Thanks for the reply, there is a message box that does popup regarding UedoKwopc.dll whenever the computer loads up to the desktop though I cant recall exactly what it says. See the txt files below. Thanks again for the help!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
Ran by Ryan (administrator) on TYRANT (06-11-2015 18:59:23)
Running from C:\Users\Ryan\Desktop
Loaded Profiles: Ryan (Available Profiles: Ryan & Mcx1-TYRANT)
Platform: Windows 7 Home Premium (X64) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-11] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-16] (Realtek Semiconductor)
HKLM\...\Run: [x9fy5RHC3D25] => regsvr32.exe /s "C:\PROGRA~3\x9fy5RHC3D25.dll"
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\Run: [MusicManager] => C:\Users\Ryan\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7646208 2015-08-13] (Google Inc.)
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\Run: [Google Update] => C:\Users\Ryan\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [6274184 2015-08-23] (Plex, Inc.)
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\Run: [Cicuk] => regsvr32.exe "C:\Users\Ryan\AppData\Roaming\IeveKmets\UedoKwopc.dll"
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\MountPoints2: {06b1c984-7711-11e2-a913-64315026845a} - L:\setup.exe
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\MountPoints2: {06c1d821-d35e-11e3-b6d5-64315026845a} - K:\MotoCastSetup.exe -a
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\MountPoints2: {06c1d861-d35e-11e3-b6d5-64315026845a} - K:\MotoCastSetup.exe -a
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\MountPoints2: {13d77c52-4435-11e2-952f-64315026845a} - K:\MotoCastSetup.exe -a
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\MountPoints2: {1e2ce8dd-d97b-11e2-a9f3-64315026845a} - K:\MotoCastSetup.exe -a
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\MountPoints2: {3a8b3440-30e7-11e2-98fe-64315026845a} - L:\MotoCastSetup.exe -a
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\MountPoints2: {4ebcf890-7388-11e3-a721-64315026845a} - K:\MotoCastSetup.exe -a
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\MountPoints2: {606be1b5-eaf0-11e0-a777-64315026845a} - K:\Setup.exe
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\MountPoints2: {6d888469-40c7-11e5-b7e9-98588a02a5c8} - M:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\MountPoints2: {8e6ca0ca-81e3-11e4-8d63-64315026845a} - K:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\MountPoints2: {8f88ea8f-6d6b-11e4-9313-001122987654} - K:\MotoCastSetup.exe -a
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\MountPoints2: {ebb353ff-8e6b-11e4-af1e-64315026845a} - K:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\DREAMA~1.SCR [94208 2006-10-09] ()
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-11-06] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-01-19]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2013-01-09]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaWiFi.exe (Ralink Technology, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 nlsk.neulion.com
Tcpip\..\Interfaces\{BBF9F091-EADE-4E1C-AB76-D5897FD5207B}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C4349D22-40F8-480F-AD78-E820B327C557}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {5ED88E19-FCB1-4428-9612-3E22A725041E} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL =
SearchScopes: HKU\.DEFAULT -> bProtectorDefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
SearchScopes: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000 -> DefaultScope {5ED88E19-FCB1-4428-9612-3E22A725041E} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306058&CUI=UN26255233522486923&UM=2
SearchScopes: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.yd.delta-search.com/?q={searchTerms}&affID=119816&tt=030213_yd&babsrc=SP_ss&mntrId=8cf4d1020000000000001c659da898fe
SearchScopes: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000 -> {5ED88E19-FCB1-4428-9612-3E22A725041E} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306058&CUI=UN26255233522486923&UM=2
SearchScopes: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-07-29] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-15] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-02-20] (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-15] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-04-27] (Adobe Systems, Inc.)
FF Plugin-x32: @gamersfirst.com/LiveLauncher -> C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2012-05-14] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-05-10] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1725188070-1093038038-2835830549-1000: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll [2010-04-09] (Hulu LLC)
FF Plugin HKU\S-1-5-21-1725188070-1093038038-2835830549-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Ryan\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-1725188070-1093038038-2835830549-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Ryan\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-1725188070-1093038038-2835830549-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-05-10] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.yahoo.com/
CHR Profile: C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-03]
CHR Extension: (Google Drive) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-10-03]
CHR Extension: (YouTube) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google Search) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Dark Vibe) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkckeanhmkjaechlhllmapjaaglgpcbj [2013-10-15]
CHR Extension: (Google Play Music) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR Extension: (Gmail) - C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ffekppndigniegkobcngkdmaadbhhonj] - C:\Users\Ryan\AppData\Local\CRE\ffekppndigniegkobcngkdmaadbhhonj.crx [2013-10-31]
CHR HKLM-x32\...\Chrome\Extension: [ffekppndigniegkobcngkdmaadbhhonj] - C:\Users\Ryan\AppData\Local\CRE\ffekppndigniegkobcngkdmaadbhhonj.crx [2013-10-31]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
S2 AndServMgr; C:\Program Files\AMI\DuOS\AndServMgr.exe [82384 2015-08-06] (American Megatrends Inc.)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [915736 2013-06-11] (BitRaider, LLC)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
S2 Ds3Service; C:\Users\Ryan\Desktop\SCP DS3 Driver Package\ScpServer\bin\ScpService.exe [381952 2014-06-29] (Scarlet.Crush Productions) [File not signed]
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-11] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [878912 2015-04-02] (IObit)
S2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-07-29] (Panda Security, S.L.)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4302576 2012-08-15] (INCA Internet Co., Ltd.) [File not signed]
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-11] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-11] (NVIDIA Corporation)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-05-17] ()
S2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-07-28] (Panda Security, S.L.)
S2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-01-12] (Ralink Technology, Corp.) [File not signed]
S2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-01-12] (Ralink Technology, Corp.) [File not signed]
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [625728 2011-08-18] ()
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [295128 2015-05-16] (Realtek Semiconductor)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [575488 2008-09-08] (Nokia.) [File not signed]
S2 tvnserver; C:\Program Files (x86)\TightVNC\tvnserver.exe [828944 2011-08-03] (GlavSoft LLC.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudService.exe [191488 2012-11-05] () [File not signed]
S2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseRemoteAccess.exe [1436160 2012-11-05] (Wyse Technology.) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2015-01-19] (Broadcom Corporation.)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [25056 2011-12-21] (IVT Corporation.)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
S3 cqcpu; C:\Windows\System32\drivers\cqcpu.sys [24376 2010-03-01] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-14] (DT Soft Ltd)
S1 DuoVMDrv; C:\Windows\System32\DRIVERS\DuoVMDrv.sys [239536 2015-07-31] (American Megatrends Inc.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
S1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-30] (REALiX)
S3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.)
S3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94456 2015-07-09] (Panda Security, S.L.)
S1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [201976 2015-07-09] (Panda Security, S.L.)
S1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110840 2015-07-09] (Panda Security, S.L.)
S1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [110840 2015-07-09] (Panda Security, S.L.)
S1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [103160 2015-07-09] (Panda Security, S.L.)
S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [72952 2015-07-09] ()
S1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124152 2015-07-09] (Panda Security, S.L.)
S1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300280 2015-07-09] (Panda Security, S.L.)
S1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [170232 2015-07-09] (Panda Security, S.L.)
S1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113400 2015-07-09] (Panda Security, S.L.)
S1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257784 2015-07-09] (Panda Security, S.L.)
S1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106232 2015-07-09] (Panda Security, S.L.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-11] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R0 PsBoot; C:\Windows\System32\Drivers\PsBoot.sys [40480 2014-03-11] (Panda Security, S.L.)
S2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [164088 2015-07-19] (Panda Security, S.L.)
S2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121592 2015-07-19] (Panda Security, S.L.)
S1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197880 2015-07-19] (Panda Security, S.L.)
S2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124152 2015-07-19] (Panda Security, S.L.)
S2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [134392 2015-07-19] (Panda Security, S.L.)
S2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107768 2015-07-19] (Panda Security, S.L.)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [555736 2014-04-27] (Realtek Semiconductor Corporation)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2014-04-27] (Scarlet.Crush Productions)
S3 SIVDRIVER; C:\Windows\system32\Drivers\SIVX64.sys [57312 2008-06-14] (Ray Hinchliffe)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-02-14] (Duplex Secure Ltd.)
S3 toshidpt; C:\Windows\System32\drivers\Toshidpt.sys [9608 2009-06-19] (TOSHIBA Corporation.)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
S3 uvhid; C:\Windows\System32\DRIVERS\uvhid.sys [20992 2013-04-11] (Windows ® Win 7 DDK provider)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 BRDriver64; \??\C:\programdata\bitraider\BRDriver64.sys [X]
S3 BS2364854530; \??\C:\Users\Ryan\AppData\Local\Temp\NTFS.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 IvtComBusSrv; System32\Drivers\btcombus.sys [X]
S3 motandroidusb; System32\Drivers\motoandroid.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S3 X6va005; \??\C:\Users\Ryan\AppData\Local\Temp\00529AB.tmp [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-06 18:59 - 2015-11-06 19:00 - 00028633 _____ C:\Users\Ryan\Desktop\FRST.txt
2015-11-06 18:59 - 2015-11-06 18:59 - 00000000 ____D C:\FRST
2015-11-06 18:56 - 2015-05-22 03:45 - 00061712 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-11-06 18:54 - 2015-11-06 18:54 - 02198528 _____ (Farbar) C:\Users\Ryan\Desktop\FRST64.exe
2015-11-06 18:53 - 2015-11-06 18:54 - 00000234 _____ C:\Users\Ryan\Desktop\New Text Document.txt
2015-11-06 18:52 - 2015-11-06 18:52 - 00015452 _____ C:\Users\Ryan\Desktop\Fixlist.txt
2015-11-06 18:06 - 2014-03-11 10:48 - 00040480 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PsBoot.sys
2015-11-06 17:43 - 2015-11-06 17:43 - 333953730 _____ C:\Windows\MEMORY.DMP
2015-11-06 17:43 - 2015-11-06 17:43 - 00268992 _____ C:\Windows\Minidump\110615-21325-01.dmp
2015-11-06 17:33 - 2015-11-06 17:33 - 00076814 _____ C:\Users\Ryan\Desktop\runscanner.log
2015-11-06 17:27 - 2015-11-06 17:27 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\Runscanner.net
2015-11-06 17:26 - 2015-11-06 17:27 - 00000000 ____D C:\runscanner
2015-11-06 17:18 - 2015-11-06 17:18 - 05200384 _____ (AVAST Software) C:\Users\Ryan\Downloads\aswmbr
2015-11-06 07:42 - 2015-11-06 07:42 - 00004096 _____ C:\ProgramData\igfxEM_32.exe
2015-11-06 07:36 - 2015-11-06 07:36 - 00090112 _____ C:\ProgramData\7B571D05.EX
2015-11-06 03:01 - 2015-11-06 03:01 - 00000000 ____D C:\Windows\system32\SPReview
2015-11-05 21:08 - 2015-11-05 21:08 - 00000348 _____ C:\Windows\PFRO.log
2015-11-05 21:02 - 2015-11-05 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2015-11-05 21:02 - 2015-11-05 21:02 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-11-05 21:01 - 2015-11-05 21:02 - 00000000 ____D C:\ProgramData\Panda Security
2015-11-05 21:01 - 2015-11-05 21:01 - 02113152 _____ C:\Users\Ryan\Downloads\PANDAFREEAV.exe
2015-11-05 19:42 - 2015-11-06 17:52 - 00000280 _____ C:\Windows\setupact.log
2015-11-05 19:42 - 2015-11-05 19:42 - 00000000 _____ C:\Windows\setuperr.log
2015-11-05 18:33 - 2015-11-05 18:33 - 00000000 _____ C:\asc_rdflag
2015-11-05 18:01 - 2015-11-01 10:18 - 00002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-04 21:49 - 2015-11-04 21:49 - 02924672 _____ (AVG Technologies) C:\Users\Ryan\Downloads\AVG_Protection_Free_698.exe
2015-11-04 21:36 - 2015-11-04 21:36 - 05481336 _____ (Avast Software s.r.o.) C:\Users\Ryan\Downloads\avast_free_antivirus_setup_online_cnet.exe
2015-11-02 13:34 - 2015-11-02 13:34 - 00004096 _____ C:\ProgramData\igfxCUIService.exe
2015-11-02 13:33 - 2015-11-02 13:33 - 00005120 _____ C:\ProgramData\1F3670CC.EX
2015-11-02 13:33 - 2015-11-02 13:33 - 00004096 _____ C:\ProgramData\openssl.dll
2015-11-02 06:50 - 2015-11-02 06:50 - 00004096 _____ C:\ProgramData\x9fy5RHC3D25.dll
2015-11-02 06:48 - 2015-11-02 06:48 - 00004096 _____ C:\ProgramData\QXJhZ3fR3D25.dll
2015-11-01 10:18 - 2015-11-01 10:18 - 00929872 _____ (Google Inc.) C:\Users\Ryan\Downloads\ChromeSetup.exe
2015-11-01 02:55 - 2015-11-03 17:28 - 03550700 _____ C:\Windows\system32\CFG2364854530
2015-11-01 02:40 - 2015-11-01 02:40 - 00450560 _____ (Microsoft Corporation) C:\Users\Ryan\AppData\Roaming\gpmnsd.exe
2015-11-01 02:39 - 2015-11-06 17:52 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\IeveKmets
2015-11-01 02:39 - 2015-11-01 02:39 - 00000000 ___HD C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2015-10-31 14:05 - 2015-10-31 14:05 - 00012169 _____ C:\Users\Ryan\Downloads\[kat.cr]family.feud.decades.wbfs.sfae41.ntsc.wiigm.torrent
2015-10-31 14:05 - 2015-10-31 14:05 - 00000000 ____D C:\Users\Ryan\Downloads\SFAE41 Family Feud Decades
2015-10-25 19:14 - 2015-10-02 21:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-25 19:12 - 2015-10-03 00:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 15002304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-25 19:12 - 2015-10-03 00:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-25 19:12 - 2015-10-03 00:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-25 10:16 - 2015-10-25 10:16 - 00001054 _____ C:\Users\Public\Desktop\The Witcher® 3 - Wild Hunt.lnk
2015-10-25 10:16 - 2015-10-25 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-10-25 09:56 - 2015-10-25 09:56 - 00000000 ____D C:\Users\Ryan\Documents\The Witcher 3
2015-10-25 09:14 - 2015-10-25 09:15 - 318801672 _____ ( ) C:\Users\Ryan\Downloads\witcher3_patch_1.01.exe
2015-10-23 16:21 - 2015-10-23 17:04 - 00000000 ____D C:\Users\Ryan\Downloads\The.Witcher.3.Wild.Hunt.Patch.v1.10-GOG
2015-10-23 16:21 - 2015-10-23 16:36 - 00000000 ____D C:\Users\Ryan\Downloads\The.Witcher.3.Wild.Hunt.Hearts.of.Stone-GOG
2015-10-23 13:25 - 2015-10-23 14:20 - 00000000 ____D C:\Users\Ryan\Downloads\The Witcher 3 Wild Hunt
2015-10-22 18:06 - 2015-10-22 20:11 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-10-22 18:06 - 2015-10-22 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-10-22 18:06 - 2015-10-22 18:06 - 00000000 ____D C:\ProgramData\BlueStacks
2015-10-22 18:05 - 2015-10-22 18:05 - 00000000 ____D C:\Users\Ryan\AppData\Local\Bluestacks
2015-10-22 18:02 - 2015-10-22 18:04 - 265913504 _____ C:\Users\Ryan\Downloads\BlueStacksAppPlayer_0.9.30.4239_by_AJacobs_Rooted_BSEasy.exe
2015-10-22 17:48 - 2015-10-22 17:48 - 00001127 _____ C:\Users\Public\Desktop\Star Wars Battlefront II.lnk
2015-10-22 17:48 - 2015-10-22 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
2015-10-22 16:18 - 2015-10-22 16:18 - 00000000 ____D C:\Users\Ryan\Downloads\Star Wars Battlefront II
2015-10-13 19:05 - 2015-10-13 19:06 - 00000000 ____D C:\Users\Ryan\Downloads\Acoustica Mixcraft v6.1 Build 204 with Key [TorDigger]
2015-10-12 19:45 - 2015-10-12 19:45 - 02317104 _____ (Microsoft Corporation) C:\Windows\system32\coin97itp.dll
2015-10-12 19:45 - 2015-10-12 19:45 - 01804696 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-10-12 19:45 - 2015-10-12 19:45 - 00068912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\point64.sys
2015-10-12 19:44 - 2015-10-12 19:44 - 02317104 _____ (Microsoft Corporation) C:\Windows\system32\coin97ip.dll
2015-10-12 19:44 - 2015-10-12 19:44 - 00095024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dc3d.sys
2015-10-07 20:04 - 2015-10-15 18:37 - 00000000 ____D C:\ProgramData\Oracle
2015-10-07 20:04 - 2015-10-07 20:04 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\Sun
2015-10-07 20:04 - 2015-10-07 20:04 - 00000000 ____D C:\Users\Ryan\.oracle_jre_usage
2015-10-07 20:03 - 2015-10-07 20:03 - 00000000 ____D C:\Users\Ryan\AppData\LocalLow\Oracle
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-06 18:55 - 2011-01-26 11:19 - 01265632 _____ C:\Windows\WindowsUpdate.log
2015-11-06 18:47 - 2013-02-02 11:59 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1725188070-1093038038-2835830549-1000UA.job
2015-11-06 18:47 - 2012-04-29 15:11 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-06 18:03 - 2009-07-13 23:45 - 00015568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-06 18:03 - 2009-07-13 23:45 - 00015568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-06 18:00 - 2013-10-15 17:42 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-06 17:53 - 2013-10-15 17:42 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-06 17:53 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-06 17:52 - 2013-08-05 18:43 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-06 17:43 - 2013-01-21 13:51 - 00000000 ____D C:\Windows\Minidump
2015-11-06 17:35 - 2011-12-23 13:21 - 00000000 ____D C:\Users\Ryan\AppData\Local\CrashDumps
2015-11-06 03:30 - 2013-02-02 11:59 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1725188070-1093038038-2835830549-1000Core.job
2015-11-05 22:39 - 2015-05-16 15:06 - 00000000 ____D C:\Users\Mcx1-TYRANT.TyRaNt
2015-11-05 22:38 - 2014-06-10 12:16 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\ProductData
2015-11-05 22:38 - 2013-10-18 18:19 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-05 22:38 - 2013-10-15 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-05 22:38 - 2013-10-15 17:42 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-05 22:38 - 2012-01-16 10:50 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-11-05 22:38 - 2011-01-26 11:43 - 00000000 ____D C:\ProgramData\RoxioNow
2015-11-05 22:38 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2015-11-05 21:20 - 2011-09-26 13:32 - 00123608 _____ C:\Users\Ryan\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-05 21:14 - 2011-01-27 00:27 - 00000000 ____D C:\ProgramData\Recovery
2015-11-05 21:09 - 2009-07-13 23:45 - 00520200 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-05 19:42 - 2011-09-26 13:28 - 00000000 ____D C:\Users\Ryan
2015-11-05 18:33 - 2014-04-07 02:28 - 99581952 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-11-05 18:33 - 2014-04-07 02:28 - 00401408 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-11-05 18:33 - 2014-04-07 02:28 - 00061440 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2015-11-05 18:33 - 2014-04-07 02:28 - 00028672 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-11-04 21:56 - 2012-12-14 17:07 - 00000000 ____D C:\Windows\pss
2015-11-04 21:50 - 2009-07-14 00:13 - 00784956 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-01 17:01 - 2015-08-20 17:27 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\Kodi
2015-11-01 02:40 - 2011-09-29 19:39 - 00000000 ____D C:\Users\Ryan\AppData\Roaming\uTorrent
2015-10-31 02:33 - 2014-03-19 20:45 - 00000000 ____D C:\ProgramData\ProductData
2015-10-29 02:31 - 2014-07-02 13:25 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForRyan.job
2015-10-28 13:27 - 2011-09-28 07:55 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-10-25 19:14 - 2013-08-05 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-25 19:14 - 2013-08-05 18:41 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-25 19:14 - 2012-02-23 21:37 - 00000000 ____D C:\Temp
2015-10-25 14:27 - 2015-09-10 17:38 - 00003116 ____H C:\Users\Ryan\.swfinfo
2015-10-25 10:18 - 2009-07-14 00:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-25 09:46 - 2014-07-19 14:03 - 00000000 ____D C:\Users\Ryan\AppData\Local\Glyph
2015-10-24 08:05 - 2014-07-19 14:03 - 00000000 ____D C:\Program Files (x86)\Glyph
2015-10-23 02:41 - 2013-04-08 21:40 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-10-22 18:06 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-10-22 17:08 - 2015-09-04 22:31 - 00000000 ____D C:\Users\Ryan\.VirtualBox
2015-10-22 17:02 - 2009-07-14 00:08 - 00032624 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-19 07:01 - 2014-05-31 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-10-17 04:47 - 2012-04-29 15:11 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-17 04:47 - 2012-04-29 15:11 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-17 04:47 - 2011-09-27 07:58 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-14 20:08 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-14 03:21 - 2013-02-07 19:01 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-14 02:45 - 2013-07-13 02:00 - 00000000 ____D C:\Windows\system32\MRT
2015-10-14 02:37 - 2011-09-29 17:51 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-14 02:36 - 2013-04-14 11:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-14 02:36 - 2012-01-16 10:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-14 02:33 - 2009-07-13 21:34 - 00000478 _____ C:\Windows\win.ini
2015-10-11 22:05 - 2014-06-11 20:44 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-10-11 22:05 - 2013-10-28 17:45 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-10-11 22:04 - 2014-06-11 20:44 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-10-11 22:04 - 2013-10-28 17:45 - 01710752 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-10-08 17:39 - 2014-05-15 17:51 - 00065024 ___SH C:\Users\Ryan\Desktop\Thumbs.db
2015-10-07 20:04 - 2012-10-30 17:26 - 00274016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
==================== Files in the root of some directories =======
2009-07-13 18:19 - 2009-07-13 20:14 - 0577536 _____ () C:\Users\Ryan\AppData\Roaming\BackUp2364854530.exe
2015-11-01 02:40 - 2015-11-01 02:40 - 0450560 _____ (Microsoft Corporation) C:\Users\Ryan\AppData\Roaming\gpmnsd.exe
2013-03-06 23:16 - 2013-03-06 23:16 - 0003584 _____ () C:\Users\Ryan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-02 13:33 - 2015-11-02 13:33 - 0005120 _____ () C:\ProgramData\1F3670CC.EX
2015-11-06 07:36 - 2015-11-06 07:36 - 0090112 _____ () C:\ProgramData\7B571D05.EX
2015-11-02 13:34 - 2015-11-02 13:34 - 0004096 _____ () C:\ProgramData\igfxCUIService.exe
2015-11-06 07:42 - 2015-11-06 07:42 - 0004096 _____ () C:\ProgramData\igfxEM_32.exe
2015-11-02 13:33 - 2015-11-02 13:33 - 0004096 _____ () C:\ProgramData\openssl.dll
2015-11-02 06:48 - 2015-11-02 06:48 - 0004096 _____ () C:\ProgramData\QXJhZ3fR3D25.dll
2015-11-02 06:50 - 2015-11-02 06:50 - 0004096 _____ () C:\ProgramData\x9fy5RHC3D25.dll
Files to move or delete:
====================
C:\ProgramData\igfxCUIService.exe
C:\ProgramData\igfxEM_32.exe
C:\ProgramData\openssl.dll
C:\ProgramData\QXJhZ3fR3D25.dll
C:\ProgramData\x9fy5RHC3D25.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-31 03:30
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-11-2015
Ran by Ryan (2015-11-06 19:01:35)
Running from C:\Users\Ryan\Desktop
Windows 7 Home Premium (X64) (2011-09-26 18:28:17)
Boot Mode: Safe Mode (minimal)
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1725188070-1093038038-2835830549-500 - Administrator - Disabled)
Guest (S-1-5-21-1725188070-1093038038-2835830549-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1725188070-1093038038-2835830549-1013 - Limited - Enabled)
Mcx1-TYRANT (S-1-5-21-1725188070-1093038038-2835830549-1014 - Limited - Enabled) => C:\Users\Mcx1-TYRANT.TyRaNt
Ryan (S-1-5-21-1725188070-1093038038-2835830549-1000 - Administrator - Enabled) => C:\Users\Ryan
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACID Pro 7.0 (HKLM-x32\...\{BFA5441E-B7E6-46F5-A15D-1B74707AE93A}) (Version: 7.0.641 - Sony)
Acoustica Mixcraft 7 Home Studio (HKLM-x32\...\Mixcraft 7 Home Studio-32) (Version: 7.0.1.279 - Acoustica)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
Akamai NetSession Interface (HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Album Art Downloader XUI 1.02 (HKLM-x32\...\Album Art Downloader XUI) (Version: 1.02 - hxxp://sourceforge.net/projects/album-art)
Andy OS (HKLM\...\Andy OS) (Version: 0.45.0.0 - Andy OS, Inc)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
Audacity 1.3.14 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
AutoHotkey 1.1.14.03 (HKLM\...\AutoHotkey) (Version: 1.1.14.03 - Lexikos)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - )
Batman: Arkham City™ GOTY (HKLM-x32\...\GFWL_{57520FA0-DF38-46A1-8046-3B1000008500}) (Version: 1.0.0000.133 - WB Games)
Batman: Arkham City™ GOTY (x32 Version: 1.0.0000.133 - WB Games) Hidden
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.6.3 - BitRaider, LLC)
Blio (HKLM-x32\...\{504CC891-B140-4E1B-860B-5E4C1DFBA9E3}) (Version: 2.0.5350 - K-NFB Reading Technology, Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{3792811C-832F-4392-B44A-24092901EDDC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands: The Pre-Sequel (HKLM-x32\...\Qm9yZGVybGFuZHNUaGVQcmVTZXF1ZWw=_is1) (Version: 1 - )
Burnout Paradise The Ultimate Box (HKLM-x32\...\{9A996B6A-846E-4A89-B9C4-17546B7BE49F}) (Version: 1.0.0.0 - Electronic Arts)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CrimeCraft Gravity Edition (HKLM-x32\...\CrimeCraft Gravity Edition) (Version: 0.25.07.93042 - Vogster Entertainment)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
DEAD OR ALIVE 5 Last Round (HKLM-x32\...\REVBRE9SQUxJVkU1TGFzdFJvdW5k_is1) (Version: 1 - )
Defiance (HKLM-x32\...\Glyph Defiance) (Version: - Trion Worlds, Inc.)
DeskScapes (HKLM-x32\...\DeskScapes) (Version: - Stardock Corporation, Inc.)
DeskScapes (x32 Version: 3.50.039 - Stardock Corporation, Inc.) Hidden
DiRT 3 (HKLM-x32\...\GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}) (Version: 1.0.0000.130 - Codemasters)
DiRT 3 (x32 Version: 1.0.0000.130 - Codemasters) Hidden
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Dream Aquarium (HKLM-x32\...\Dream Aquarium_is1) (Version: 1.0700 - )
Drift City (HKLM-x32\...\DriftCity_US) (Version: - )
Driver Booster 2.4 (HKLM-x32\...\Driver Booster_is1) (Version: 2.4 - IObit)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DuOS (HKLM\...\{8CE9E5DD-D523-44F2-8DE7-0439310EA984}) (Version: 2.0.3.7527 - American Megatrends Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
ESPN Offline Draft (HKLM-x32\...\ESPNOfflineDraft.7DC32A23D84BA514BB63AC794BF941363003AC19.1) (Version: 072514 - ESPN, Inc.)
ESPN Offline Draft (x32 Version: 255 - ESPN, Inc.) Hidden
F1 2014 (HKLM-x32\...\RjEyMDE0_is1) (Version: 1 - )
Firefall (HKLM-x32\...\{CFEF8DB5-B45E-4b05-90BE-D02AA6F45354}) (Version: - Red 5 Studios)
Fireplace 3D Screensaver 1.0 (HKLM-x32\...\Fireplace 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.10.1 - Androxyde)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
GamersFirst LIVE! (HKLM-x32\...\GamersFirst LIVE!) (Version: - GamersFirst)
Gateway (HKLM-x32\...\{14E83D30-45D6-4153-9D9E-1EFB9E86F661}) (Version: 1.5.6 - Gravity Interactive, Inc.)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
GmoteServer (HKLM-x32\...\DDA23392-9C73-4909-A221-BC12C6D2664D) (Version: 2.0.2 - Gmote.org)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Drive (HKLM-x32\...\{9C350701-AC04-48BA-A435-BD5E0D82897E}) (Version: 1.25.0523.2491 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar North / Toronto)
GRID 2 © Codemasters version 1 (HKLM-x32\...\R1JJRDI=_is1) (Version: 1 - )
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4521 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{2EA3D6B2-157E-4112-A3AB-BF17E16661C3}) (Version: 1.0.4.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0.2 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version: - )
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
Hulu Desktop (HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.1 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
IsoBuster 3.1 (HKLM-x32\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 10.1.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.0 - )
Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
Kodi (HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\Kodi) (Version: - XBMC-Foundation)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )
LCPD First Response (HKLM-x32\...\LCPD First Response) (Version: 1.0.0.0d - G17 Media)
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Major League Baseball 2K12 (HKLM-x32\...\{E6C29DA3-ADD6-4941-903A-43965CBB0F7C}) (Version: 1.0.0 - 2K Sports)
Marvel Heroes Game (HKLM-x32\...\{ca6069b5-fc6b-4ce8-a03e-2304143706b7}_is1) (Version: 1.0 - Gazillion Entertainment)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
MirrorOp Receiver (HKLM-x32\...\MirrorOp Receiver_is1) (Version: 1.2.0.6 - Awind Inc.)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\MusicManager) (Version: - Google, Inc.)
Need for Speed Most Wanted (HKLM-x32\...\Need for Speed Most Wanted_is1) (Version: - )
Need for Speed™ Carbon (HKLM-x32\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version: - )
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version: - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}) (Version: 7.0.2.0 - Nokia)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Graphics Driver 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oracle VM VirtualBox 4.3.30 (HKLM\...\{5E7BEDD4-397D-4537-A290-AB012A45D771}) (Version: 4.3.30 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panda Devices Agent (x32 Version: 1.03.05 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.00.01.0000 - Panda Security)
Panda Free Antivirus (Version: 8.03.00.0000 - Panda Security) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.0.22571 - Grinding Gear Games)
PC Connectivity Solution (HKLM-x32\...\{83258E90-1F76-4E13-9F60-A0F8ED41E76F}) (Version: 8.22.7.0 - Nokia)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version: - )
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Plex Media Server (HKLM-x32\...\{ca5910de-4c30-4f28-b6bd-5dd8edff922d}) (Version: 0.9.1211 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.1211 - Plex, Inc.) Hidden
PocketCloud Windows Companion (HKLM-x32\...\{8C8C169B-D493-42C7-A975-7C1E0E4C5847}) (Version: 2.5.13 - Wyse Technology)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3129 - CyberLink Corp.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Q2E Blood Culture 2.0 (HKLM-x32\...\Q2E Blood Culture) (Version: - )
Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.2.13.0 - Ralink)
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
RCT3 Soaked (HKLM-x32\...\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}) (Version: 1.00.000 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
RIFT (HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\RIFT) (Version: - Trion Worlds, Inc.)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
RollerCoaster Tycoon 2: Time Twister (HKLM-x32\...\{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604}) (Version: 1.00.000 - )
RollerCoaster Tycoon 2: Wacky Worlds (HKLM-x32\...\{B1AD83A0-DC92-41E3-B111-E9472349768C}) (Version: - )
RollerCoaster Tycoon® 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - )
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.101 - RoxioNow)
Ryse Son of Rome (HKLM-x32\...\Ryse Son of Rome_is1) (Version: - )
Saints Row IV (HKLM-x32\...\U2FpbnRzUm93SVY=_is1) (Version: 1 - )
Saints Row The Third (HKLM-x32\...\Saints Row The Third_is1) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Shockwave (HKLM-x32\...\Shockwave) (Version: - )
Sleeping Dogs Definitive Edition, âåðñèÿ 1.0.0.0 (HKLM-x32\...\Sleeping Dogs Definitive Edition_is1) (Version: 1.0.0.0 - RePack by SEYTER)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Sonic Generations (HKLM-x32\...\Sonic Generations_is1) (Version: 1.0 - SEGA)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.2.4 - Splashtop Inc.)
Star Wars Battlefront II Ultimate Pack version 4.1 (HKLM-x32\...\{80C123AF-9375-4166-B05B-820FF5EF8B52}_is1) (Version: 4.1 - XAP4O)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
State of Decay - Breakdown (HKLM-x32\...\State of Decay - Breakdown_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Texas Instruments PCIxx21/x515 drivers. (HKLM-x32\...\InstallShield_{FF6F491D-BC82-4DCC-A72F-1824957C6466}) (Version: 1.13.0000 - Texas Instruments Inc.)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.7.0.113 - KMP Media co., Ltd)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.0.0 - GOG.com)
Tiger Woods PGA TOUR 08 (HKLM-x32\...\{2FEA102C-F535-4513-009B-57B165013C18}) (Version: - Electronic Arts)
TightVNC 2.0.4 (HKLM-x32\...\TightVNC) (Version: 2.0.4 - GlavSoft LLC.)
TIxx21 (x32 Version: 1.13.0000 - Texas Instruments Inc.) Hidden
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.00 - Ubisoft)
UE3Redist (HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}) (Version: 1.00.0000 - Epic Games)
UE3Redist (x32 Version: 1.00.0000 - Epic Games) Hidden
Unreal Tournament (HKLM-x32\...\UnrealTournament) (Version: - )
Unreal Tournament 2004 (HKLM-x32\...\UT2004) (Version: - )
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
WATCH_DOGS / RePack by Baracuda (HKLM\...\{EF231D76-43D8-4181-81D4-DD235312534D}_is1) (Version: 1.06.329 - )
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5800 - Broadcom Corporation)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Ryan\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ryan\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
05-11-2015 04:37:25 Scheduled Checkpoint
05-11-2015 17:13:10 Windows Defender Checkpoint
05-11-2015 20:04:21 Windows Update
06-11-2015 03:00:11 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-07 20:00 - 2015-10-07 21:49 - 00000856 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 nlsk.neulion.com
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05382F15-4E85-49DD-847C-34902DEBFA60} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {0E3140F4-F964-4F95-B08D-7F87B2EE4757} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {1C617149-1111-4345-AF09-0DE8DF0A9F07} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-08-20] (IObit)
Task: {1CAB60F2-B80C-4BDB-AB37-28341A801382} - \SmartDefrag3_Update -> No File <==== ATTENTION
Task: {2337B51A-F954-410D-B557-C5F3B9D1F570} - \Game_Booster_AutoUpdate -> No File <==== ATTENTION
Task: {259DBB21-B7D2-4F35-BB8D-11049CC31720} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {269066A4-67EB-4300-AE11-7C50D7D61775} - System32\Tasks\ASC7_SkipUac_Ryan => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-08-22] (IObit)
Task: {27BE74F6-E453-4C4E-AD10-4F8135C25A69} - \Driver Booster Scan -> No File <==== ATTENTION
Task: {383EDFB7-CA7C-49B1-9E76-67F641EB6223} - \Driver Booster SkipUAC (Ryan) -> No File <==== ATTENTION
Task: {3FDF7EE4-CB74-4798-8A80-E30A88F7B782} - \{B10B0FB6-09C1-4631-A8C9-BA605BDF3850} -> No File <==== ATTENTION
Task: {47D36440-3493-4A56-A0EB-014A7868A42D} - \GoogleUpdateTaskUserS-1-5-21-1725188070-1093038038-2835830549-1000UA -> No File <==== ATTENTION
Task: {565F63E3-8E10-4E20-A7AF-1D3175F43E46} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {5F0F7ED1-0F45-4D46-AE59-992BD057F901} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN39I2N70S05X4 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-10-20] (Hewlett-Packard)
Task: {72B87A83-1DA2-473D-A22B-3CC3DCA6D16D} - \GoogleUpdateTaskUserS-1-5-21-1725188070-1093038038-2835830549-1000Core -> No File <==== ATTENTION
Task: {8F348719-9746-40D3-9C70-922F05AD5E7D} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {94F00FE8-56EE-4808-A62C-66EDCB55E968} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {974743B0-56C4-42A1-AD92-604C2DC8DE83} - \{09C34D03-03FE-4526-8D80-162403A70B7E} -> No File <==== ATTENTION
Task: {9A5F2205-AF98-440B-B79D-C10DB5D96AF6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {9D6A1B87-0FE5-41B9-B976-AD9E9F7883F9} - \Microsoft_Hardware_Launch_IType_exe -> No File <==== ATTENTION
Task: {A7D2250E-C71B-4B3D-BD77-4366F1683589} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-TYRANT => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
Task: {D4873B53-FC90-4D76-8BE9-ED80DFB9FEBF} - \Driver Booster Update -> No File <==== ATTENTION
Task: {DE503929-CFC8-4443-A39B-D7F6E1C84676} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {E49D8942-E25D-4733-9C65-D09B7DDB8FED} - \Uninstaller_SkipUac_Administrator -> No File <==== ATTENTION
Task: {EAE97834-BEDE-4351-B21F-A35DD606BCFA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {ED4EC50B-E00D-40FF-9CFB-B08C01EB967C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {F1EF7823-FAF9-40F5-B325-CB94DF7FCD3E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-10-20] (Hewlett-Packard)
Task: {F4A6DFB0-14F9-4C13-BFB0-48C6CC4BB2B8} - \Microsoft_Hardware_Launch_IPoint_exe -> No File <==== ATTENTION
Task: {FA364860-029E-451C-85FE-D69A6D35D865} - \AutoKMS -> No File <==== ATTENTION
Task: {FB3BFC4F-3EE1-4B5A-8D05-56D75AE6A23F} - \HPCeeScheduleForRyan -> No File <==== ATTENTION
Task: {FB459A8E-7206-4A51-B1CC-4B53EF344971} - \Registration -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1725188070-1093038038-2835830549-1000Core.job => C:\Users\Ryan\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1725188070-1093038038-2835830549-1000UA.job => C:\Users\Ryan\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRyan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (Whitelisted) ==============
2015-09-15 13:58 - 2015-09-15 13:58 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-04-12 12:23 - 2013-04-12 12:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Windows\system32\Drivers\cicakiig.sys:changelist
AlternateDataStreams: C:\ProgramData\Temp:05E9FFE5
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\cinemanow.com -> hxxp://cinemanow.com
IE trusted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\cinemanow.com -> hxxps://cinemanow.com
IE trusted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\hp.com -> hxxp://hp.com
IE trusted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\qflix.com -> hxxp://qflix.com
IE trusted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\roxio.com -> hxxp://roxio.com
IE trusted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\sonic.com -> hxxp://redirect.sonic.com
IE trusted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\...\100sexlinks.com -> 100sexlinks.com
There are 4791 more sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1725188070-1093038038-2835830549-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ryan\AppData\Local\stardock\deskwall.bmp
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Ryan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GmoteServer.lnk => C:\Windows\pss\GmoteServer.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Ryan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HandyAndy.lnk => C:\Windows\pss\HandyAndy.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Advanced SystemCare 7 => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Ryan\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AVG_TRAY => "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
MSCONFIG\startupreg: BackUp2364854530 => C:\Users\Ryan\AppData\Roaming\BackUp2364854530.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Chrome => C:\PROGRA~3\taskhost.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GateWay => c:\program files (x86)\gravity\gateway\gatewaymain.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Ryan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: igfxCUIService => "C:\PROGRA~3\igfxCUIService.exe"
MSCONFIG\startupreg: igfxEM_32 => "C:\PROGRA~3\igfxEM_32.exe"
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: PDF Complete => c:\program files (x86)\pdf complete\pdfsty.exe
MSCONFIG\startupreg: PSUAMain => "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TBHostSupport => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Ryan\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6C655FDE-4AAF-4620-BC9C-9763BA364917}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{E80BAD5C-E443-4845-9924-8446018553DB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{A462087F-1274-4E3F-8089-377FB55B1359}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{571D9BDF-08B6-4A00-8A30-36F63BECE9DC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{9F55D473-C767-47A6-88FC-787E0739E9CE}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{359B52E0-2113-48CD-B029-C704836AFBDD}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{1EC5E065-477C-4F37-8C74-A49551434E48}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{0DB15326-E497-4ED3-B577-861338BA7B47}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe
FirewallRules: [{6CBA8053-2ED0-4FDB-896E-8F543126107A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe
FirewallRules: [{63DE5EF7-6995-48BC-A8FA-0C848A53FA5C}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe
FirewallRules: [{E5A03859-C0A4-4DCE-9123-9481147A9EB8}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{6C3F111E-6E1B-445C-BA88-B17F5F2BBD47}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{4C69B373-48B7-468B-B6CC-60C4B7E1380F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{E26E17FA-C6FA-4EAF-AC3B-167AE1B3DF66}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{56F3FCEC-F573-47EF-8F02-76E05621C375}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4D7BE302-BA2C-43C7-B425-7655CAF68B0E}] => (Allow) LPort=2869
FirewallRules: [{94D1E3AD-A4C2-4D89-9A32-9CFC7584BE70}] => (Allow) LPort=1900
FirewallRules: [{94F0C04F-FFA5-4191-830A-A9158CB7CF5A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{94E41FC2-FA96-4401-AAD9-2C7F4A62FBFA}] => (Allow) J:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{1318D141-ADF7-45BF-B001-D65A411ECCA5}] => (Allow) J:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{4EE4E8E1-2EDB-4747-8ED8-63414FB787E8}] => (Allow) J:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{4702E1BC-4360-4A2F-ABB9-1B908DC68998}] => (Allow) J:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{E3BA53F7-EEBE-48E2-A9BE-A898C33370B3}J:\program files (x86)\dead island\deadislandgame.exe] => (Allow) J:\program files (x86)\dead island\deadislandgame.exe
FirewallRules: [UDP Query User{AABC0DAF-2D83-491E-B192-131FBD0E8FC5}J:\program files (x86)\dead island\deadislandgame.exe] => (Allow) J:\program files (x86)\dead island\deadislandgame.exe
FirewallRules: [TCP Query User{CBC76D3D-A64E-4E5A-9226-85414EC9B548}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{8ADC3F2A-B610-49C2-B079-A42240356B53}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [{301888A8-40B0-405E-9B52-96EB6C240B6E}] => (Allow) J:\Program Files (x86)\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutLauncher.exe
FirewallRules: [{CF405D86-28C6-467C-B1B2-B7D572AA15E6}] => (Allow) J:\Program Files (x86)\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutLauncher.exe
FirewallRules: [{17E373C9-8D77-4C4E-9BAC-6A494090D1D4}] => (Allow) J:\Program Files (x86)\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{AF82E9F4-6DFA-4007-9FD1-C1285C87D518}] => (Allow) J:\Program Files (x86)\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{6D164605-B139-4ECF-98A5-FE7727B474DB}] => (Allow) J:\Program Files (x86)\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{3696B3EC-5975-428B-A1D0-3AC2B33A352E}] => (Allow) J:\Program Files (x86)\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{3C1A52AD-C0DE-436F-AEB9-5C74234A89FA}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{3E46D55B-C8BD-40AA-96FF-A9965AC9242C}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{A30B49EE-175C-4CDE-BC2F-C0A32C6CBD3D}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
FirewallRules: [{98868078-BAD7-4DEA-ADE3-F661C272DECE}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
FirewallRules: [{265A312A-8DBB-4850-A71E-D9DC5B56B503}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{F6EE3E02-FA35-4EE0-8190-60D7F3EFB735}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{DE9490D0-8A75-4800-BAD3-BB2CD6A1ED3B}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [{FDD465D3-DA11-4232-8C9A-7457DC3A37B2}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [{C777F74C-57A5-4D7E-8FB1-C7292B8B0EF8}] => (Allow) J:\gamigo\Golfstar\GolfStarPatcherLoader.exe
FirewallRules: [{CB83D1E5-8CF8-46D6-B8C5-576F8D8C09E2}] => (Allow) J:\gamigo\Golfstar\GolfStarPatcher.exe
FirewallRules: [{6CC37C66-7C9D-42F6-A8DF-017A4839A981}] => (Allow) J:\gamigo\Golfstar\GolfStarPatcherLoader.exe
FirewallRules: [{DC0758F5-50B0-4321-B488-A0FB64B02194}] => (Allow) J:\gamigo\Golfstar\GolfStar.exe
FirewallRules: [{D7D5B0D1-63A1-491C-AF20-19F3926F45F7}] => (Allow) J:\gamigo\Golfstar\GolfStarPatcher.exe
FirewallRules: [{258BCB8B-E349-42A2-88C5-C32AA3293F3B}] => (Allow) J:\gamigo\Golfstar\GolfStar.exe
FirewallRules: [{EC39F798-2B25-4D67-AA75-061B3A1B669A}] => (Allow) C:\Users\Ryan\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{55D8C14F-BEF3-4DA0-9A3C-2B580FADF380}] => (Allow) C:\Users\Ryan\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [TCP Query User{F6D79434-49DB-4584-8CF0-428D105F0034}C:\users\ryan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\ryan\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0960D056-1E5E-4993-A151-1E991A32F60D}C:\users\ryan\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\ryan\appdata\local\akamai\netsession_win.exe
FirewallRules: [{AFDA71C3-94A5-4E61-9EE8-6D733AA5ECB4}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [TCP Query User{35545BF5-7E67-4E02-A024-A95F1AF685C4}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{FE083E72-D9F0-417A-A3FD-6886710583B4}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3E4B820A-6A80-4DAE-9124-D268D2D54516}J:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe] => (Allow) J:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe
FirewallRules: [UDP Query User{7D9BF72D-183F-44CC-8E8C-C7A2205C4FAC}J:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe] => (Allow) J:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe
FirewallRules: [{E82E4B81-EE61-4A4D-A799-690B542D6D5C}] => (Allow) J:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{FE180EDC-2B16-48C6-ADF6-A156116F9E53}] => (Allow) J:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [TCP Query User{7C73E434-96FE-43C8-870C-4CC8A9121765}J:\quake2\q2e.exe] => (Allow) J:\quake2\q2e.exe
FirewallRules: [UDP Query User{57CD4FE5-141E-465D-A39D-2F8C8ECC440A}J:\quake2\q2e.exe] => (Allow) J:\quake2\q2e.exe
FirewallRules: [TCP Query User{43246748-4A47-4264-BB87-405D8A369298}J:\program files (x86)\dead island\deadislandgame.exe] => (Allow) J:\program files (x86)\dead island\deadislandgame.exe
FirewallRules: [UDP Query User{FC41F30B-35D3-42D3-B1B2-8C0D420A75BC}J:\program files (x86)\dead island\deadislandgame.exe] => (Allow) J:\program files (x86)\dead island\deadislandgame.exe
FirewallRules: [{0CFF6D42-94D8-4914-ADE7-39DD68CAA534}] => (Allow) C:\Program Files (x86)\TightVNC\tvnserver.exe
FirewallRules: [{2389636C-D805-4096-9AF2-57B6A9F27E6D}] => (Allow) C:\Program Files (x86)\TightVNC\tvnserver.exe
FirewallRules: [{C3A08230-3422-4A87-969A-82E1B8FF36BA}] => (Allow) C:\Program Files (x86)\TightVNC\vncviewer.exe
FirewallRules: [{C0B8B5B9-00AF-4D63-A00D-A827B635108E}] => (Allow) C:\Program Files (x86)\TightVNC\vncviewer.exe
FirewallRules: [{ADAB0B56-D586-4F62-B186-507295932FF4}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{6CFF0A31-B6F2-4F66-8D79-BCD490C4CBBF}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{7A02BF6D-A36B-4747-8DAA-C830345F894D}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{9BAFD885-7628-4FC2-80C2-54D8D55A3595}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{713E6F34-C079-4ED1-96A7-A8B94C33BF24}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{4FDFFFEE-1A8F-479D-A036-F690F6245579}] => (Allow) J:\Program Files (x86)\Vogster Entertainment\CrimeCraft Gravity Edition\GravityLauncher.exe
FirewallRules: [{49B8EA69-4456-498D-B56C-8D4B7194B361}] => (Allow) J:\Program Files (x86)\Vogster Entertainment\CrimeCraft Gravity Edition\GravityLauncher.exe
FirewallRules: [{A5E869B8-D3E1-466C-BF69-EB972AE4C26E}] => (Allow) J:\Program Files (x86)\Vogster Entertainment\CrimeCraft Gravity Edition\Binaries\CrimeCraft.exe
FirewallRules: [{9F671175-F392-4AB9-9B5A-4C93F1D82022}] => (Allow) J:\Program Files (x86)\Vogster Entertainment\CrimeCraft Gravity Edition\Binaries\CrimeCraft.exe
FirewallRules: [{6CFF33B1-EEA5-4E79-A50B-9CEF0F3447C6}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{E633D572-A4AB-4C7C-B990-6DA4F3A403BE}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{22D85453-5FE9-45AC-8C7F-507BFBCBC813}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{1AC78342-2DD9-4348-BBB2-60C8AE43AA68}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [TCP Query User{AC316794-B0D3-45A3-A22B-4ED5C9D2F213}J:\users\public\sony online entertainment\installed games\dc universe online live\unreal3\binaries\win32\dcgame.exe] => (Allow) J:\users\public\sony online entertainment\installed games\dc universe online live\unreal3\binaries\win32\dcgame.exe
FirewallRules: [UDP Query User{12343684-EA7C-46F0-8487-1D4A648A96B2}J:\users\public\sony online entertainment\installed games\dc universe online live\unreal3\binaries\win32\dcgame.exe] => (Allow) J:\users\public\sony online entertainment\installed games\dc universe online live\unreal3\binaries\win32\dcgame.exe
FirewallRules: [{B7C11F6A-F974-40BA-9B6C-72FEC1C45D79}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseBrowser.exe
FirewallRules: [{77FED348-3A89-45E8-9149-5A42C09C3DE7}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudService.exe
FirewallRules: [{30945527-E1BB-4C0B-A2AE-B59C05D869F2}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudInstallWizard.exe
FirewallRules: [{BBAB469F-0EB9-493D-B5BD-B489272475C2}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudInstallWizard.exe
FirewallRules: [{5B777662-88CF-4EA1-BF2B-05FB369CD4D5}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseRemoteAccess.exe
FirewallRules: [{CC49054E-6960-4A2F-AD49-B4D74DAF4DA9}] => (Allow) LPort=49167
FirewallRules: [{43A110A5-61F1-47FD-B99C-33880073ECBF}] => (Allow) LPort=5000
FirewallRules: [{5F93C342-1B56-474F-B733-140A6BEA3BC7}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{3A1DF9E7-548E-45F1-8DC2-5AEF3CE42033}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{518DD59E-E374-4B45-B040-0D02B51D6A63}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaWiFi.exe
FirewallRules: [{3AFDEBCB-1BC1-4AA9-AAC0-93D297F5FC8C}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaWiFi.exe
FirewallRules: [{5EA9BC05-6789-4F0F-AAC3-09E7C6F86D32}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaWiFi.exe
FirewallRules: [{58D4C430-27AB-485D-A8ED-5B8CC019179A}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaWiFi.exe
FirewallRules: [{C64E0725-B849-436A-83DF-18E29C9E6DC1}] => (Allow) J:\Program Files (x86)\Electronic Arts\BioWare\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{B9FA986A-1F4D-447E-9E1B-00FDDE3D7589}] => (Allow) J:\Program Files (x86)\Electronic Arts\BioWare\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{5BC2ED46-E1A5-4C65-AE60-1DE081CF193E}] => (Allow) J:\Program Files (x86)\Electronic Arts\BioWare\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{9EC03A64-997A-44E2-A4B9-DF4F368B5A79}] => (Allow) J:\Program Files (x86)\Electronic Arts\BioWare\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{331E05EB-5400-4323-B900-49B896062A0D}] => (Allow) C:\Program Files (x86)\MirrorOp Receiver\MirrorOp Receiver.exe
FirewallRules: [{38D3B9C2-991A-4B76-BE80-E1FA0176D523}] => (Allow) C:\Program Files (x86)\MirrorOp Receiver\MirrorOp Receiver.exe
FirewallRules: [{E9ACACF1-7C27-4B0A-916C-D7F57E217686}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [TCP Query User{9D4BB9CC-5ABF-474B-AB55-BBC258781A51}C:\program files (x86)\unified remote\remoteserver.exe] => (Allow) C:\program files (x86)\unified remote\remoteserver.exe
FirewallRules: [UDP Query User{91490416-C561-4F7C-A3F8-A7CC6622ABBA}C:\program files (x86)\unified remote\remoteserver.exe] => (Allow) C:\program files (x86)\unified remote\remoteserver.exe
FirewallRules: [{93AF2DA9-4F78-472B-B501-21B1DD6D9499}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2DA6243C-00BB-4C1B-AF37-242112964F85}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0B058748-86DC-41E4-B1C1-B65468D1F3FF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5CBEACC6-02D1-456D-8CCC-16567CF60481}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{A9D1EC1B-FE4B-4090-B87C-EEF9B5C33D71}C:\program files (x86)\unified remote\remoteserver.exe] => (Allow) C:\program files (x86)\unified remote\remoteserver.exe
FirewallRules: [UDP Query User{98F9A935-6230-4317-B3E2-81E1FABAEC0F}C:\program files (x86)\unified remote\remoteserver.exe] => (Allow) C:\program files (x86)\unified remote\remoteserver.exe
FirewallRules: [TCP Query User{B4AE7989-5CE4-4395-B3BF-68C08B87C5AC}C:\program files (x86)\kainy\kainy.exe] => (Allow) C:\program files (x86)\kainy\kainy.exe
FirewallRules: [UDP Query User{15B654CB-0F55-4D2B-8F50-7A3DE73FF416}C:\program files (x86)\kainy\kainy.exe] => (Allow) C:\program files (x86)\kainy\kainy.exe
FirewallRules: [{08A0C013-7F2D-4082-8CFA-8283B9CBCFAF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{195484E7-6EBD-4EA7-82A5-FC2B367B98F2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{468E147A-1DBF-4BDB-AA40-8E19D1CD8320}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7BFCA639-3770-4446-BD83-2B9288AAD04C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{37F33E1D-E444-45A7-8605-E49D0753F87A}J:\program files (x86)\gazillion entertainment\marvel heroes\unrealengine3\binaries\win32\marvelgame.exe] => (Allow) J:\program files (x86)\gazillion entertainment\marvel heroes\unrealengine3\binaries\win32\marvelgame.exe
FirewallRules: [UDP Query User{0C064CE2-6730-4EBF-B255-3E2A798E9B05}J:\program files (x86)\gazillion entertainment\marvel heroes\unrealengine3\binaries\win32\marvelgame.exe] => (Allow) J:\program files (x86)\gazillion entertainment\marvel heroes\unrealengine3\binaries\win32\marvelgame.exe
FirewallRules: [{06BBA1F0-8169-4F79-897C-4A6DFFE00DA9}] => (Allow) J:\Program Files (x86)\Downloaded\Public\Warframe.exe
FirewallRules: [{41A929C2-698C-406B-B171-8D3571A8D4C4}] => (Allow) J:\Program Files (x86)\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{2A10A389-EF54-455D-937E-210B7B1C97AC}] => (Allow) J:\Program Files (x86)\Downloaded\Public\Warframe.exe
FirewallRules: [{66731D20-BED1-40E1-AA78-1C2112E2E86C}] => (Allow) J:\Program Files (x86)\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{1110D147-2FBC-4EBA-8670-A818BC12D130}] => (Allow) J:\Program Files (x86)\Downloaded\Public\Warframe.exe
FirewallRules: [{001F18B0-4188-412F-9C2D-BCE40B961A49}] => (Allow) J:\Program Files (x86)\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{60EFACA2-FB14-47EB-8EBE-C6C204E9BB58}] => (Allow) C:\Users\Ryan\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [TCP Query User{42F01058-7011-41D9-992E-70E99CA5F190}J:\program files\capcom\resident evil 5\re5dx10.exe] => (Allow) J:\program files\capcom\resident evil 5\re5dx10.exe
FirewallRules: [UDP Query User{CF7E835E-FA32-4593-9370-1730030D8824}J:\program files\capcom\resident evil 5\re5dx10.exe] => (Allow) J:\program files\capcom\resident evil 5\re5dx10.exe
FirewallRules: [TCP Query User{7BDA13A0-3F8E-4207-802D-36D648513EFD}J:\program files\capcom\resident evil 5\re5dx9.exe] => (Allow) J:\program files\capcom\resident evil 5\re5dx9.exe
FirewallRules: [UDP Query User{115ED86D-AEEE-43F7-9A35-905FEDAD5681}J:\program files\capcom\resident evil 5\re5dx9.exe] => (Allow) J:\program files\capcom\resident evil 5\re5dx9.exe
FirewallRules: [{9D8A01C6-BB2E-435F-B400-7C14C0A12CA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1DE848DD-3B82-455A-9DDF-679E53C8C0C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B522AED4-0231-4A38-8948-E344F2B7D378}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{C68E9191-990A-4614-A90E-B071059E9591}J:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe] => (Allow) J:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe
FirewallRules: [UDP Query User{04EE3FF4-3DE9-4E75-9AF2-C3D41859E9A0}J:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe] => (Allow) J:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe
FirewallRules: [{920000B2-B9F7-46FF-845F-01AAA43DAA31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1A89AC95-31E8-4FD9-A96A-98AE67112A17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F89EFBCF-E751-4322-A327-158E2D0674A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{3946F287-25B5-447F-B6F5-E4E4AEBC0999}J:\program files (x86)\saints row iv\saintsrowiv.exe] => (Allow) J:\program files (x86)\saints row iv\saintsrowiv.exe
FirewallRules: [UDP Query User{C066ED73-E1B0-4EB6-9B94-C62EE727A168}J:\program files (x86)\saints row iv\saintsrowiv.exe] => (Allow) J:\program files (x86)\saints row iv\saintsrowiv.exe
FirewallRules: [TCP Query User{C63329A5-69BC-4DBA-AED5-0163C93F67F4}J:\program files (x86)\gazillion entertainment\marvel heroes game\unrealengine3\binaries\win32\marvelgame.exe] => (Allow) J:\program files (x86)\gazillion entertainment\marvel heroes game\unrealengine3\binaries\win32\marvelgame.exe
FirewallRules: [UDP Query User{8FBF2B43-0B86-4091-9A56-D048C2BFC63F}J:\program files (x86)\gazillion entertainment\marvel heroes game\unrealengine3\binaries\win32\marvelgame.exe] => (Allow) J:\program files (x86)\gazillion entertainment\marvel heroes game\unrealengine3\binaries\win32\marvelgame.exe
FirewallRules: [{3BEF2E6A-71A5-43C7-95A4-509E3B4801D0}] => (Allow) J:\gamigo\Golfstar\GolfStarPatcherLoader.exe
FirewallRules: [{4B0B7308-1F0E-40CF-AE16-CEA0D01577A3}] => (Allow) J:\gamigo\Golfstar\GolfStarPatcherLoader.exe
FirewallRules: [{91BEA7F2-3BC6-473D-92A3-D04B05BDA41F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1FB06396-3518-4525-A9F2-1815E7C0A9A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9E6D7BEF-F7A5-4155-9D8E-F8C02BF3A782}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0D6D2E7D-ABD5-48E2-8D42-D5A551966D4A}] => (Allow) C:\Users\Ryan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E7332D2A-2B40-4380-9965-2E78F4E610F9}] => (Allow) C:\Users\Ryan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{FA4772FD-9521-4CDD-89AE-F1BDD0521460}J:\program files (x86)\ea games\need for speed most wanted\nfs13.exe] => (Allow) J:\program files (x86)\ea games\need for speed most wanted\nfs13.exe
FirewallRules: [UDP Query User{D347BBE4-9C5B-409E-8551-DB51EC723F0D}J:\program files (x86)\ea games\need for speed most wanted\nfs13.exe] => (Allow) J:\program files (x86)\ea games\need for speed most wanted\nfs13.exe
FirewallRules: [{257237B3-5D6E-4175-BB00-95ECCDA6A93B}] => (Allow) J:\Program Files (x86)\WB Games\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{2742D936-D507-46FE-841D-05A6C42EC15D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{995AD505-4CAF-46C1-A97A-C3EB2590C8B7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{66ADF8BF-1655-41C3-850C-DEDDCFA84A90}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{08B05F5D-DDC1-4636-B3EB-00B03A2319A3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{AD17CE4E-6828-49DF-B889-487665350240}J:\program files (x86)\ea sports\tiger woods 12\tworuntimestandalone.exe] => (Allow) J:\program files (x86)\ea sports\tiger woods 12\tworuntimestandalone.exe
FirewallRules: [UDP Query User{AAFFD1EB-E736-43EF-B532-F13C836748F4}J:\program files (x86)\ea sports\tiger woods 12\tworuntimestandalone.exe] => (Allow) J:\program files (x86)\ea sports\tiger woods 12\tworuntimestandalone.exe
FirewallRules: [{83ECE391-2FFA-451F-A722-90C0FFE490EB}] => (Allow) C:\Users\Ryan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{66247FDE-08E5-4D7C-97C1-990A0360BEDC}] => (Allow) C:\Users\Ryan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{3EF2B6B3-C384-449F-9A49-D0CC863EFAD9}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{EAB143C0-E990-4B3C-A493-77B720D319BC}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [TCP Query User{00E603F7-D109-4E58-90E8-53FC73BFD91E}J:\program files (x86)\fifa 14\fifa 14\game\fifa14.exe] => (Allow) J:\program files (x86)\fifa 14\fifa 14\game\fifa14.exe
FirewallRules: [UDP Query User{204E5573-1589-4337-AD08-8FBF89BBFAF9}J:\program files (x86)\fifa 14\fifa 14\game\fifa14.exe] => (Allow) J:\program files (x86)\fifa 14\fifa 14\game\fifa14.exe
FirewallRules: [{FBB2BCF8-1DDE-4AED-95F2-C7AB50AB2FD6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BEFA8A1D-A636-48E2-96E2-E86555DBEA28}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0385C58F-4FE6-4C67-9090-B6B7475AB713}] => (Allow) J:\SimCity\SimCity 2013 Offline\SimCity\SimCity.exe
FirewallRules: [{B14A57B9-8252-4BD9-8B98-5658E2E1D5B5}] => (Allow) J:\SimCity\SimCity 2013 Offline\SimCity\SimCity.exe
FirewallRules: [TCP Query User{3208A1D5-53F4-4044-977A-3CA514EE6C3B}C:\program files (x86)\motorola\rsd lite\sdl.exe] => (Allow) C:\program files (x86)\motorola\rsd lite\sdl.exe
FirewallRules: [UDP Query User{71309A87-8B21-4B95-B4DF-6175E7017752}C:\program files (x86)\motorola\rsd lite\sdl.exe] => (Allow) C:\program files (x86)\motorola\rsd lite\sdl.exe
FirewallRules: [TCP Query User{44E9C83C-0BC8-4692-9BBA-F8D6D9509AE5}J:\program files (x86)\wb games\batman arkham city goty\binaries\win32\batmanac_o.exe] => (Allow) J:\program files (x86)\wb games\batman arkham city goty\binaries\win32\batmanac_o.exe
FirewallRules: [UDP Query User{E6D25795-0F3D-461C-A5E0-ADC5351C4AE0}J:\program files (x86)\wb games\batman arkham city goty\binaries\win32\batmanac_o.exe] => (Allow) J:\program files (x86)\wb games\batman arkham city goty\binaries\win32\batmanac_o.exe
FirewallRules: [TCP Query User{6E745788-6B64-4BB0-9586-6AF86CCC74A5}J:\program files\mass effect 2\binaries\masseffect2.exe] => (Allow) J:\program files\mass effect 2\binaries\masseffect2.exe
FirewallRules: [UDP Query User{89759BC4-F0A5-4CB3-ACDE-62C40B072F34}J:\program files\mass effect 2\binaries\masseffect2.exe] => (Allow) J:\program files\mass effect 2\binaries\masseffect2.exe
FirewallRules: [TCP Query User{7F1884C6-C72E-4402-8B23-53A277A08C13}J:\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) J:\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [UDP Query User{F9E06AA2-0C5A-48FA-A36C-DE69A83E8EED}J:\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) J:\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [{987DD292-29F2-43AC-BB9E-29630EE57806}] => (Allow) J:\Program Files (x86)\2K Sports\Major League Baseball 2K12\mlb2k12.exe
FirewallRules: [{1BA00473-423F-498A-A38A-F39EFC6CA9A8}] => (Allow) J:\Program Files (x86)\2K Sports\Major League Baseball 2K12\mlb2k12.exe
FirewallRules: [{E979B422-403B-4963-9A7A-27B2D43936C4}] => (Block) %ProgramFiles% (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
FirewallRules: [{A60FF9AF-4B99-4956-AF0C-2C9849228F6A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{521D8D40-F3B3-4B61-94D1-3099D86A7542}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{B8C1213C-A8FC-46F9-986E-9460DAE8F990}J:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) J:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{391628D8-E68F-4015-A45B-C9A574EBEB85}J:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) J:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{4BF5E5AF-BC1D-4849-87D5-4DD8CC601709}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
FirewallRules: [{954DF99A-0A4E-4EA9-A134-5E1238140AEA}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
FirewallRules: [{5A052CCD-391F-4487-9FDB-C810E1D512A8}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
FirewallRules: [TCP Query User{78905519-11DC-4A42-9C92-4F9ADBF605E9}J:\q2e blood culture\quake2.exe] => (Allow) J:\q2e blood culture\quake2.exe
FirewallRules: [UDP Query User{281DD3B8-7057-480E-B4D8-DCA2EF30F788}J:\q2e blood culture\quake2.exe] => (Allow) J:\q2e blood culture\quake2.exe
FirewallRules: [TCP Query User{ED4AB80A-418A-4A44-A771-60127EDB5AC6}J:\quake2\quake2.exe] => (Allow) J:\quake2\quake2.exe
FirewallRules: [UDP Query User{C125A16B-5691-43B8-BC40-278E48B29F82}J:\quake2\quake2.exe] => (Allow) J:\quake2\quake2.exe
FirewallRules: [{614F6565-334C-44A6-86CC-9F9A3D804478}] => (Allow) J:\Program Files (x86)\Codemasters\DiRT 3\dirt3_game.exe
FirewallRules: [{0E46613A-9A11-4DC4-BBC5-E1FC47B709A8}] => (Allow) J:\Program Files (x86)\Codemasters\DiRT 3\dirt3_game.exe
FirewallRules: [{033F4792-22A5-4C6B-95AE-9A956FCB1530}] => (Allow) E:\RouterSetup\QISWizard.exe
FirewallRules: [{E7B2D2AE-F5DE-41C5-8F36-E250A8EB1708}] => (Allow) E:\RouterSetup\QISWizard.exe
FirewallRules: [{43E7B349-A2FC-451D-A3A0-D446F9B45C35}] => (Allow) J:\UT2004\System\UT2004.exe
FirewallRules: [{4B29E4B2-C3AE-4AF8-9EDA-87B9CD473FDC}] => (Allow) J:\UT2004\System\UT2004.exe
FirewallRules: [TCP Query User{9641D6DF-131D-4DDA-9873-464BD1097549}J:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe] => (Allow) J:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe
FirewallRules: [UDP Query User{06A57541-DE77-48E9-B75C-5A2661A5FF42}J:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe] => (Allow) J:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe
FirewallRules: [{95EA1BD0-FD61-4045-AB0F-81BD6F22924C}] => (Allow) J:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe
FirewallRules: [{915B9DD0-3DD7-4991-8735-CE44A80E9FD4}] => (Allow) J:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe
FirewallRules: [{A4F8C3DF-B4CD-4993-9977-DD96ACD71348}] => (Allow) J:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{D30AA506-38D0-4E50-A974-D1D1B31D65FD}] => (Allow) J:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{742F3392-4729-413A-B53E-1324A2637208}] => (Allow) J:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{D6747CB8-E763-4922-BA81-70ACA02854F4}] => (Allow) J:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{70FD5F12-229D-4815-B5AB-03BC2EADDF13}] => (Allow) J:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe
FirewallRules: [{F8C7E231-E6C9-4CD4-B990-DC6832D09AA2}] => (Allow) J:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe
FirewallRules: [{411C2157-853C-447B-A686-B24760050805}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{43936CFC-375D-429E-A116-9622DB8E490A}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{15A956CE-A39E-4F31-9834-6B694CE98CC2}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{F4074A7A-0916-4768-A5E9-3E455D7702C9}] => (Allow) J:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{5E14F496-29C1-4964-A919-BA9A83794875}J:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{0B43153B-001C-4F55-98BA-8D37345C6322}J:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) J:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{76BFABE6-9FEF-4442-85BA-A6DBA9B45B0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5B0DBFAA-FE00-43EC-B67E-76C7634918D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CE9CCD55-AC83-4A9F-8FA6-7BC6A89650C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1B80D4E4-9102-44C8-A6D1-803E13761CF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CF64C254-2D28-4622-8109-2E529DDE77DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{49CC2C6B-448C-4AB8-BDD5-D1183917AEB9}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{A44287D1-98D1-4C28-8F54-768C67B5B26E}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{C4B3D042-1404-4A79-B05C-FF0EBFAEE775}] => (Allow) C:\Users\Ryan\AppData\Roaming\Andy_45_Online\Setup.exe
FirewallRules: [{01F1A184-5C08-4362-A9F9-F3A0CA779551}] => (Allow) C:\Users\Ryan\AppData\Roaming\Andy_45_Online\Setup.exe
FirewallRules: [{E9CF1B92-F4D8-4F1E-9DDD-CDAA90B60274}] => (Allow) C:\Program Files\Andy\Andy.exe
FirewallRules: [{D4425354-3701-4DF5-97E6-0CC0933DDE65}] => (Allow) C:\Program Files\Andy\Andy.exe
FirewallRules: [{B99DB44F-3DEF-4573-AB22-A2B257E12176}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{0272A83C-7D8F-4F2C-B504-AE45BE228DA6}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{4B7467C4-130B-4ED5-9A86-E6D27A0D0186}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3238F108-0193-40FA-93E9-21316F839FF6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2B0434BC-FA17-4FA2-8AC3-0B80083E0B6D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{83C99040-A334-4541-B901-2F88F755E75B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{93AB6FD0-03CE-4EFD-88E4-983D31C760B2}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{F201174C-E026-4E16-9B2A-910CC62AC24A}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{8FF911B7-EDE5-4FC2-8816-B3D67A1918BD}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
FirewallRules: [{C67C681F-E992-48F0-B359-DBEE346A1805}] => (Block) %ProgramFiles% (x86)\Acoustica Mixcraft 6\mixcraft6.exe
FirewallRules: [{8D79286D-E2E4-4F3B-A30F-AA3BBB5198FA}] => (Block) %ProgramFiles% (x86)\Acoustica Mixcraft 6\mixcraft6.exe
FirewallRules: [{A972F418-6729-4F02-B198-C469128B0815}] => (Block) %ProgramFiles% (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
FirewallRules: [{A9A9E1FE-4306-4EF4-BFD4-3A58BFBA587E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{C00FC7C3-43BD-4B36-B093-72A902F823F7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/06/2015 05:35:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 46.0.2490.80, time stamp: 0x56262c73
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x10006c13
Faulting process id: 0xb18
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Error: (11/06/2015 04:00:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windows...7BBCD7A8CB4.crt> with error: 12029 (0x2efd).
Error: (11/06/2015 03:39:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvBackend.exe, version: 20.0.15.0, time stamp: 0x560e7004
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0030de71
Faulting process id: 0x168c
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3
Error: (11/06/2015 03:27:01 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (11/05/2015 09:39:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windows...7BBCD7A8CB4.crt> with error: 12029 (0x2efd).
Error: (11/05/2015 09:26:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvBackend.exe, version: 20.0.15.0, time stamp: 0x560e7004
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0046de71
Faulting process id: 0xc28
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3
Error: (11/05/2015 08:59:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 46.0.2490.80, time stamp: 0x56262c73
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x10006c13
Faulting process id: 0x1a8
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Error: (11/05/2015 07:45:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvBackend.exe, version: 20.0.15.0, time stamp: 0x560e7004
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x002ede71
Faulting process id: 0xb58
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3
Error: (11/05/2015 07:28:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.
Details:
Could not query the status of the EventSystem service.
System Error:
A system shutdown is in progress.
.
Error: (11/05/2015 06:59:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvBackend.exe, version: 20.0.15.0, time stamp: 0x560e7004
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0047de71
Faulting process id: 0x9b0
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3
System errors:
=============
Error: (11/06/2015 06:58:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068
Error: (11/06/2015 06:58:37 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084NVSvc{DCAB0989-1301-4319-BE5F-ADE89F88581C}
Error: (11/06/2015 06:57:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (11/06/2015 06:57:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (11/06/2015 06:57:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (11/06/2015 06:57:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (11/06/2015 06:57:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (11/06/2015 06:57:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (11/06/2015 06:57:10 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (11/06/2015 06:57:09 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
CodeIntegrity:
===================================
Date: 2015-11-06 17:52:13.790
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-11-06 17:52:13.790
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-11-06 03:35:03.680
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-11-06 03:35:03.680
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-11-06 03:29:58.694
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-11-06 03:29:58.694
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-11-05 21:23:34.368
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-11-05 21:23:34.368
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-11-05 19:42:04.638
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-11-05 19:42:04.607
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Athlon II X4 640 Processor
Percentage of memory in use: 14%
Total physical RAM: 8191.29 MB
Available physical RAM: 6996.71 MB
Total Virtual: 16382.57 MB
Available Virtual: 15132.52 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:917.79 GB) (Free:449.43 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:13.61 GB) (Free:1.67 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive j: (Cpt Sea Biscuit) (Fixed) (Total:931.51 GB) (Free:230.78 GB) NTFS
Drive k: (My Book) (Fixed) (Total:1862.98 GB) (Free:1547.05 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5A2442D8)
Partition 1: (Active) - (Size=106 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=917.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 2B38A14C)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 17B6C2D9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Edited by rct8787, 07 November 2015 - 08:18 AM.