsoft.com Task: C:\WINDOWS\Tasks\微软设备健康助手设备检查.job => C:\Program Files (x86)\Microsoft Device Health\PluginManager\DhPluginMgrScheduler.exeWORKGROUP\CHE$C此任务用于微软设备健康助手的设备检查。了解更多,请查阅hxxp:/support.microsoft.com ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-01-04 00:12 - 2015-07-13 13:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2011-01-27 08:32 - 2011-01-27 08:32 - 00027648 _____ () C:\WINDOWS\System32\ssb7mlm.dll 2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-06-23 21:54 - 2016-06-14 16:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-06-23 21:54 - 2016-06-14 16:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-06-23 21:54 - 2016-06-14 16:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-06-23 21:54 - 2016-06-14 16:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-06-23 21:54 - 2016-06-14 16:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-06-23 21:54 - 2016-06-14 16:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-06-23 21:54 - 2016-06-14 16:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-06-23 21:54 - 2016-06-14 16:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2016-06-23 21:54 - 2016-06-14 16:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2016-06-23 21:54 - 2016-06-14 16:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-04-12 15:32 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2012-08-24 21:26 - 2012-08-24 21:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2016-04-12 15:32 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-09-11 20:02 - 2015-09-11 20:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2016-05-23 17:44 - 2016-05-23 17:44 - 00959168 _____ () C:\Users\Chewy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2015-09-15 14:58 - 2015-09-15 14:58 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2016-06-17 21:45 - 2016-05-27 23:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-04-18 19:08 - 2016-04-18 19:08 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-01-04 02:54 - 2016-01-04 02:54 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-10 21:47 - 2016-04-23 00:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-06-17 21:45 - 2016-05-27 23:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-06-17 21:45 - 2016-05-27 23:55 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-06-17 21:45 - 2016-05-27 23:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-06-17 21:45 - 2016-05-27 23:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-07-02 19:11 - 2016-07-02 19:11 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-07-04 20:19 - 2016-07-04 20:19 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16070401\algo.dll 2016-07-02 19:11 - 2016-07-02 19:11 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-07-03 20:28 - 2016-01-22 05:45 - 00086528 _____ () C:\WINDOWS\che_020716\mgwz.dll 2016-02-04 07:24 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2016-02-04 07:24 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2016-02-04 07:24 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2016-02-04 07:24 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2016-04-18 19:08 - 2016-04-18 19:08 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-18 19:08 - 2016-04-18 19:08 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-06-23 21:54 - 2016-06-14 16:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-05-23 17:44 - 2016-05-23 17:44 - 00679624 _____ () C:\Users\Chewy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll 2015-12-12 01:55 - 2016-05-25 13:03 - 00034768 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd 2016-06-25 22:02 - 2016-05-25 13:03 - 00134088 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\pyexpat.pyd 2016-06-25 22:02 - 2016-05-25 13:04 - 00019408 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\faulthandler.pyd 2016-06-25 22:02 - 2016-05-25 13:03 - 00116688 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\pywintypes27.dll 2015-12-12 01:55 - 2016-05-25 13:03 - 00093640 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\_ctypes.pyd 2015-12-12 01:55 - 2016-05-25 13:03 - 00018376 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\select.pyd 2015-12-12 01:55 - 2016-06-13 16:13 - 00019760 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd 2015-12-12 01:55 - 2016-05-25 13:05 - 00105928 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\win32api.pyd 2016-06-25 22:02 - 2016-05-25 13:03 - 00392144 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\pythoncom27.dll 2015-12-12 01:55 - 2016-06-13 16:13 - 00381752 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd 2015-12-12 01:55 - 2016-05-25 13:03 - 00692688 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\unicodedata.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 00020816 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd 2015-12-12 01:55 - 2016-05-25 13:04 - 00123856 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 01682760 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 00020808 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd 2015-12-12 01:55 - 2016-06-13 16:13 - 00021840 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 00052024 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 00038696 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\fastpath.pyd 2016-06-25 22:02 - 2016-05-25 13:05 - 00020936 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\mmapfile.pyd 2015-12-12 01:55 - 2016-05-25 13:05 - 00024528 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\win32event.pyd 2015-12-12 01:55 - 2016-05-25 13:05 - 00114640 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\win32security.pyd 2015-12-12 01:55 - 2016-05-25 13:05 - 00124880 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\win32file.pyd 2016-02-12 11:23 - 2016-06-13 16:13 - 00021832 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd 2015-12-12 01:55 - 2016-05-25 13:05 - 00024016 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\win32clipboard.pyd 2015-12-12 01:55 - 2016-05-25 13:05 - 00175560 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\win32gui.pyd 2015-12-12 01:55 - 2016-05-25 13:05 - 00030160 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\win32pipe.pyd 2015-12-12 01:55 - 2016-05-25 13:05 - 00043472 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\win32process.pyd 2015-12-12 01:55 - 2016-05-25 13:05 - 00048592 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\win32service.pyd 2016-02-12 11:23 - 2016-06-13 16:13 - 00023872 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 00026456 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd 2015-12-12 01:55 - 2016-05-25 13:05 - 00057808 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\win32evtlog.pyd 2015-12-12 01:55 - 2016-05-25 13:05 - 00024016 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\win32profile.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 00246592 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd 2015-12-12 01:55 - 2016-05-25 13:05 - 00028616 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\win32ts.pyd 2016-02-12 11:23 - 2016-06-13 16:13 - 00020800 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-02-12 11:23 - 2016-06-13 16:13 - 00019776 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd 2016-02-12 11:23 - 2016-06-13 16:13 - 00020800 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd 2015-12-12 01:55 - 2016-05-25 13:03 - 00134608 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\_elementtree.pyd 2016-06-25 22:02 - 2016-05-25 13:04 - 00240584 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\jpegtran.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 00020280 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd 2015-12-12 01:55 - 2016-06-13 16:13 - 00023376 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd 2015-12-12 01:55 - 2016-05-25 13:05 - 00350152 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\winxpgui.pyd 2016-02-12 11:23 - 2016-06-13 16:13 - 00022352 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 00024392 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd 2016-06-25 22:02 - 2016-05-25 13:05 - 00036296 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\librsync.dll 2016-06-25 22:02 - 2016-06-13 16:13 - 00031568 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd 2016-06-25 22:02 - 2016-03-11 20:46 - 00293392 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll 2016-06-25 22:02 - 2016-06-13 16:13 - 00084280 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL 2016-06-25 22:02 - 2016-06-13 16:13 - 01826096 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd 2015-12-12 01:55 - 2016-05-25 13:04 - 00083912 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\sip.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 03928880 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 01971504 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 00531248 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 00132912 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 00223544 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 00207672 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd 2015-12-12 01:55 - 2016-05-25 13:05 - 00060880 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\win32print.pyd 2016-04-15 22:07 - 2016-06-13 16:13 - 00025928 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd 2015-12-12 01:55 - 2016-06-13 16:13 - 00024904 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 00546096 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd 2016-06-25 22:02 - 2016-06-13 16:13 - 00357680 _____ () C:\Users\Chewy\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd 2016-07-02 19:11 - 2016-07-02 19:11 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-05-18 18:49 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2015-04-23 16:51 - 2015-04-23 16:51 - 00698152 _____ () C:\Users\Chewy\AppData\Roaming\TaobaoProtect\AliBench\AlibenchDLL.dll 2012-12-25 20:15 - 2012-06-25 14:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-09-15 14:58 - 2015-09-15 14:58 - 08901184 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2016-06-17 21:32 - 2016-06-15 05:15 - 17599640 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Chewy\Documents\Wire Information.jpg:com.dropbox.attributes [1086] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKLM\...\.scr: => <===== ATTENTION ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\alipay.com -> hxxps://alipay.com IE trusted site: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\alipay.com -> hxxp://alipay.com IE trusted site: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\alisoft.com -> hxxps://alisoft.com IE trusted site: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\alisoft.com -> hxxp://alisoft.com IE trusted site: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\amazon.ca -> hxxps://amazon.ca IE trusted site: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\hola.org -> hxxp://hola.org IE trusted site: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\samsungsetup.com -> hxxp://www.samsungsetup.com IE trusted site: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\taobao.com -> hxxps://taobao.com IE trusted site: HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\taobao.com -> hxxp://taobao.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 09:25 - 2016-07-04 06:40 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Chewy\Desktop\architecture_skyscraper_sky_106736_3840x2160.jpg DNS Servers: 204.197.191.194 - 38.117.85.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk" HKLM\...\StartupApproved\Run: => "ACMON" HKLM\...\StartupApproved\Run: => "ETDCtrl" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "Fitbit Connect" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "BrHelp" HKLM\...\StartupApproved\Run32: => "ControlCenter4" HKLM\...\StartupApproved\Run32: => "360Safetray" HKLM\...\StartupApproved\Run32: => "Secured Net" HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\StartupApproved\Run: => "Fitbit Connect" HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\StartupApproved\Run: => "aliim" HKU\S-1-5-21-1551321902-3525539811-1481564533-1002\...\StartupApproved\Run: => "Chromium" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{EA2138B0-57F8-4446-9504-D2FAE1F09F8D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{0878FD3E-BF1B-4BB0-9456-A4279DD65675}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{2E13E61D-A108-452A-9201-DB2C661D4114}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{6D266831-5905-48B6-9E81-C9502FDA3C17}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{49E167AD-CE8F-4103-BD55-7C228964DADC}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2014\Photoshop.exe FirewallRules: [UDP Query User{4AB32E21-724B-4A6C-B5FC-E9AE2FB9F043}C:\users\chewy\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Block) C:\users\chewy\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe FirewallRules: [TCP Query User{373B18E1-D9A7-4980-9045-0DA1A7F0183E}C:\users\chewy\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Block) C:\users\chewy\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe FirewallRules: [{81D7A2A6-41D8-42A3-85D2-2FE776A3A8F0}] => (Allow) C:\Users\Chewy\AppData\Roaming\HaiYuInst\plugins\download FirewallRules: [{6C62DC30-1AF5-4984-A822-FB4F15BB6F5E}] => (Allow) C:\Users\Chewy\AppData\Roaming\HaiYuInst\plugins\download FirewallRules: [{EE477AEA-7688-446A-BB91-113DD6BCA742}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe FirewallRules: [{5225B067-6EC7-4528-B778-D060F04FD6CC}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe FirewallRules: [{9839589A-E469-462A-A3DF-AC14AAFE6535}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe FirewallRules: [{6EB824C5-A57B-4115-9F0F-E5619FE49EC0}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe FirewallRules: [{21986848-32D5-4263-9E87-B3C847322664}] => (Block) %ProgramFiles% (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe FirewallRules: [{7E79BD79-EBBE-4139-936B-F345385F41EF}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe FirewallRules: [{BFAFBD81-DCEF-4F53-BB9F-3C8F5E30BE0B}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe FirewallRules: [{B4F48125-3FEB-49A7-92A8-F2E0D32163ED}] => (Allow) D:\Steam\SteamApps\common\Critter Crunch\CritterCrunch.exe FirewallRules: [{62C2F793-09E7-471D-AFA0-42DB6B38EB97}] => (Allow) D:\Steam\SteamApps\common\Critter Crunch\CritterCrunch.exe FirewallRules: [{EB3546BB-8686-4951-9BFF-222BE51F0746}] => (Allow) C:\Program Files (x86)\AliWangWang\AliIM.exe FirewallRules: [{3453C8D4-E319-4C40-BD13-C611A36E39C3}] => (Allow) C:\Program Files (x86)\AliWangWang\AliIM.exe FirewallRules: [UDP Query User{8CD92D8E-6616-49BD-A8F5-9673616DF1AD}C:\users\chewy\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\chewy\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{855F2340-9082-4A3F-8796-B388CFB3E78C}C:\users\chewy\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\chewy\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{B353E4F7-57D1-4A2A-9397-754ABFDE1D89}] => (Block) %ProgramFiles%\Adobe\Adobe Illustrator CC 2014\Support Files\Contents\Windows\Illustrator.exe FirewallRules: [TCP Query User{F468232A-782C-4386-AF14-03CFA72EB0FB}C:\Program Files (x86)\LEGO Software\LEGO MINDSTORMS EV3 Home Edition\MindstormsEV3.exe] => (Allow) C:\Program Files (x86)\LEGO Software\LEGO MINDSTORMS EV3 Home Edition\MindstormsEV3.exe FirewallRules: [UDP Query User{68E46633-8DC3-499C-A590-8A85F5FE92AD}C:\Program Files (x86)\LEGO Software\LEGO MINDSTORMS EV3 Home Edition\MindstormsEV3.exe] => (Allow) C:\Program Files (x86)\LEGO Software\LEGO MINDSTORMS EV3 Home Edition\MindstormsEV3.exe FirewallRules: [{686F9DC9-05CD-45DA-9EB7-6D8BB6B493AD}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{5988E12A-79F8-47B8-BF54-B43DD3663AFA}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{558539FD-495E-40B4-BBA4-DCD06B5D7580}] => (Allow) C:\Users\Chewy\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{54B158B7-6E22-4A3A-A623-2AF3439FF362}] => (Allow) C:\Users\Chewy\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [UDP Query User{9462E850-BE32-43FB-9AF3-CB767AD637C5}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{6848956E-CC59-4BA0-9B2B-C6992AF332B2}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{7FF79A7C-786B-4F9B-A3F0-7600F63D28D6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe FirewallRules: [{B74B462F-014D-4197-BA52-F6919ACBEACF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe FirewallRules: [{50396CAB-1058-490E-B94B-5033A31AD2D1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{953662AB-1844-4D3F-96B8-9843C743E8A4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{0031B648-2C09-4CCD-B61E-48594EE98648}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{BA1CB079-EA46-45BA-BDDF-A9D0CF5A842F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{6E49C0F9-C368-4BD2-A7C9-BF2C2F652C0D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{245192D5-85E0-43B6-92F0-202301184168}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{7571A3B9-F8CC-4AE6-9904-EEAD9CB2AA32}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{382C5855-55DC-4197-9DB2-406947F5CDA3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{A4BFEF35-97B4-4186-B95B-D410DD6CB273}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{8E656F8F-14F9-4C35-A5E5-A6C71ABFA0BF}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1371521C-2C21-45F0-97ED-23D846EBB73F}] => (Allow) C:\Users\Chewy\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0457F0C3-3814-42F6-9205-13BF7DB00482}] => (Allow) C:\Users\Chewy\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C6A5421B-436D-4457-AB15-A976863D36FB}] => (Allow) C:\Users\Chewy\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{A524D789-E980-4350-B561-79A4DD5D15B3}] => (Allow) C:\Users\Chewy\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{38AC34F3-A6CA-42FA-9F05-9DC58BCF686C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{F8E89CFC-7DC0-4B61-92CC-1ABD42BF8E96}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{6A5CC918-82DD-42DD-98FE-939278843671}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{8BCDF6DD-34FF-420C-986E-126920073B2C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{E9D05DDF-37A9-44BB-9E04-D0006CE4434C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{91965EEA-20DA-4393-916B-0E619AC91FCA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [UDP Query User{B3FBFE00-056F-4C66-BD66-476EC292484F}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe FirewallRules: [TCP Query User{DB715B35-4D36-4FD2-8F48-B22F2BAF51CA}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe FirewallRules: [{BA072866-F15D-4861-9E32-95CE690BA856}] => (Allow) D:\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe FirewallRules: [{526F19E5-3CAD-4538-BB83-6C38C42524DD}] => (Allow) D:\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe FirewallRules: [{B817702A-CB1E-4ABB-8461-53568BAEC851}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{963C85A6-046F-40AB-92E5-424F10D98037}] => (Allow) LPort=2869 FirewallRules: [{89A8808F-8A4A-4CD6-8FFD-B8643FC13ABF}] => (Allow) LPort=1900 FirewallRules: [{B77A5BCE-2576-4A04-9FBD-FE71E20A094D}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{2DD1D756-BB3A-48E9-960F-1DD86E3A51FC}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{95E34FD6-A58E-4C31-8F1F-B5BB7826BF88}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{C481667C-3AB3-44BC-8B41-CD70EBC46327}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{36E4E46A-D130-4F86-9045-E194FEB9CCC8}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{ECD39847-6945-4ED7-8E6D-9359CE836AF9}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{AB9DD179-AF1C-40EA-BA0A-A4362F481DA3}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{DFA5CB65-D06A-4683-B44C-ED9A2C8FA220}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [TCP Query User{C6086171-02DD-4D07-86D5-B70EDBFE29F8}C:\program files (x86)\aliwangwang\aliim.exe] => (Allow) C:\program files (x86)\aliwangwang\aliim.exe FirewallRules: [UDP Query User{A6F40A69-85FF-4432-9ADB-87D5A5BD6028}C:\program files (x86)\aliwangwang\aliim.exe] => (Allow) C:\program files (x86)\aliwangwang\aliim.exe FirewallRules: [{D4921EFE-EAA9-4A30-8F2F-2E2D804EF513}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{13A97D42-2D8C-4A90-ABEF-BB9E161BE04E}] => (Allow) C:\Program Files (x86)\KuGou\KGMusic\KuGou.exe FirewallRules: [{4F2E661E-EA43-4A72-AAD7-76424AA40AAD}] => (Allow) C:\Program Files (x86)\KuGou\KGMusic\KuGou.exe FirewallRules: [{6435ADF7-3A90-4497-A2D9-B9CEDDA2B7B6}] => (Allow) C:\Program Files (x86)\KuGou\KGMusic\8.0.31.18500\KGService.exe FirewallRules: [{8670BE0F-4F2A-4C55-90CD-4CE5F1F1B91E}] => (Allow) C:\Program Files (x86)\KuGou\KGMusic\8.0.31.18500\KGService.exe FirewallRules: [{9EE0D26C-ED7C-48BB-91D3-A516E5A1A304}] => (Allow) C:\Program Files (x86)\KuGou\KGMusic\8.0.31.18500\kgupnp.exe FirewallRules: [{FC1E58CC-3DFD-48FE-A10C-2378144A3C75}] => (Allow) C:\Program Files (x86)\KuGou\KGMusic\8.0.31.18500\kgupnp.exe FirewallRules: [{61788DAE-A156-4A87-93F8-D458584DB804}] => (Allow) C:\Users\Chewy\AppData\Roaming\KuGou8\AppStore\6\dlna_player.exe FirewallRules: [{DF309752-724B-4AAA-BD2F-60BC686E3639}] => (Allow) C:\Users\Chewy\AppData\Roaming\KuGou8\AppStore\6\dlna_player.exe FirewallRules: [{56692D8A-DF30-48E9-A00B-1D31D94E359C}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B4E64B28-B0EA-46D0-878D-55B40C722E76}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{A4088B01-A835-49B3-8452-6C715F7F42F4}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\SGTool.exe FirewallRules: [{1C94650B-6442-4562-B266-A55EE35C8F8C}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\SGTool.exe FirewallRules: [{A6FD475A-C831-48F7-BA37-B9C2F07342E1}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\SGTool.exe FirewallRules: [{373F27ED-7914-41B3-9C88-35E666688C86}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\SGTool.exe FirewallRules: [{5193D95B-C5ED-4231-95C0-C610D581D4D4}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\PinyinUp.exe FirewallRules: [{16CA949A-5291-4D74-A961-8C5B4FA3573A}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\PinyinUp.exe FirewallRules: [{65A2EA8B-128F-42A7-A7E9-895520BDE739}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\PinyinUp.exe FirewallRules: [{0180A2AA-A385-4638-8DC7-DDE56EAE9FE2}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\PinyinUp.exe FirewallRules: [{5370F818-C62C-431E-8A1B-0A6826E1628E}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\SGDownload.exe FirewallRules: [{29748AE8-921F-4240-88EB-9E0001644059}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\SGDownload.exe FirewallRules: [{09232E3D-040B-49C9-AC40-BD1FFEE441A7}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\SGDownload.exe FirewallRules: [{AEDF1908-79C4-43E0-A238-09103710BF4E}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\SGDownload.exe FirewallRules: [{830E3C53-C9F4-47C1-978A-AC74C50CE501}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\SogouCloud.exe FirewallRules: [{D79E69BF-FB2A-4E78-ACE5-90B5D68254D9}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\SogouCloud.exe FirewallRules: [{5359DA4F-11A4-4A4D-8086-DC46F5F3B1EB}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\SogouCloud.exe FirewallRules: [{F9DCD226-24F8-4189-BE00-D7D6C637CF3C}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\SogouCloud.exe FirewallRules: [{173424B6-B558-4E41-BF65-46EE54968D0C}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe FirewallRules: [{14753C2B-CFBE-45D3-869D-90696F24507A}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe FirewallRules: [{93A33344-91FE-463F-ABBC-30D1CC946CB2}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe FirewallRules: [{3C825D5F-CFAF-44D0-A73B-CA7B3A088542}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe FirewallRules: [{D2BFD2DC-E87C-4648-8EF0-9212567E913B}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\userNetSchedule.exe FirewallRules: [{9DCFDD2A-F3D8-481D-A0C1-974240DAA082}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\userNetSchedule.exe FirewallRules: [{FD5D59E2-A909-4930-9952-9E9B4D23E67F}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\userNetSchedule.exe FirewallRules: [{1316D200-14CE-4579-9457-E1C17B944CAF}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\userNetSchedule.exe FirewallRules: [{7DB06DCC-8433-4033-B4A4-48A594820CE5}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\SGMedalLoader.exe FirewallRules: [{C7791F90-D109-4C0E-9261-292E3069BCDB}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\SGMedalLoader.exe FirewallRules: [{B07782AF-B7CA-464C-A98A-292A5D63427A}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\SGMedalLoader.exe FirewallRules: [{EAB0E3C2-0674-4539-85E5-73A5155CE85A}] => (Allow) C:\Program Files (x86)\SogouInput\7.9.0.7504\SGMedalLoader.exe FirewallRules: [{4B93BD7A-2FDC-4C34-BBA0-E8B992B49324}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe FirewallRules: [{322D7DA6-9DC3-4D6F-B5E4-D8BA2A5F0F36}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe FirewallRules: [{AD993C14-28B7-4009-AF6A-241D7E52FEB3}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe FirewallRules: [{831537FF-6D01-4CDE-8EB0-966F24A12B36}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe FirewallRules: [{65E4E9E7-D7AE-43FB-94AB-B23756A0823D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{8EC3C82B-66CF-4A25-A50C-DB755FA10578}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{860C3DB2-0A5F-4EF0-9C80-1D4DFBA88E5E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{8A590C22-8457-4309-9FFD-BD070EB11383}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{F1E16F44-877A-4D4D-A009-C46C664E207F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{99000636-A51C-4DB6-AB9C-0A506688945A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{E3677AA6-830D-416D-88DB-FFCA544C676E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{C09C7623-F0A0-4210-B0B7-094484E1B336}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8D3717BB-242B-4CBD-8E1B-F7C662EA56DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{1E644A07-91A5-4D79-8554-188C76C710FC}] => (Allow) 㩃啜敳獲䍜敨祷䅜灰慄慴剜慯業杮獜湳獜湳攮數 FirewallRules: [{214586EA-E4E6-467B-AA5C-8ECBBF76A1FD}] => (Allow) 㩃啜敳獲䍜敨祷䅜灰慄慴剜慯業杮獜湳獜癡略⹰硥e StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Restore Points ========================= 23-06-2016 19:10:02 Windows Update 02-07-2016 16:56:44 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/04/2016 05:06:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.10586.0, time stamp: 0x5632d8f0 Faulting module name: ntdll.dll, version: 10.0.10586.306, time stamp: 0x571af2eb Exception code: 0xc0000409 Fault offset: 0x00000000000a9ba0 Faulting process id: 0x142c Faulting application start time: 0xbackgroundTaskHost.exe0 Faulting application path: backgroundTaskHost.exe1 Faulting module path: backgroundTaskHost.exe2 Report Id: backgroundTaskHost.exe3 Faulting package full name: backgroundTaskHost.exe4 Faulting package-relative application ID: backgroundTaskHost.exe5 Error: (07/04/2016 04:30:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2084.9592, time stamp: 0x57605ac0 Faulting module name: NvMdnsPlugin.dll_unloaded, version: 0.0.0.0, time stamp: 0x57605fbb Exception code: 0xc0000005 Fault offset: 0x00000000000d45a0 Faulting process id: 0x1284 Faulting application start time: 0xNvStreamNetworkService.exe0 Faulting application path: NvStreamNetworkService.exe1 Faulting module path: NvStreamNetworkService.exe2 Report Id: NvStreamNetworkService.exe3 Faulting package full name: NvStreamNetworkService.exe4 Faulting package-relative application ID: NvStreamNetworkService.exe5 Error: (07/04/2016 07:35:29 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.10586.0, time stamp: 0x5632d8f0 Faulting module name: ntdll.dll, version: 10.0.10586.306, time stamp: 0x571af2eb Exception code: 0xc0000409 Fault offset: 0x00000000000a9ba0 Faulting process id: 0x2b28 Faulting application start time: 0xbackgroundTaskHost.exe0 Faulting application path: backgroundTaskHost.exe1 Faulting module path: backgroundTaskHost.exe2 Report Id: backgroundTaskHost.exe3 Faulting package full name: backgroundTaskHost.exe4 Faulting package-relative application ID: backgroundTaskHost.exe5 Error: (07/04/2016 06:59:08 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SDScan.exe, version: 2.6.44.181, time stamp: 0x56efed8f Faulting module name: SDScanLibrary.dll_unloaded, version: 2.6.44.134, time stamp: 0x56efe6de Exception code: 0xc0000005 Fault offset: 0x0004afcf Faulting process id: 0x1a60 Faulting application start time: 0xSDScan.exe0 Faulting application path: SDScan.exe1 Faulting module path: SDScan.exe2 Report Id: SDScan.exe3 Faulting package full name: SDScan.exe4 Faulting package-relative application ID: SDScan.exe5 Error: (07/04/2016 06:59:03 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SDScan.exe, version: 2.6.44.181, time stamp: 0x56efed8f Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0x00000000 Fault offset: 0x00000000 Faulting process id: 0x1a60 Faulting application start time: 0xSDScan.exe0 Faulting application path: SDScan.exe1 Faulting module path: SDScan.exe2 Report Id: SDScan.exe3 Faulting package full name: SDScan.exe4 Faulting package-relative application ID: SDScan.exe5 Error: (07/04/2016 06:52:55 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.10586.0, time stamp: 0x5632d8f0 Faulting module name: ntdll.dll, version: 10.0.10586.306, time stamp: 0x571af2eb Exception code: 0xc0000409 Fault offset: 0x00000000000a9ba0 Faulting process id: 0x1788 Faulting application start time: 0xbackgroundTaskHost.exe0 Faulting application path: backgroundTaskHost.exe1 Faulting module path: backgroundTaskHost.exe2 Report Id: backgroundTaskHost.exe3 Faulting package full name: backgroundTaskHost.exe4 Faulting package-relative application ID: backgroundTaskHost.exe5 Error: (07/04/2016 06:32:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NvStreamUserAgent.exe, version: 7.1.2084.9592, time stamp: 0x57605c64 Faulting module name: ntdll.dll, version: 10.0.10586.306, time stamp: 0x571af2eb Exception code: 0xc0000005 Fault offset: 0x000000000002e909 Faulting process id: 0x34b8 Faulting application start time: 0xNvStreamUserAgent.exe0 Faulting application path: NvStreamUserAgent.exe1 Faulting module path: NvStreamUserAgent.exe2 Report Id: NvStreamUserAgent.exe3 Faulting package full name: NvStreamUserAgent.exe4 Faulting package-relative application ID: NvStreamUserAgent.exe5 Error: (07/04/2016 06:31:44 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: sllauncher.exe, version: 5.1.50428.0, time stamp: 0x5721848a Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc000041d Fault offset: 0x5c16c6d1 Faulting process id: 0x24a8 Faulting application start time: 0xsllauncher.exe0 Faulting application path: sllauncher.exe1 Faulting module path: sllauncher.exe2 Report Id: sllauncher.exe3 Faulting package full name: sllauncher.exe4 Faulting package-relative application ID: sllauncher.exe5 Error: (07/04/2016 06:31:35 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: sllauncher.exe, version: 5.1.50428.0, time stamp: 0x5721848a Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000 Faulting process id: 0x24a8 Faulting application start time: 0xsllauncher.exe0 Faulting application path: sllauncher.exe1 Faulting module path: sllauncher.exe2 Report Id: sllauncher.exe3 Faulting package full name: sllauncher.exe4 Faulting package-relative application ID: sllauncher.exe5 Error: (07/04/2016 06:27:40 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NvStreamUserAgent.exe, version: 7.1.2084.9592, time stamp: 0x57605c64 Faulting module name: ntdll.dll, version: 10.0.10586.306, time stamp: 0x571af2eb Exception code: 0xc0000005 Fault offset: 0x000000000002e909 Faulting process id: 0x1b20 Faulting application start time: 0xNvStreamUserAgent.exe0 Faulting application path: NvStreamUserAgent.exe1 Faulting module path: NvStreamUserAgent.exe2 Report Id: NvStreamUserAgent.exe3 Faulting package full name: NvStreamUserAgent.exe4 Faulting package-relative application ID: NvStreamUserAgent.exe5 System errors: ============= Error: (07/04/2016 09:24:03 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (07/04/2016 09:23:10 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY) Description: Miniport TAP-Win32 Adapter OAS #19, {C0E556DB-8675-4BCF-8497-918BBC2EA76F}, had event 76 Error: (07/04/2016 09:19:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_848e3 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/04/2016 09:19:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_848e3 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/04/2016 09:19:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_848e3 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/04/2016 09:19:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_848e3 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/04/2016 09:19:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (07/04/2016 08:33:16 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (07/04/2016 08:32:44 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY) Description: Miniport TAP-Win32 Adapter OAS #19, {B2427BDF-85AF-4785-AF5D-3475161B0AAE}, had event 76 Error: (07/04/2016 08:29:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_b4f74 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. CodeIntegrity: =================================== Date: 2016-06-18 20:03:18.554 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-18 03:52:22.140 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-17 21:52:05.807 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-14 11:57:37.798 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-14 09:57:55.094 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-15 22:21:48.532 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-13 03:18:01.025 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-13 03:01:09.670 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-04 15:48:08.791 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-03 18:30:54.888 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz Percentage of memory in use: 37% Total physical RAM: 8077.56 MB Available physical RAM: 5034.13 MB Total Virtual: 9357.56 MB Available Virtual: 5222.79 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:278.98 GB) (Free:92.87 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (DATA) (Fixed) (Total:397.87 GB) (Free:242.17 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 01A8A7C0) Partition: GPT. ==================== End of Addition.txt ============================