Good day, none of the software solutions i download is able to run, avg was dormant, malwarebytes reports application unable to start correctly (0xc0000279), bitdefender can't open a window though its tray icon is available, superantispyware only reported cookies, smadav was able to get some registries values NoFolderOptions, NoRun, NoControlPanel, DisableTaskMgr, DisableRegistryTools, DisableCMD which it corrected though before i ran smadav scan i could access my taskmanager and cmd, also when in safe mode i can run the security software, those are what i have tried but my security tools can't still open its obvious i'm infected. From my observations on the board i'm to post my scan results from farbar(below), thanks.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015
Ran by legendary_sage (administrator) on SAGE-PC (21-12-2015 12:15:33)Running from C:\Users\legendary_sage\DesktopLoaded Profiles: legendary_sage (Available Profiles: legendary_sage)Platform: Windows 8.1 (X64) Language: English (United Kingdom)Internet Explorer Version 11 (Default browser: FF)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(Bitdefender) C:\Bitdefender\Bitdefender 2016\vsserv.exe() E:\Le Me\Program Files\USB Safely Remove\USBSRService.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Sandboxie Holdings, LLC) D:\Program Files\Sandboxie\SbieSvc.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe(ASUSTeK) C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Video DSP\DriverMFTService.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe() C:\ProgramData\DatacardService\HWDeviceService64.exe(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(TeamViewer GmbH) E:\Le Me\Program Files\TeamViewer\TeamViewer_Service.exe() C:\Program Files (x86)\UCBrowser\Application\UCService.exe(Bitdefender) C:\Bitdefender\Bitdefender 2016\updatesrv.exe(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Smadsoft) C:\Program Files (x86)\SMADAV\SMΔRTP.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Apple Inc.) E:\Le Me\Program Files\iTunes\iTunesHelper.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe(Bitdefender) C:\Bitdefender\Bitdefender 2016\bdagent.exe() C:\Windows\SysWOW64\UMonit64.exe(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe(Bitdefender) C:\Bitdefender\Bitdefender 2016\bdwtxag.exe() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe() C:\Users\legendary_sage\Desktop\simple server\SimpleServer.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe(Bitdefender) C:\Bitdefender\Bitdefender 2016\bdwtxcr.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(Don HO [email protected]) C:\Program Files (x86)\Notepad++\notepad++.exe(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe(Bitdefender) C:\Bitdefender\Bitdefender 2016\downloader.exe(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe==================== Registry (Whitelisted) ===========================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3246920 2014-10-15] (ELAN Microelectronics Corp.)HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayAppHKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)HKLM\...\Run: [iTunesHelper] => E:\Le Me\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)HKLM\...\Run: [Bdagent] => C:\Bitdefender\Bitdefender 2016\bdagent.exe [1688552 2015-10-20] (Bitdefender)HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()HKLM-x32\...\Run: [ASUS ROG MacroKey] => C:\Program Files (x86)\ASUS\ASUS ROG MacroKey\Hid.exe [2036224 2014-07-30] (ASUS)HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)HKLM-x32\...\Run: [atom] => C:\ProgramData\SquirrelMachineInstalls\atom.exe --checkInstallHKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104128 2015-08-14] (VMware, Inc.)HKLM-x32\...\Run: [SYNCIOS DEVICE SERVICE] => E:\Le Me\Program Files\Syncios\SynciosDeviceService.exe [861184 2015-08-04] ()HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)HKLM-x32\...\Run: [] => [X]HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\Run: [HW_OPENEYE_OUC_GLO NETPRO] => C:\Program Files (x86)\GLO NETPRO\UpdateDog\ouc.exe [110592 2009-07-27] (Huawei Technologies Co., Ltd.)HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\Run: [SandboxieControl] => D:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-10-10] (Sandboxie Holdings, LLC)HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3911248 2015-11-16] (Tonec Inc.)HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\Run: [Bitdefender Wallet Agent] => C:\Bitdefender\Bitdefender 2016\bdwtxag.exe [1416096 2015-10-13] (Bitdefender)HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-12-02] (SUPERAntiSpyware)HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\Run: [USB Safely Remove] => E:\Le Me\Program Files\USB Safely Remove\USBSafelyRemove.exe [6061056 2012-01-31] (Crystal Rich Ltd)HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\MountPoints2: I - "I:\AutoRun.exe"HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\MountPoints2: {3f7b560c-6ab2-11e5-8260-cc3d82e2884d} - "H:\AutoRun.exe"HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\MountPoints2: {3f7b564e-6ab2-11e5-8260-cc3d82e2884d} - "H:\AutoRun.exe"HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\MountPoints2: {3f7b5bac-6ab2-11e5-8260-cc3d82e2884d} - "H:\AutoRun.exe"HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\MountPoints2: {3f7b5d7b-6ab2-11e5-8260-cc3d82e2884d} - "I:\AutoRun.exe"HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\MountPoints2: {8784b0b0-8a8b-11e5-8273-cc3d82e2884d} - "I:\AutoRun.exe"HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\MountPoints2: {d91cd4ad-6b29-11e5-8262-cc3d82e2884d} - "H:\AutoRun.exe"ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)ProxyEnable: [S-1-5-21-3578966673-3173021478-2160172042-1001] => Proxy is enabled.ProxyServer: [S-1-5-21-3578966673-3173021478-2160172042-1001] => 127.0.0.1:8080Winsock: Catalog5 01 C:\Windows\SysWOW64\PrxerNsp.dll [56424 2012-11-22] ()Winsock: Catalog5-x64 01 C:\Windows\system32\PrxerNsp.dll [57448 2012-11-22] ()Tcpip\Parameters: [DhcpNameServer] 192.168.137.1Tcpip\..\Interfaces\{54B75834-BC80-4CE4-82BE-117DAD41C3FE}: [DhcpNameServer] 192.168.10.1Tcpip\..\Interfaces\{62C4A55E-8576-4223-B089-AFB23800055B}: [NameServer] 10.109.5.97 10.109.2.97Tcpip\..\Interfaces\{9F1CEA6F-E88F-420F-BFDE-0B7831BB8881}: [DhcpNameServer] 192.11.128.24Tcpip\..\Interfaces\{CA8A7453-19EA-49E5-8213-5572AA6FF207}: [DhcpNameServer] 192.168.137.1Tcpip\..\Interfaces\{F58957DA-E83C-4DF9-9639-5466A67E2BCB}: [NameServer] 10.109.2.97 10.109.5.97Internet Explorer:==================HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\S-1-5-21-3578966673-3173021478-2160172042-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\S-1-5-21-3578966673-3173021478-2160172042-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJBBHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-09-21] (Bitdefender)BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-04] (Oracle Corporation)BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-04] (Oracle Corporation)BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-09-21] (Bitdefender)BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2015-07-07] (Microsoft Corporation)BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-09-21] (Bitdefender)Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-09-21] (Bitdefender)DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cabHandler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)FireFox:========FF ProfilePath: C:\Users\legendary_sage\AppData\Roaming\Mozilla\Firefox\Profiles\nqvzq4iq.defaultFF Session Restore: -> is enabled.FF NetworkProxy: "backup.ftp", "127.0.0.1"FF NetworkProxy: "backup.ftp_port", 8080FF NetworkProxy: "backup.socks", "127.0.0.1"FF NetworkProxy: "backup.socks_port", 8080FF NetworkProxy: "backup.ssl", "127.0.0.1"FF NetworkProxy: "backup.ssl_port", 8080FF NetworkProxy: "ftp", "127.0.0.1"FF NetworkProxy: "ftp_port", 8080FF NetworkProxy: "http", "127.0.0.1"FF NetworkProxy: "http_port", 8080FF NetworkProxy: "share_proxy_settings", trueFF NetworkProxy: "socks", "127.0.0.1"FF NetworkProxy: "socks_port", 8080FF NetworkProxy: "ssl", "127.0.0.1"FF NetworkProxy: "ssl_port", 8080FF NetworkProxy: "type", 1FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_201.dll [2015-10-04] ()FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-04] (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-04] (Oracle Corporation)FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_201.dll [2015-10-04] ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-12] (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-12] (NVIDIA Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)FF Plugin HKU\S-1-5-21-3578966673-3173021478-2160172042-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\legendary_sage\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-18] (Unity Technologies ApS)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)FF Extension: User Agent Switcher - C:\Users\legendary_sage\AppData\Roaming\Mozilla\Firefox\Profiles\nqvzq4iq.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2015-10-09]FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015-11-09]FF Extension: Greasemonkey - C:\Users\legendary_sage\AppData\Roaming\Mozilla\Firefox\Profiles\nqvzq4iq.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-11-23]FF Extension: S3.Google Translator - C:\Users\legendary_sage\AppData\Roaming\Mozilla\Firefox\Profiles\nqvzq4iq.default\extensions\[email protected] [2015-12-18]FF Extension: ADB Helper - C:\Users\legendary_sage\AppData\Roaming\Mozilla\Firefox\Profiles\rw5qifaq.dev-edition-default\Extensions\[email protected] [2015-12-20]FF Extension: Valence - C:\Users\legendary_sage\AppData\Roaming\Mozilla\Firefox\Profiles\rw5qifaq.dev-edition-default\Extensions\[email protected] [2015-12-20]FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Bitdefender\Bitdefender 2016\bdwteffFF Extension: Bitdefender Wallet - C:\Bitdefender\Bitdefender 2016\bdwteff [2015-10-20] [not signed]FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Bitdefender\Bitdefender 2016\bdtbextFF Extension: Bitdefender Antispam Toolbar - C:\Bitdefender\Bitdefender 2016\bdtbext [2015-10-20] [not signed]FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Bitdefender\Bitdefender 2016\antispam32\bdwteffFF Extension: Bitdefender Wallet - C:\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2015-10-20] [not signed]FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Bitdefender\Bitdefender 2016\bdtbextFF HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpiFF HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\legendary_sage\AppData\Roaming\IDM\idmmzcc5FF Extension: IDM CC - C:\Users\legendary_sage\AppData\Roaming\IDM\idmmzcc5 [2015-12-21] [not signed]FF HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpiStartMenuInternet: FIREFOX.EXE - E:\Le Me\Program Files\FireFox Developer Edition\firefox.exeChrome:=======CHR Session Restore: Default -> is enabled.CHR Profile: C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-30]CHR Extension: (Google Docs) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-30]CHR Extension: (Google Drive) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]CHR Extension: (YouTube) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-30]CHR Extension: (Google Search) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]CHR Extension: (Google Sheets) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-30]CHR Extension: (Google Docs Offline) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-14]CHR Extension: (IDM Integration Module) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-11-22]CHR Extension: (Chrome Web Store Payments) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-30]CHR Extension: (Gmail) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-30]CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-11-09]CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-11-09]==================== Services (Whitelisted) ========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]R2 AsusGameFirstService; C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [356664 2015-02-02] (ASUSTeK)R2 DriverMFTService; C:\Program Files (x86)\Asus\ASUS Video DSP\DriverMFTService.exe [9728 2014-10-29] (ASUSTek Computer Inc.) [File not signed]R2 ETDService; C:\Program Files\Elantech\ETDService.exe [102152 2014-10-01] (ELAN Microelectronics Corp.)S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] () [File not signed]R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121288 2014-05-09] (Intel Corporation)S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel® Corporation) [File not signed]R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2015-02-05] (Microsoft Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)S2 MBAMScheduler; E:\Le Me\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)S2 MBAMService; E:\Le Me\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)R2 SbieSvc; D:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-09-21] (Sandboxie Holdings, LLC)S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]R2 TeamViewer; E:\Le Me\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)S3 ThunderboltService; C:\Program Files\Intel\Thunderbolt Software\tbtsvc.exe [1179944 2014-05-13] (Intel Corporation)R2 UCBrowserSvc; C:\Program Files (x86)\UCBrowser\Application\UCService.exe [515576 2015-12-04] ()R2 UPDATESRV; C:\Bitdefender\Bitdefender 2016\updatesrv.exe [124488 2015-09-29] (Bitdefender)R2 USBSafelyRemoveService; E:\Le Me\Program Files\USB Safely Remove\USBSRService.exe [1107288 2012-01-31] ()S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12465344 2015-08-14] ()R2 VSSERV; C:\Bitdefender\Bitdefender 2016\vsserv.exe [1572168 2015-10-14] (Bitdefender)S3 VSStandardCollectorService140; E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-10-29] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-10-29] (Microsoft Corporation)R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)===================== Drivers (Whitelisted) ==========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-05-28] (BitDefender)R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [271272 2015-05-29] (BitDefender)R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-05-28] (BitDefender)S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.)S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [107208 2014-01-17] (GenesysLogic)R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [192456 2014-05-09] (Intel Corporation)R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [270248 2015-10-08] (Bitdefender)R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2014-08-04] (Intel Corporation)R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-04-14] (Malwarebytes Corporation)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-12-21] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation)S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)R1 NFC_Driver; C:\Windows\System32\drivers\NFC_Driver.sys [53440 2015-01-05] (Titan ARC Corp.)S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [40256 2015-04-12] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)R3 SbieDrv; D:\Program Files\Sandboxie\SbieDrv.sys [191624 2015-09-21] (Sandboxie Holdings, LLC)R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-10-29] (Microsoft Corporation)R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)R3 USBPcap; C:\Windows\system32\DRIVERS\USBPcap.sys [41720 2015-10-07] (USBPcap)R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-10-02] (Oracle Corporation)R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146584 2015-10-02] (Oracle Corporation)S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [125520 2015-10-02] (Oracle Corporation)R3 vmkbd2; C:\Windows\system32\drivers\VMkbd.sys [33472 2015-08-14] (VMware, Inc.)R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-08-04] (VMware, Inc.)R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.)S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-10-29] (Microsoft Corporation)S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-10-29] (Microsoft Corporation)S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-10-29] (Microsoft Corporation)U0 msahci; system32\drivers\msahci.sys [X]==================== NetSvcs (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)==================== One Month Created files and folders ========(If an entry is included in the fixlist, the file/folder will be moved.)2015-12-21 12:15 - 2015-12-21 12:16 - 00037179 _____ C:\Users\legendary_sage\Desktop\FRST.txt2015-12-21 11:54 - 2015-12-21 07:27 - 02370560 _____ (Farbar) C:\Users\legendary_sage\Desktop\FRST64.exe2015-12-21 11:15 - 2015-12-21 11:15 - 00003614 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 29d02f23-c02a-40d5-9dfa-043597705cdf2015-12-21 11:15 - 2015-12-21 11:15 - 00003532 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d28a861a-025a-443b-87c2-d1d8629c9d512015-12-21 11:15 - 2015-12-21 11:15 - 00000544 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d28a861a-025a-443b-87c2-d1d8629c9d51.job2015-12-21 11:15 - 2015-12-21 11:15 - 00000544 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 29d02f23-c02a-40d5-9dfa-043597705cdf.job2015-12-21 11:15 - 2015-12-21 11:15 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\SUPERAntiSpyware.com2015-12-21 11:14 - 2015-12-21 11:15 - 00000000 ____D C:\Program Files\SUPERAntiSpyware2015-12-21 11:14 - 2015-12-21 11:14 - 00001822 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk2015-12-21 11:14 - 2015-12-21 11:14 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com2015-12-21 11:14 - 2015-12-21 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware2015-12-21 10:48 - 2015-12-21 07:23 - 00321848 _____ (Malwarebytes Corporation) C:\Users\legendary_sage\Desktop\mbam-clean-2.1.1.1001.exe2015-12-21 10:30 - 2015-12-21 10:30 - 00249948 _____ C:\Windows\ntbtlog.txt2015-12-21 08:02 - 2015-12-21 10:29 - 00001571 _____ C:\bdlog.txt2015-12-21 07:53 - 2015-12-21 08:01 - 00000000 ____D C:\AdwCleaner2015-12-21 07:32 - 2015-12-21 12:15 - 00000000 ____D C:\FRST2015-12-21 07:31 - 2015-12-21 07:31 - 00000000 ____D C:\Program Files (x86)\ESET2015-12-21 06:45 - 2015-12-21 06:45 - 00395467 _____ C:\ProgramData\1450676376.bdinstall.bin2015-12-21 06:45 - 2015-12-21 06:45 - 00000385 _____ C:\Windows\system32\user_gensett.xml2015-12-21 06:45 - 2015-12-21 06:45 - 00000385 _____ C:\Users\legendary_sage\AppData\Roaminguser_gensett.xml2015-12-21 06:45 - 2015-12-21 06:45 - 00000000 ____D C:\Users\legendary_sage\Desktop\Chameleon2015-12-21 06:44 - 2015-12-21 06:44 - 00001824 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk2015-12-21 06:44 - 2015-12-21 06:44 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf2015-12-21 06:44 - 2015-12-21 06:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 20162015-12-21 06:44 - 2015-12-21 06:44 - 00000000 ____D C:\ProgramData\BDLogging2015-12-21 06:44 - 2015-10-08 12:31 - 00270248 _____ (Bitdefender) C:\Windows\system32\Drivers\ignis.sys2015-12-21 06:44 - 2015-05-29 09:50 - 00271272 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys2015-12-21 06:44 - 2015-05-28 14:21 - 00747120 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys2015-12-21 06:44 - 2015-05-28 13:37 - 01369288 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys2015-12-21 06:44 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys2015-12-21 06:44 - 2013-07-30 18:41 - 00079192 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys2015-12-21 06:44 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll2015-12-21 06:43 - 2015-12-21 06:50 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Bitdefender2015-12-21 06:40 - 2015-12-21 06:45 - 00000000 ____D C:\ProgramData\Bitdefender2015-12-21 06:40 - 2015-12-21 06:40 - 00000000 ____D C:\Bitdefender2015-12-21 06:40 - 2015-06-02 15:21 - 00477272 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys2015-12-21 06:40 - 2015-04-29 14:32 - 00160032 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys2015-12-21 06:39 - 2015-12-21 06:40 - 00000000 ____D C:\Program Files\Common Files\Bitdefender2015-12-21 06:39 - 2015-12-21 06:39 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\QuickScan2015-12-21 06:33 - 2015-12-21 06:34 - 00003180 _____ C:\Users\legendary_sage\Desktop\Rkill.txt2015-12-21 06:33 - 2015-12-21 06:33 - 00000000 ____D C:\Users\legendary_sage\Desktop\rkill2015-12-21 05:59 - 2015-12-21 05:59 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\ElevatedDiagnostics2015-12-21 05:56 - 2015-12-21 05:56 - 00003136 _____ C:\Windows\System32\Tasks\{93EEE56C-9B85-44A3-9C9B-E2930106AA55}2015-12-18 17:55 - 2015-12-18 17:55 - 00000000 ____D C:\Users\legendary_sage\Documents\makehuman2015-12-18 05:10 - 2015-12-18 05:10 - 00000218 _____ C:\Users\legendary_sage\AppData\Local\recently-used.xbel2015-12-17 22:01 - 2015-12-17 22:01 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Wings3D2015-12-17 19:27 - 2015-12-17 19:27 - 00000825 _____ C:\Users\Public\Desktop\Wings 3D (x64) 1.5.4.lnk2015-12-17 19:27 - 2015-12-17 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wings 3D 1.5.42015-12-17 11:12 - 2015-12-17 11:13 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\npm2015-12-17 11:12 - 2015-12-17 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js2015-12-17 00:23 - 2015-12-17 02:13 - 00000000 ____D C:\Users\legendary_sage\.vagrant.d2015-12-16 21:10 - 2015-12-16 21:10 - 00000934 _____ C:\Users\Public\Desktop\Git Bash.lnk2015-12-16 21:10 - 2015-12-16 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git2015-12-16 21:10 - 2015-12-16 21:10 - 00000000 ____D C:\ProgramData\Git2015-12-16 21:08 - 2015-12-16 21:08 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\Deployment2015-12-16 21:08 - 2015-12-16 21:08 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\Apps\2.02015-12-16 13:08 - 2015-11-23 01:13 - 00000000 ____D C:\Users\legendary_sage\Desktop\template2015-12-16 13:05 - 2015-12-16 13:07 - 00000000 ____D C:\Users\Public\Thunder Network2015-12-16 13:05 - 2015-12-16 13:05 - 00000000 ____D C:\ProgramData\Thunder Network2015-12-12 14:20 - 2015-12-12 14:20 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2015 Tools for Unity2015-12-12 14:20 - 2015-12-12 14:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity2015-12-12 06:08 - 2015-12-12 06:10 - 00000000 ____D C:\Users\legendary_sage\Desktop\simple-messenger2015-12-11 21:55 - 2014-10-21 08:41 - 125897035 _____ C:\Users\legendary_sage\Desktop\CRC.Learning.Csharp.Programming.with.Unity.3D.1466586524.pdf2015-12-09 16:13 - 2015-12-09 16:13 - 00002009 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk2015-12-09 16:13 - 2015-12-09 16:13 - 00000000 ____D C:\ProgramData\Visan2015-12-09 16:13 - 2015-12-09 16:13 - 00000000 ____D C:\ProgramData\HP Photo Creations2015-12-09 16:13 - 2015-12-09 16:13 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations2015-12-09 16:13 - 2015-12-09 16:13 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard2015-12-09 16:12 - 2015-12-16 16:55 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\HpUpdate2015-12-09 16:12 - 2015-12-09 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP2015-12-09 16:12 - 2015-12-09 16:12 - 00002234 _____ C:\Users\Public\Desktop\HP Deskjet 1510 series.lnk2015-12-09 16:12 - 2015-12-09 16:12 - 00001181 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 1510 series.lnk2015-12-09 16:10 - 2015-12-09 16:13 - 00000000 ____D C:\Program Files (x86)\HP2015-12-09 16:10 - 2015-12-09 16:10 - 00000000 ____D C:\Program Files\HP2015-12-09 16:09 - 2015-12-09 16:09 - 00000057 _____ C:\ProgramData\Ament.ini2015-12-09 16:06 - 2015-12-09 16:15 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\HP2015-12-09 15:01 - 2015-12-09 16:11 - 00000000 ____D C:\ProgramData\HP2015-12-07 23:47 - 2015-12-07 23:47 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf2015-12-07 16:04 - 2015-12-07 16:04 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\MonoDevelop-Unity-4.02015-12-07 16:04 - 2015-12-07 16:04 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\MonoDevelop-Unity-4.02015-12-07 15:43 - 2015-12-07 20:52 - 00000000 ____D C:\Users\legendary_sage\Documents\New Unity Project2015-12-06 23:40 - 2015-12-06 23:40 - 00000000 ____D C:\Users\legendary_sage\AppData\LocalLow\Temp2015-12-06 23:39 - 2015-12-06 23:39 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\NuGet2015-12-06 23:37 - 2015-12-06 23:37 - 00000000 ____D C:\ProgramData\Microsoft Visual Studio2015-12-06 23:15 - 2015-12-06 23:15 - 00001429 _____ C:\Users\legendary_sage\Desktop\Blender.lnk2015-12-06 23:12 - 2015-12-06 23:12 - 00000000 ____D C:\Users\legendary_sage\.thumbnails2015-12-06 23:11 - 2015-12-06 23:11 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender2015-12-06 10:32 - 2015-12-06 10:32 - 00000725 _____ C:\Users\Public\Desktop\JetBrains PhpStorm 10.0.lnk2015-12-06 06:35 - 2015-12-06 06:35 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\TeamViewer2015-12-06 06:03 - 2015-12-06 06:03 - 00000821 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk2015-12-06 06:03 - 2015-12-06 06:03 - 00000821 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk2015-12-06 06:02 - 2015-08-18 12:52 - 00035112 _____ (TeamViewer GmbH) C:\Windows\system32\Drivers\teamviewervpn.sys2015-12-05 15:42 - 2015-12-06 10:49 - 00000000 ____D C:\Users\legendary_sage\.WebIde1002015-12-04 23:03 - 2015-12-04 23:05 - 00000000 ____D C:\Users\legendary_sage\Desktop\php-chunked-xhtml2015-12-03 10:03 - 2015-12-03 20:01 - 00000000 ____D C:\Users\legendary_sage\Desktop\New folder (2)2015-11-30 14:47 - 2015-11-30 14:47 - 00000963 _____ C:\Users\Public\Desktop\Firefox Developer Edition.lnk2015-11-30 14:47 - 2015-11-30 14:47 - 00000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk2015-11-30 13:55 - 2015-12-21 11:18 - 00000490 _____ C:\Windows\Tasks\UCBrowserUpdater.job2015-11-30 13:55 - 2015-11-30 13:55 - 00003458 _____ C:\Windows\System32\Tasks\UCBrowserUpdater2015-11-30 13:54 - 2015-12-08 04:47 - 00000000 ____D C:\Program Files (x86)\UCBrowser2015-11-30 13:54 - 2015-11-30 13:54 - 00001692 _____ C:\Users\Public\Desktop\UC Browser.lnk2015-11-30 13:54 - 2015-11-30 13:54 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\UCBrowser2015-11-30 13:54 - 2015-11-30 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC Browser2015-11-29 02:23 - 2015-11-29 02:23 - 00001008 _____ C:\Users\Public\Desktop\Unity 5.1.3f1 (64-bit).lnk2015-11-29 02:23 - 2015-11-29 02:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.1.3f1 (64-bit)2015-11-29 01:25 - 2015-11-29 01:25 - 00000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk2015-11-29 01:24 - 2015-11-29 01:24 - 00000817 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk2015-11-29 01:24 - 2015-11-29 01:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap2015-11-29 01:24 - 2015-11-29 01:24 - 00000000 ____D C:\Program Files (x86)\WinPcap2015-11-29 01:01 - 2015-11-29 01:01 - 00000000 ____D C:\Users\legendary_sage\Desktop\Autoruns2015-11-29 00:57 - 2015-11-29 00:57 - 00000000 ____D C:\Users\legendary_sage\Desktop\ProcessExplorer2015-11-29 00:42 - 2015-12-21 10:36 - 00000000 ____D C:\Program Files (x86)\SMADAV2015-11-29 00:42 - 2015-12-21 07:51 - 00000000 __SHD C:\[Smad-Cage]2015-11-29 00:42 - 2015-11-29 00:42 - 00003258 _____ C:\Windows\System32\Tasks\smadav2015-11-29 00:42 - 2015-11-29 00:42 - 00001090 _____ C:\Users\Public\Desktop\SMADΔV.lnk2015-11-29 00:42 - 2015-11-29 00:42 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Smadav2015-11-29 00:42 - 2015-11-29 00:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus2015-11-28 23:51 - 2015-12-21 10:30 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-11-28 19:14 - 2015-11-29 00:15 - 00000886 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-11-28 19:14 - 2015-11-29 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-11-28 19:14 - 2015-11-28 19:14 - 00000000 ____D C:\ProgramData\Malwarebytes2015-11-28 19:14 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2015-11-28 19:14 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2015-11-28 19:14 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2015-11-25 20:27 - 2015-11-25 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telerik2015-11-25 10:17 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll2015-11-25 10:17 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll2015-11-25 10:17 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll2015-11-25 10:17 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll2015-11-25 08:34 - 2015-04-25 03:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll2015-11-25 08:34 - 2015-04-25 03:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll2015-11-25 08:23 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2015-11-25 08:23 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys2015-11-25 08:23 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2015-11-25 08:23 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2015-11-25 08:23 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll2015-11-25 08:23 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2015-11-25 08:23 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2015-11-25 08:23 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll2015-11-25 08:23 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2015-11-25 08:13 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys2015-11-25 08:13 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys2015-11-25 08:12 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2015-11-25 08:12 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2015-11-25 08:05 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll2015-11-25 08:05 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll2015-11-25 08:00 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll2015-11-25 08:00 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2015-11-25 08:00 - 2014-10-29 04:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys2015-11-25 08:00 - 2014-10-29 03:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll2015-11-25 07:36 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll2015-11-25 06:58 - 2015-02-24 09:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys2015-11-25 06:57 - 2015-06-16 06:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll2015-11-25 06:57 - 2015-06-16 06:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll2015-11-25 06:40 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll2015-11-25 05:40 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe2015-11-25 05:38 - 2015-04-08 23:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe2015-11-24 20:00 - 2015-07-09 18:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe2015-11-24 20:00 - 2015-07-09 18:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe2015-11-24 20:00 - 2015-07-09 17:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe2015-11-24 19:55 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys2015-11-24 19:48 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll2015-11-24 19:48 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll2015-11-24 19:41 - 2015-08-01 04:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe2015-11-24 19:41 - 2015-08-01 04:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe2015-11-24 19:41 - 2015-08-01 04:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll2015-11-24 19:41 - 2015-08-01 04:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe2015-11-24 19:41 - 2015-08-01 04:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe2015-11-24 19:36 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll2015-11-24 19:36 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll2015-11-24 19:31 - 2015-08-03 22:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll2015-11-24 19:31 - 2015-08-03 22:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll2015-11-24 19:31 - 2015-08-01 15:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll2015-11-24 19:31 - 2014-10-29 03:46 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys2015-11-24 19:31 - 2014-10-29 03:41 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe2015-11-24 19:31 - 2014-10-29 03:28 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe2015-11-24 19:16 - 2015-03-13 03:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll2015-11-24 19:16 - 2015-03-13 03:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll2015-11-24 19:11 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll2015-11-24 19:11 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll2015-11-24 19:11 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll2015-11-24 19:11 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll2015-11-24 19:09 - 2015-06-11 04:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll2015-11-24 19:09 - 2015-06-10 17:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll2015-11-24 10:31 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll2015-11-24 10:31 - 2014-10-29 02:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll2015-11-24 10:21 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll2015-11-24 10:21 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll2015-11-24 10:17 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys2015-11-24 10:15 - 2015-07-01 23:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll2015-11-24 10:15 - 2015-07-01 23:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll2015-11-24 10:15 - 2015-07-01 22:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll2015-11-24 10:15 - 2015-07-01 22:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll2015-11-24 10:15 - 2014-09-04 01:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll2015-11-24 10:15 - 2014-09-04 01:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll2015-11-24 10:01 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll2015-11-24 09:01 - 2015-03-04 11:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys2015-11-24 09:01 - 2015-03-04 04:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll2015-11-24 09:01 - 2015-03-04 03:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll2015-11-23 08:19 - 2015-11-23 08:19 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Proxifier2015-11-23 08:17 - 2015-11-23 08:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxifier2015-11-23 08:17 - 2012-11-22 18:57 - 00103016 _____ (Initex) C:\Windows\system32\ProxifierShellExt.dll2015-11-23 08:17 - 2012-11-22 18:57 - 00091240 _____ (Initex) C:\Windows\SysWOW64\ProxifierShellExt.dll2015-11-23 08:17 - 2012-11-22 18:57 - 00076392 _____ (Initex) C:\Windows\system32\PrxerDrv.dll2015-11-23 08:17 - 2012-11-22 18:57 - 00070248 _____ (Initex) C:\Windows\SysWOW64\PrxerDrv.dll2015-11-23 08:17 - 2012-11-22 18:57 - 00057448 _____ C:\Windows\system32\PrxerNsp.dll2015-11-23 08:17 - 2012-11-22 18:57 - 00056424 _____ C:\Windows\SysWOW64\PrxerNsp.dll2015-11-23 08:17 - 1997-06-06 15:52 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL==================== One Month Modified files and folders ========(If an entry is included in the fixlist, the file/folder will be moved.)2015-12-21 12:07 - 2013-08-22 14:36 - 00000000 ____D C:\Windows2015-12-21 12:00 - 2015-10-04 16:53 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update12015-12-21 12:00 - 2015-10-04 16:53 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update22015-12-21 11:30 - 2015-10-30 20:13 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-12-21 10:42 - 2014-03-18 16:26 - 00867740 _____ C:\Windows\system32\PerfStringBackup.INI2015-12-21 10:42 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf2015-12-21 10:36 - 2015-11-17 18:33 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\USBSafelyRemove2015-12-21 10:36 - 2015-10-30 20:13 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-12-21 10:36 - 2015-10-04 14:34 - 00000093 _____ C:\Users\legendary_sage\AppData\Roaming\sp_data.sys2015-12-21 10:35 - 2015-10-08 09:14 - 00000000 ____D C:\ProgramData\VMware2015-12-21 10:35 - 2015-06-04 20:54 - 00000000 ____D C:\ProgramData\NVIDIA2015-12-21 10:35 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT2015-12-21 10:28 - 2015-10-04 18:23 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\DMCache2015-12-21 08:30 - 2015-10-04 14:39 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3578966673-3173021478-2160172042-10012015-12-21 08:02 - 2015-11-16 14:07 - 00000000 ____D C:\ProgramData\MFAData2015-12-21 08:02 - 2015-11-16 14:06 - 00000000 ____D C:\ProgramData\Avg2015-12-21 08:02 - 2015-11-16 14:05 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\Avg2015-12-21 08:02 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM2015-12-21 07:31 - 2013-08-22 16:36 - 00000000 ___SD C:\Windows\Downloaded Program Files2015-12-21 07:18 - 2015-10-08 04:04 - 00000000 ____D C:\Program Files\OpenVPN2015-12-21 05:55 - 2015-11-16 14:05 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\AvgSetupLog2015-12-21 05:09 - 2015-10-22 20:12 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\vlc2015-12-21 03:09 - 2015-10-04 22:41 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\Adobe2015-12-18 19:45 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps2015-12-18 19:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness2015-12-18 18:42 - 2015-10-14 20:07 - 00011282 _____ C:\Users\legendary_sage\Desktop\unity_yt.txt2015-12-18 05:11 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI2015-12-17 18:33 - 2015-11-17 17:39 - 00000000 ____D C:\ProgramData\Unity2015-12-17 00:41 - 2015-10-30 20:14 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk2015-12-17 00:23 - 2015-10-04 14:34 - 00000000 ____D C:\Users\legendary_sage2015-12-16 21:21 - 2015-10-08 14:50 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\VMware2015-12-16 21:21 - 2015-10-08 14:50 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\VMware2015-12-15 13:57 - 2015-10-07 03:58 - 00003112 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3578966673-3173021478-2160172042-10012015-12-15 13:57 - 2015-10-07 03:58 - 00000000 ___RD C:\Users\legendary_sage\OneDrive2015-12-12 14:20 - 2014-10-29 12:30 - 00000000 ____D C:\Program Files (x86)\MSBuild2015-12-12 13:42 - 2015-11-17 16:34 - 00000000 ____D C:\Users\legendary_sage\Desktop\new2015-12-12 06:34 - 2015-10-05 06:03 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\Genymobile2015-12-12 05:51 - 2015-10-05 06:04 - 00000000 ____D C:\Users\legendary_sage\.VirtualBox2015-12-11 11:34 - 2015-06-04 21:07 - 00000000 ____D C:\Program Files (x86)\Steam2015-12-09 16:15 - 2015-10-04 14:34 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\VirtualStore2015-12-09 15:20 - 2015-10-13 05:06 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Foxit Software2015-12-07 15:56 - 2015-11-17 17:40 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Unity2015-12-07 15:43 - 2015-11-17 17:27 - 00000000 ____D C:\Users\legendary_sage\AppData\LocalLow\Unity2015-12-07 13:45 - 2015-11-16 19:22 - 00000000 ____D C:\ProgramData\VsTelemetry2015-12-06 23:37 - 2015-11-17 08:02 - 00000000 ____D C:\Users\legendary_sage\Documents\Visual Studio 20152015-12-06 10:39 - 2013-08-22 15:44 - 00504672 _____ C:\Windows\system32\FNTCACHE.DAT2015-12-06 10:32 - 2015-10-20 08:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains2015-12-06 06:12 - 2015-10-10 06:11 - 00001898 _____ C:\Windows\Sandboxie.ini2015-12-03 22:25 - 2015-10-30 20:13 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-12-03 22:25 - 2015-10-30 20:13 - 00003658 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-12-03 19:42 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF2015-11-29 11:21 - 2015-10-04 14:34 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\Packages2015-11-29 02:38 - 2015-10-22 20:00 - 00000000 ____D C:\Users\legendary_sage\Desktop\Setup2015-11-29 02:24 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp2015-11-29 02:19 - 2015-10-05 05:37 - 00007596 _____ C:\Users\legendary_sage\AppData\Local\Resmon.ResmonCfg2015-11-28 11:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache2015-11-26 22:05 - 2015-10-04 18:23 - 00000000 ____D C:\Users\legendary_sage\Downloads\Video2015-11-26 22:04 - 2015-10-04 18:23 - 00000000 ____D C:\Users\legendary_sage\Downloads\Compressed2015-11-24 11:06 - 2015-10-08 19:54 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Skype2015-11-23 07:52 - 2015-11-13 22:01 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Apple Computer2015-11-23 07:52 - 2015-11-13 22:01 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\Apple Computer==================== Files in the root of some directories =======2015-10-04 14:34 - 2015-12-21 10:36 - 0000093 _____ () C:\Users\legendary_sage\AppData\Roaming\sp_data.sys2015-12-18 05:10 - 2015-12-18 05:10 - 0000218 _____ () C:\Users\legendary_sage\AppData\Local\recently-used.xbel2015-10-05 05:37 - 2015-11-29 02:19 - 0007596 _____ () C:\Users\legendary_sage\AppData\Local\Resmon.ResmonCfg2015-12-21 06:45 - 2015-12-21 06:45 - 0395467 _____ () C:\ProgramData\1450676376.bdinstall.bin2015-12-09 16:09 - 2015-12-09 16:09 - 0000057 _____ () C:\ProgramData\Ament.ini2015-06-04 20:59 - 2015-06-04 20:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl2014-10-29 07:25 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd2014-10-29 07:25 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe2014-10-29 07:25 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBSSome files in TEMP:====================C:\Users\legendary_sage\AppData\Local\Temp\avguirn_08705168534.exeC:\Users\legendary_sage\AppData\Local\Temp\Foxit PhantomPDF Updater.exeC:\Users\legendary_sage\AppData\Local\Temp\FoxitUpdater.exeC:\Users\legendary_sage\AppData\Local\Temp\jre-8u65-windows-au.exeC:\Users\legendary_sage\AppData\Local\Temp\pyl5839.tmp.exeC:\Users\legendary_sage\AppData\Local\Temp\pyl741C.tmp.exeC:\Users\legendary_sage\AppData\Local\Temp\pylEF1C.tmp.exeC:\Users\legendary_sage\AppData\Local\Temp\SetupO365HomePremRetail.x86.en-US_O365HomePremRetail_XN8MV-3VD7X-F2M8X-MWR2J-82K88_act_1_.exeC:\Users\legendary_sage\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dllC:\Users\legendary_sage\AppData\Local\Temp\sqlite3.dllC:\Users\legendary_sage\AppData\Local\Temp\xmlUpdater.exe==================== Bamital & volsnap =================(There is no automatic fix for files that do not pass verification.)C:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\dnsapi.dll => File is digitally signedC:\Windows\SysWOW64\dnsapi.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2015-12-17 01:45==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-12-2015
Ran by legendary_sage (2015-12-21 12:17:10)Running from C:\Users\legendary_sage\DesktopWindows 8.1 (X64) (2015-10-04 13:34:04)Boot Mode: Normal============================================================================== Accounts: =============================Administrator (S-1-5-21-3578966673-3173021478-2160172042-500 - Administrator - Disabled)Guest (S-1-5-21-3578966673-3173021478-2160172042-501 - Limited - Enabled)legendary_sage (S-1-5-21-3578966673-3173021478-2160172042-1001 - Administrator - Enabled) => C:\Users\legendary_sage==================== Security Center ========================(If an entry is included in the fixlist, it will be removed.)AV: Bitdefender Antivirus (Enabled - Out of date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Bitdefender Antispyware (Enabled - Out of date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: Bitdefender Firewall (Disabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}==================== Installed Programs ======================(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.193 - Adobe Systems Incorporated)Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.0 - Adobe Systems Incorporated)Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.201 - Adobe Systems Incorporated)Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)Apache Tomcat 8.0.15 (HKLM\...\nbi-tomcat-8.0.15.0.0) (Version: - )Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) HiddenAssassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)ASUS Gaming Center (HKLM-x32\...\{23C8A788-4790-4F3C-B103-0ACC7D9DC5BE}) (Version: 1.0.6 - ASUS)ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.026 - ASUS)ASUS ROG MacroKey (HKLM-x32\...\{348022C5-F497-4333-AFEE-208F22F169F2}_is1) (Version: 1.0.0.28 - G-spy Co., Ltd)ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.1.0 - ASUS)ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.02.0001 - ASUS)ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.29 - ASUS)ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0038 - ASUS)Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) HiddenAzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) HiddenBehaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) HiddenBehaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) HiddenBitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.20.1143 - Bitdefender)Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) HiddenBlend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) HiddenBlender (HKLM\...\{D593042C-8739-488D-93B8-E6B202013E57}) (Version: 2.76.1 - Blender Foundation)Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)Brackets (HKLM-x32\...\{D20AE926-9B7C-45F2-9201-B161CD30350D}) (Version: 1.4 - brackets.io)Build Tools - amd64 (Version: 12.0.31010 - Microsoft Corporation) HiddenBuild Tools - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) HiddenBuild Tools Language Resources - amd64 (Version: 12.0.31010 - Microsoft Corporation) HiddenBuild Tools Language Resources - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) HiddenCodedUITest81 (x32 Version: 14.0.23107 - Microsoft Corporation) HiddenDevice Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) HiddenELAN Touchpad 11.5.16.2_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.16.2 - ELAN Microelectronic Corp.)Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )Firefox Developer Edition 44.0a2 (x64 en-US) (HKLM\...\Firefox Developer Edition 44.0a2 (x64 en-US)) (Version: 44.0a2 - Mozilla)Foxit PhantomPDF (HKLM-x32\...\{045A0488-55C1-45B1-9992-4B4134904D61}) (Version: 7.0.59.127 - Foxit Software Inc.)Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.1.1 - Genesys Logic)Genymotion version 2.5.4 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.5.4 - Genymobile)Git version 2.6.4 (HKLM\...\Git_is1) (Version: 2.6.4 - The Git Development Community)GlassFish Server Open Source Edition 4.1 (HKLM\...\nbi-glassfish-mod-4.1.0.13.0) (Version: - )GLO NETPRO (HKLM-x32\...\GLO NETPRO) (Version: 15.001.05.18.251 - Huawei Technologies Co.,Ltd)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) HiddenHerramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) HiddenHP Deskjet 1510 series Basic Device Software (HKLM\...\{C9064E5C-D5AB-4EEB-86A6-50756901038A}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)HP Deskjet 1510 series Help (HKLM-x32\...\{2E25FCEB-EFCB-4696-AA01-D3CBAC721831}) (Version: 30.0.0 - Hewlett Packard)HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1016 - Intel Corporation)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1419.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)IntelliJ IDEA 14.1.5 (HKLM-x32\...\IntelliJ IDEA 14.1.5) (Version: 141.2735.5 - JetBrains s.r.o.)Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)JetBrains PhpStorm 10.0 (HKLM-x32\...\PhpStorm 10.0) (Version: 143.381.48 - JetBrains s.r.o.)LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) HiddenLocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) HiddenMalwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)Maxx Audio Installer (x64) (Version: 1.6.5073.106 - Waves Audio Ltd.) HiddenMicrosoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)Microsoft OneDrive (HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)Microsoft Visual Studio 2015 SDK - ENU (HKLM-x32\...\{028a4515-c200-4460-bccf-a9b338b0c0f4}) (Version: 14.0.23107.10 - Microsoft Corporation)Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{F0DB2786-18C8-4B0D-9DC2-BA58856A2821}) (Version: 2.1.0.0 - Microsoft Corporation)Microsoft Visual Studio Enterprise 2015 (HKLM-x32\...\{a60a492e-b5eb-4218-a9e6-f38d18a7dbaf}) (Version: 14.0.23107.10 - Microsoft Corporation)Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)Mozilla Firefox 41.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 en-GB)) (Version: 41.0.1 - Mozilla)Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) HiddenNetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)Node.js (HKLM\...\{3E2C7C09-7848-4393-815B-728D96B1E6FF}) (Version: 4.2.3 - Node.js Foundation)Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)NVIDIA 3D Vision Driver 348.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 348.01 - NVIDIA Corporation)NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)NVIDIA Graphics Driver 348.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 348.01 - NVIDIA Corporation)NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)NVIDIA Miracast Virtual Audio 348.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 348.01 - NVIDIA Corporation)NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)Oracle VM VirtualBox 5.0.6 (HKLM\...\{D09FC154-2747-4BC8-838E-B2EC414C4F6A}) (Version: 5.0.6 - Oracle Corporation)Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) HiddenPixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.23 - ASUS)PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) HiddenPrerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)Project and Item Templates for Visual Studio Community 2015 - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) HiddenProxifier version 3.21 (HKLM-x32\...\Proxifier_is1) (Version: 3.21 - Initex)Python 3.5.0 (32-bit) (HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\{1197d2bb-6cf8-488a-b994-d5bf6d7efe7b}) (Version: 3.5.150.0 - Python Software Foundation)Python 3.5.0 Add to Path (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) HiddenPython 3.5.0 Core Interpreter (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) HiddenPython 3.5.0 Development Libraries (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) HiddenPython 3.5.0 Documentation (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) HiddenPython 3.5.0 Executables (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) HiddenPython 3.5.0 Launcher (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) HiddenPython 3.5.0 pip Bootstrap (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) HiddenPython 3.5.0 Standard Library (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) HiddenPython 3.5.0 Tcl/Tk Support (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) HiddenPython 3.5.0 Test Suite (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) HiddenPython 3.5.0 Utility Scripts (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) HiddenRealtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7432 - Realtek Semiconductor Corp.)ROG Game First III (HKLM-x32\...\{0C6E32E1-31D9-49F1-B67F-2941994002D5}) (Version: 1.00.27 - ASUSTeK Computer Inc.)Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) HiddenSandboxie 5.04 (64-bit) (HKLM\...\Sandboxie) (Version: 5.04 - Sandboxie Holdings, LLC)SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) HiddenSharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) HiddenSHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) HiddenSHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) HiddenSkype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1210 - SUPERAntiSpyware.com)Syncios version 4.3.5 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.3.5 - Anvsoft, Inc.)Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) HiddenTeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)Telerik UI for JSP Q3 2015 SP1 (HKLM-x32\...\{956C6188-0A43-47B2-B564-3547CC7F93A7}) (Version: 15.3.1111.0 - Telerik AD)Telerik UI for PHP Q3 2015 SP1 (HKLM-x32\...\{4B8DA200-75DD-4CEA-81C3-BCA4210D74E9}) (Version: 15.3.1111.0 - Telerik AD)Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) HiddenThunderbolt Software (HKLM\...\{BED2816F-D47A-41DA-AFCF-44E1B257C368}) (Version: 2.0.4.250 - Intel® Corporation)UC Browser (HKLM-x32\...\UCBrowser) (Version: 5.5.8071.1004 - UCWeb Inc.)Unity (HKLM-x32\...\Unity) (Version: 5.1.3f1 - Unity Technologies ApS)Unity Web Player (HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) HiddenUniversal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) HiddenUniversal CRT Redistributable (x32 Version: 10.0.10150 - Microsoft Corporation) HiddenUniversal CRT Tools x64 (Version: 10.0.10150 - Microsoft Corporation) HiddenUniversal CRT Tools x86 (x32 Version: 10.0.10150 - Microsoft Corporation) HiddenUpdate for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)Update Installer for WildTangent Games App (x32 Version: - WildTangent) HiddenUplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft)USB Safely Remove 5.0 (HKLM-x32\...\USB Safely Remove_is1) (Version: - SafelyRemove.com)USBPcap 1.1.0.0-g794bf26 (HKLM\...\USBPcap) (Version: - )Vagrant (HKLM-x32\...\{40886BCB-FC93-4ED9-AE73-22568B8972D7}) (Version: 1.7.4 - HashiCorp)Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)VMware Workstation (HKLM\...\{132E3257-14F1-411A-BC6C-0CA32D3A9BC6}) (Version: 12.0.0 - VMware, Inc.)WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) HiddenWCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) HiddenWebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)Wings 3D 1.5.4 (HKLM-x32\...\Wings 3D 1.5.4) (Version: - )WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)WinRAR 5.30 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.4 - win.rar GmbH)Wireshark 2.0.0 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.0.0 - The Wireshark developer community, hxxps://www.wireshark.org)XAMPP (HKLM-x32\...\xampp) (Version: 5.6.12-0 - Bitnami)XSplit Gamecaster (HKLM-x32\...\{4EDB1851-7427-4324-AAAA-9E3852C73DAE}) (Version: 2.2.1502.1741 - SplitmediaLabs)==================== Custom CLSID (Whitelisted): ==========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)==================== Restore Points =========================16-12-2015 14:23:00 Installed Vagrant21-12-2015 05:52:36 Removed AVG==================== Hosts content: ===============================(If needed Hosts: directive could be included in the fixlist to reset Hosts.)2013-08-22 14:25 - 2015-12-21 11:35 - 00000838 ____A C:\Windows\system32\Drivers\etc\hosts==================== Scheduled Tasks (Whitelisted) =============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)Task: {0D38DEEC-F9CF-4216-A6D5-BDEF81B3F0BE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)Task: {13D0E045-ADB8-415A-A7E7-59990E4C7B93} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-02-26] ()Task: {1A49C99F-D813-4490-BF6F-4D07352E3475} - System32\Tasks\SUPERAntiSpyware Scheduled Task 29d02f23-c02a-40d5-9dfa-043597705cdf => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)Task: {1E371D73-79F3-4D4B-9B82-B758EF690FC1} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)Task: {21D675C5-6033-4496-810C-630DD6AF9B61} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => start ThunderboltServiceTask: {2F81EB96-6811-427A-9927-CCD9177EDEC6} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-01-23] (Realtek Semiconductor)Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)Task: {497D3B2D-C225-4BFC-A090-BA9F4EBCD335} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [2015-12-04] (UCWeb Inc)Task: {4C2C97AD-AFE1-4A95-B8BD-C251BE284DC4} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-01-23] (Realtek Semiconductor)Task: {5E84E807-8F1D-41AE-BF4D-DCEB642FD0B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-30] (Google Inc.)Task: {620BB673-4EE8-4516-891A-223371EBD2A6} - System32\Tasks\{93EEE56C-9B85-44A3-9C9B-E2930106AA55} => pcalua.exe -a "E:\Le Me\Program Files\Malwarebytes Anti-Malware\unins000.exe"Task: {6296FE7E-65A0-45C9-B0FC-86D851145CB4} - System32\Tasks\SUPERAntiSpyware Scheduled Task d28a861a-025a-443b-87c2-d1d8629c9d51 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)Task: {6806CD68-B5D7-45F8-A969-838F8593E2E0} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-06-03] (ASUS)Task: {682BDF46-F1DE-4843-8414-AF89CBFCF61A} - System32\Tasks\Gaming Center => C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe [2015-02-13] (ASUSTek Computer Inc.)Task: {73E1641F-0321-402F-A621-FA6A33153493} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()Task: {75CC3D17-82C3-4CA2-830E-2DF94942D2B1} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)Task: {7AEE0DB3-E6F9-4F9E-BE20-077FA43352AC} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exeTask: {7DB8B65B-834C-494D-8F3C-CC1107F6287A} - System32\Tasks\smadav => C:\Program Files (x86)\Smadav\SMΔRTP.exe [2015-11-24] (Smadsoft)Task: {8B3F409A-64C7-491B-AF2F-43800BDDB76B} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)Task: {971BC007-282D-40C1-B43B-FF2D44EC1138} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exeTask: {B339181D-F986-4F27-85FE-3627BC70D0CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-30] (Google Inc.)Task: {B6D04D4B-59B3-465A-8A07-2CE41BCACAAE} - System32\Tasks\AdobeAAMUpdater-1.0-sage-pc-legendary_sage => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated)Task: {BA0353D8-1920-41B0-B784-E3744800712A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)Task: {BC1BADA7-29C2-4A0B-B976-3F0144834E16} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3578966673-3173021478-2160172042-1001 => C:\Users\legendary_sage\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-15] (Microsoft Corporation)Task: {C12C2661-83A7-466F-8F5A-A432B90675C2} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe [2015-03-25] (SplitmediaLabs)Task: {C1734735-0402-4439-ABD6-7491C2F69C38} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)Task: {EC1B12B2-DE48-47C9-88F7-6158DD2DD15E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exeTask: {FECEF67A-1344-40D9-AE1D-68D7EDABDF54} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 29d02f23-c02a-40d5-9dfa-043597705cdf.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeTask: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d28a861a-025a-443b-87c2-d1d8629c9d51.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeTask: C:\Windows\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe==================== Shortcuts =============================(The entries could be listed to be restored or removed.)==================== Loaded Modules (Whitelisted) ==============2015-12-21 06:44 - 2013-09-03 14:29 - 00101328 _____ () C:\Bitdefender\Bitdefender 2016\bdmetrics.dll2015-11-23 08:17 - 2012-11-22 18:57 - 00057448 _____ () C:\Windows\system32\PrxerNsp.dll2015-12-21 06:44 - 2015-09-04 17:39 - 00875352 _____ () C:\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpbr.mdl2015-12-21 06:44 - 2015-09-04 17:39 - 00741952 _____ () C:\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpdsp.mdl2015-12-21 06:44 - 2015-09-04 17:39 - 02800952 _____ () C:\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpph.mdl2015-12-21 06:44 - 2015-09-04 17:39 - 01413024 _____ () C:\Bitdefender\Bitdefender 2016\otengines_001_001\ashttprbl.mdl2015-11-17 18:32 - 2012-01-31 01:16 - 01107288 _____ () E:\Le Me\Program Files\USB Safely Remove\USBSRService.exe2015-06-04 20:54 - 2015-04-12 20:19 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll2015-10-13 05:45 - 2015-10-13 05:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll2010-11-16 14:38 - 2010-11-16 14:38 - 00339456 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe2015-11-30 13:54 - 2015-12-04 11:21 - 00515576 _____ () C:\Program Files (x86)\UCBrowser\Application\UCService.exe2015-07-31 09:58 - 2015-07-31 09:58 - 08901800 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll2015-06-04 21:01 - 2014-02-26 04:13 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe2015-06-04 21:04 - 2013-05-15 14:39 - 00463872 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe2015-10-04 16:19 - 2013-07-19 09:41 - 04062708 _____ () C:\Users\legendary_sage\Desktop\simple server\SimpleServer.exe2015-08-14 14:02 - 2015-08-14 14:02 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll2014-06-03 20:01 - 2014-06-03 20:01 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll2014-06-03 20:01 - 2014-06-03 20:01 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll2014-06-03 20:01 - 2014-06-03 20:01 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll2014-06-03 20:01 - 2014-06-03 20:01 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll2015-06-04 20:55 - 2015-03-28 04:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll2015-06-04 20:59 - 2013-10-23 13:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll2015-12-08 04:46 - 2015-12-04 11:21 - 01404920 _____ () C:\Program Files (x86)\UCBrowser\Application\5.5.8071.1004\libglesv2.dll2015-12-08 04:46 - 2015-12-04 11:21 - 00080376 _____ () C:\Program Files (x86)\UCBrowser\Application\5.5.8071.1004\libegl.dll2015-06-08 20:06 - 2015-06-08 20:06 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll2015-05-15 15:24 - 2015-05-15 15:24 - 02873856 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll2015-07-31 10:00 - 2015-07-31 10:00 - 08901800 _____ () C:\Program Files (x86)\Microsoft Office\Office16\1033\GrooveIntlResource.dll2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll==================== Alternate Data Streams (Whitelisted) =========(If an entry is included in the fixlist, only the ADS will be removed.)AlternateDataStreams: C:\Users\legendary_sage\Desktop\Apress.Beginning.Java.8.APIs.Extensions.and.Libraries.1430266619.pdf:AFP_AfpInfoAlternateDataStreams: C:\Users\legendary_sage\Desktop\Apress.Beginning.Java.8.APIs.Extensions.and.Libraries.1430266619.pdf:Mac_MetadataAlternateDataStreams: C:\Users\legendary_sage\Desktop\Apress.Beginning.Java.8.Language.Features.1430266589.pdf:AFP_AfpInfoAlternateDataStreams: C:\Users\legendary_sage\Desktop\Apress.Beginning.Java.8.Language.Features.1430266589.pdf:Mac_MetadataAlternateDataStreams: C:\Users\legendary_sage\Desktop\Deitel P.J., Deitel H.M. - Java How to Program, 9th Edition - 2012.pdf:AFP_AfpInfoAlternateDataStreams: C:\Users\legendary_sage\Desktop\Deitel P.J., Deitel H.M. - Java How to Program, 9th Edition - 2012.pdf:Mac_MetadataAlternateDataStreams: C:\Users\legendary_sage\Desktop\Fundamental Networking In Java.pdf:AFP_AfpInfoAlternateDataStreams: C:\Users\legendary_sage\Desktop\Fundamental Networking In Java.pdf:com.apple.quarantineAlternateDataStreams: C:\Users\legendary_sage\Desktop\Fundamental Networking In Java.pdf:Mac_MetadataAlternateDataStreams: C:\Users\legendary_sage\Desktop\MGH.Java.WebSocket.Programming.0071827196.pdf:AFP_AfpInfoAlternateDataStreams: C:\Users\legendary_sage\Desktop\MGH.Java.WebSocket.Programming.0071827196.pdf:Mac_MetadataAlternateDataStreams: C:\Users\legendary_sage\Desktop\OReilly.Java.Cookbook.3rd.Edition.144933704X.pdf:AFP_AfpInfoAlternateDataStreams: C:\Users\legendary_sage\Desktop\OReilly.Java.Cookbook.3rd.Edition.144933704X.pdf:Mac_MetadataAlternateDataStreams: C:\Users\legendary_sage\Desktop\Oreilly.Java.Network.Programming.4.edition.1449357679.pdf:AFP_AfpInfoAlternateDataStreams: C:\Users\legendary_sage\Desktop\Oreilly.Java.Network.Programming.4.edition.1449357679.pdf:com.apple.quarantineAlternateDataStreams: C:\Users\legendary_sage\Desktop\Oreilly.Java.Network.Programming.4.edition.1449357679.pdf:Mac_MetadataAlternateDataStreams: C:\Users\legendary_sage\Desktop\OReilly.Learning.PHP.MySQL.JavaScript.4th.Edition.1491918667.pdf:com.apple.quarantineAlternateDataStreams: C:\Users\legendary_sage\Desktop\OReilly.Learning.PHP.MySQL.JavaScript.4th.Edition.1491918667.pdf:Mac_MetadataAlternateDataStreams: C:\Users\legendary_sage\Desktop\OReilly.Programming.PHP.3rd.Edition.1449392776.pdf:com.apple.quarantineAlternateDataStreams: C:\Users\legendary_sage\Desktop\OReilly.Programming.PHP.3rd.Edition.1449392776.pdf:Mac_MetadataAlternateDataStreams: C:\Users\legendary_sage\Desktop\Packt.Getting.started.with.IntelliJ.IDEA.1849699615.pdf:AFP_AfpInfoAlternateDataStreams: C:\Users\legendary_sage\Desktop\Packt.Getting.started.with.IntelliJ.IDEA.1849699615.pdf:Mac_MetadataAlternateDataStreams: C:\Users\legendary_sage\Desktop\PacktPub.VMware.Workstation.No.Experience.Necessary.1849689180.pdf:AFP_AfpInfoAlternateDataStreams: C:\Users\legendary_sage\Desktop\PacktPub.VMware.Workstation.No.Experience.Necessary.1849689180.pdf:Mac_MetadataAlternateDataStreams: C:\Users\legendary_sage\Desktop\Prentice Hall Java How To Program Early Objects 10th Edition.pdf:com.apple.quarantineAlternateDataStreams: C:\Users\legendary_sage\Desktop\Springer.Advanced.Network.Programming.Principles.and.Techniques.1447152913.pdf:AFP_AfpInfoAlternateDataStreams: C:\Users\legendary_sage\Desktop\Springer.Advanced.Network.Programming.Principles.and.Techniques.1447152913.pdf:com.apple.quarantineAlternateDataStreams: C:\Users\legendary_sage\Desktop\Springer.Advanced.Network.Programming.Principles.and.Techniques.1447152913.pdf:Mac_MetadataAlternateDataStreams: C:\Users\legendary_sage\Desktop\Springer.An.Introduction.to.Network.Programming.with.Java.Java.7.Compatible.1447152530.pdf:AFP_AfpInfoAlternateDataStreams: C:\Users\legendary_sage\Desktop\Springer.An.Introduction.to.Network.Programming.with.Java.Java.7.Compatible.1447152530.pdf:com.apple.quarantineAlternateDataStreams: C:\Users\legendary_sage\Desktop\Springer.An.Introduction.to.Network.Programming.with.Java.Java.7.Compatible.1447152530.pdf:Mac_MetadataAlternateDataStreams: C:\Users\legendary_sage\Desktop\TCP,IP Sockets In Java.pdf:AFP_AfpInfoAlternateDataStreams: C:\Users\legendary_sage\Desktop\TCP,IP Sockets In Java.pdf:com.apple.quarantineAlternateDataStreams: C:\Users\legendary_sage\Desktop\TCP,IP Sockets In Java.pdf:Mac_MetadataAlternateDataStreams: C:\Users\legendary_sage\Desktop\Wrox.Professional.Java.for.Web.Applications.1118656466.pdf:AFP_AfpInfoAlternateDataStreams: C:\Users\legendary_sage\Desktop\Wrox.Professional.Java.for.Web.Applications.1118656466.pdf:Mac_Metadata==================== Safe Mode (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""==================== EXE Association (Whitelisted) ===============(If an entry is included in the fixlist, the registry item will be restored to default or removed.)==================== Internet Explorer trusted/restricted ===============(If an entry is included in the fixlist, it will be removed from the registry.)==================== Other Areas ============================(Currently there is no automatic fix for this section.)HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\legendary_sage\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaperDNS Servers: 192.168.137.1HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)Windows Firewall is disabled.==================== MSCONFIG/TASK MANAGER disabled items ==(Currently there is no automatic fix for this section.)HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"HKLM\...\StartupApproved\Run32: => "atom"HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"HKLM\...\StartupApproved\Run32: => "SYNCIOS DEVICE SERVICE"HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\StartupApproved\Run: => "HW_OPENEYE_OUC_GLO NETPRO"HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\StartupApproved\Run: => "SandboxieControl"==================== FirewallRules (Whitelisted) ===============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139FirewallRules: [{D48F6F7F-BD46-41F0-BD6B-37F58504FF32}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exeFirewallRules: [{5A578180-F033-4EDB-9976-F59AF87F89EB}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exeFirewallRules: [{FCBFBC40-56B3-41D5-8C7C-6346B6ECA78F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeFirewallRules: [{C5D4040B-A839-4240-8A0D-F9B90CB58775}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeFirewallRules: [{E671A1A5-A4B9-47A3-B88D-DABAF2534F52}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeFirewallRules: [{3E9CD824-F324-43D7-9164-6D10D701F12E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeFirewallRules: [{C1B0E80B-424A-4C82-A158-36C2B7A8C788}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exeFirewallRules: [{4AC5389B-E167-4015-8CD5-32EB473A8D14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exeFirewallRules: [{B93A05E4-E997-4377-8FBC-C2D6468330DB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{D9B02DF9-D4CB-4E7C-8EBE-83607B54778E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{298887B8-AA95-4F40-B943-FA994ECC64A2}] => (Allow) C:\Windows\system32\ftp.exeFirewallRules: [{15E50453-37CB-44E1-9751-8A9B5A487440}] => (Allow) C:\Windows\system32\ftp.exeFirewallRules: [{7FCCA7CC-C2AA-4D03-8688-D3BC42D5FD88}] => (Allow) C:\Windows\SysWOW64\ftp.exeFirewallRules: [{78865446-7250-4BFF-9FD4-147FC4FC36E7}] => (Allow) C:\Windows\SysWOW64\ftp.exeFirewallRules: [{EBCB237F-113A-4073-A767-8B24ED77502E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exeFirewallRules: [{E532751D-A85C-48E0-A68D-39ED1019D115}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exeFirewallRules: [{FCC7DD50-0059-4829-BC1F-EE05C3536F91}] => (Allow) C:\Users\legendary_sage\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeFirewallRules: [{E0352228-87C7-4493-B026-3883B599F680}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exeFirewallRules: [{1F76CAF2-72A9-4FE7-A4CD-2ADF7865FA57}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exeFirewallRules: [{148543C2-1776-4555-AD28-861874C7D5F8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exeFirewallRules: [{91D57927-401F-4A5A-BACB-153485CF78C3}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exeFirewallRules: [{92FEC02D-38A2-405A-8C56-B29D21029C75}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exeFirewallRules: [{005D222B-C8E4-4C1F-B8A6-5577342378A4}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exeFirewallRules: [{E7BDC128-9FC4-457B-BB60-9EDA436841F5}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exeFirewallRules: [{88060FCB-FE42-4F6F-A831-48CDA5C71E09}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exeFirewallRules: [{E36D259E-EBA1-4C46-B7EF-C6FE13EF04A6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{B7309BBB-FE65-4669-B4BB-90AC3B0ED457}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{B95E803B-74C0-4529-94F2-55F236CEA22B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exeFirewallRules: [{8D648FAD-256A-4C64-B828-E848AB1EE950}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exeFirewallRules: [{32E37DCC-964C-472A-88FA-939CE5DE0A8F}] => (Allow) E:\Le Me\Program Files\iTunes\iTunes.exeFirewallRules: [TCP Query User{A6CFC1EB-DE68-4494-83B9-C0E5BFE4B983}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exeFirewallRules: [UDP Query User{9E08AB15-8F5B-46AE-9E3F-86E3B061BFB1}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exeFirewallRules: [TCP Query User{96A43B07-AA90-4E90-B672-E29AA6FBBF12}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_60\bin\java.exeFirewallRules: [UDP Query User{50E94653-7BFA-4E5C-A505-1FE4DCD0FDBA}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_60\bin\java.exeFirewallRules: [{59397CA2-CBF3-4C97-8FB4-9B78F04F731D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exeFirewallRules: [{B9E2FBB4-982B-44F8-8B50-EF144D6F0E9F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exeFirewallRules: [{8FC22AB6-96E9-4D77-AA0E-E9AE7065FA5D}] => (Allow) E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exeFirewallRules: [{86B395D3-0762-42AD-A95C-BC5A5FCA3808}] => (Allow) E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exeFirewallRules: [{250259D3-B0BA-46DA-88DC-3285667B1C0F}] => (Allow) E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exeFirewallRules: [{5D409274-D6EF-4CAD-8950-167B1BDB48EA}] => (Allow) E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exeFirewallRules: [{0572BB50-E0F0-4007-984A-78BE94A0D305}] => (Allow) E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exeFirewallRules: [{C8388708-3B98-4E19-9E57-04041E7D4C58}] => (Allow) E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exeFirewallRules: [{72832EF3-754D-4978-8FB5-34E79F20D626}] => (Allow) E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exeFirewallRules: [{CA6285B8-C82C-44B2-8FA3-B8E2A6915298}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exeFirewallRules: [{58BCCA73-0B04-4CF0-ADFD-C0DD37A24592}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exeFirewallRules: [{62A6E65D-7E8C-47A8-939B-8C79998E1E4E}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exeFirewallRules: [{37522620-54B1-43C9-82AE-5C60E7E7AE83}] => (Allow) E:\Le Me\Program Files\FireFox Developer Edition\firefox.exeFirewallRules: [{9CC74FF0-2879-4753-BE9D-3D4C3EA6A861}] => (Allow) E:\Le Me\Program Files\FireFox Developer Edition\firefox.exeFirewallRules: [TCP Query User{76356374-0A2E-43CD-85D8-8E2B05A6B21E}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exeFirewallRules: [UDP Query User{5441D9FE-3F03-4899-9D3E-8745A289FC8B}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exeFirewallRules: [TCP Query User{EC84F7EE-C3E0-48FF-8888-15CA664C8256}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exeFirewallRules: [UDP Query User{07E0B0BF-A89E-4CEE-BA83-67195B8CA06B}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exeFirewallRules: [TCP Query User{90BCBC1C-695B-4BF6-A272-3B483EE34C34}E:\le me\program files\jetbrains\phpstorm 9.0.2\bin\phpstorm.exe] => (Block) E:\le me\program files\jetbrains\phpstorm 9.0.2\bin\phpstorm.exeFirewallRules: [UDP Query User{0BF62B5F-3216-4433-BA25-E65BB63AE5AD}E:\le me\program files\jetbrains\phpstorm 9.0.2\bin\phpstorm.exe] => (Block) E:\le me\program files\jetbrains\phpstorm 9.0.2\bin\phpstorm.exeFirewallRules: [{5465634D-5072-499A-A307-E04E4FD270CD}] => (Allow) E:\Le Me\Program Files\TeamViewer\TeamViewer.exeFirewallRules: [{B04A4EDD-482F-45F3-BE26-8B6A21AA7A75}] => (Allow) E:\Le Me\Program Files\TeamViewer\TeamViewer.exeFirewallRules: [{782D9E8C-F5BE-4F81-9BEF-8118B2B8E053}] => (Allow) E:\Le Me\Program Files\TeamViewer\TeamViewer_Service.exeFirewallRules: [{3EB88B7C-A6E2-4D10-B05A-142043E1D6B9}] => (Allow) E:\Le Me\Program Files\TeamViewer\TeamViewer_Service.exeFirewallRules: [{A0AA4BB5-A11A-4850-93E9-DE7FAF15FB1E}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exeFirewallRules: [{ADEB5E49-0AEC-4DE5-8FBB-B363CCB42C89}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exeFirewallRules: [TCP Query User{BCD68874-167A-45FB-BBEC-7320D09DC476}C:\program files\android\android studio\bin\studio64.exe] => (Block) C:\program files\android\android studio\bin\studio64.exeFirewallRules: [UDP Query User{206E2DCC-FB02-41C5-B130-329C2E41BBF2}C:\program files\android\android studio\bin\studio64.exe] => (Block) C:\program files\android\android studio\bin\studio64.exeFirewallRules: [TCP Query User{66D98573-58F6-4909-8546-59335EA4D6D5}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Block) C:\program files\java\jdk1.8.0_60\bin\java.exeFirewallRules: [UDP Query User{12AC699D-E475-4FCD-A72B-79227863FD51}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Block) C:\program files\java\jdk1.8.0_60\bin\java.exeFirewallRules: [{1B43591E-F30D-4D10-8A7A-E59793277EDE}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exeFirewallRules: [{698C68ED-B406-411E-8896-585959C2A131}] => (Allow) E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exeFirewallRules: [{38510F6C-DA80-4A90-97D2-C667DDC34491}] => (Allow) E:\Le Me\Program Files\Unity_5.1.3\Unity\Editor\Unity.exeFirewallRules: [{134A10C6-A3FF-483E-A941-D368846FD6C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exeFirewallRules: [TCP Query User{6BF605A0-74E7-4265-AFAC-FF3840E253D7}E:\le me\program files\firefox developer edition\firefox.exe] => (Block) E:\le me\program files\firefox developer edition\firefox.exeFirewallRules: [UDP Query User{133EEF00-11FE-436B-A62B-1414D907EA9D}E:\le me\program files\firefox developer edition\firefox.exe] => (Block) E:\le me\program files\firefox developer edition\firefox.exeFirewallRules: [TCP Query User{BD36B719-FC29-4062-BF69-38FD52B74C6F}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exeFirewallRules: [UDP Query User{38FA488C-1E13-44EF-94DA-658157B16BC2}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exeFirewallRules: [TCP Query User{09C208FC-5F7F-46D0-A5A7-9A76B0347B4F}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exeFirewallRules: [UDP Query User{31857DB0-7D3F-465E-A38C-D490C3BE240E}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe==================== Faulty Device Manager Devices ================================= Event log errors: =========================Application errors:==================Error: (12/21/2015 12:15:13 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program FRST64.exe version 20.12.2015.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.Process ID: 23bcStart Time: 01d13bdf5f3e9898Termination Time: 4294967295Application Path: C:\Users\legendary_sage\Desktop\FRST64.exeReport Id: 169c6986-a7d4-11e5-8288-cc3d82e2884dFaulting package full name:Faulting package-relative application ID:Error: (12/21/2015 10:41:29 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c117d5Faulting module name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c117d5Exception code: 0x40000015Fault offset: 0x00052d24Faulting process ID: 0x1850Faulting application start time: 0xjucheck.exe0Faulting application path: jucheck.exe1Faulting module path: jucheck.exe2Report ID: jucheck.exe3Faulting package full name: jucheck.exe4Faulting package-relative application ID: jucheck.exe5Error: (12/21/2015 08:55:22 AM) (Source: SideBySide) (EventID: 78) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.Error: (12/21/2015 08:48:50 AM) (Source: SideBySide) (EventID: 78) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.Error: (12/21/2015 08:01:36 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17239, time stamp: 0x53d22946Faulting module name: ONLINE~1.OCX_unloaded, version: 1.0.0.7777, time stamp: 0x55546935Exception code: 0xc0000005Fault offset: 0x0002a100Faulting process ID: 0x2650Faulting application start time: 0xIEXPLORE.EXE0Faulting application path: IEXPLORE.EXE1Faulting module path: IEXPLORE.EXE2Report ID: IEXPLORE.EXE3Faulting package full name: IEXPLORE.EXE4Faulting package-relative application ID: IEXPLORE.EXE5Error: (12/21/2015 07:31:23 AM) (Source: SideBySide) (EventID: 78) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.Error: (12/21/2015 03:18:57 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )Description: Subscription licensing service failed: -1073418154Error: (12/20/2015 08:39:31 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )Description: NvStreamSvcFailed continue stopping. [6]Error: (12/20/2015 07:02:35 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )Description: NvStreamSvcFailed continue stopping. [6]Error: (12/20/2015 05:10:51 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )Description: Subscription licensing service failed: -1073418154System errors:=============Error: (12/21/2015 10:36:00 AM) (Source: Service Control Manager) (EventID: 7024) (User: )Description: The VMware Workstation Server service terminated with the following service-specific error:%%4294967295Error: (12/21/2015 10:35:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The MBAMService service failed to start due to the following error:%%1053Error: (12/21/2015 10:35:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.Error: (12/21/2015 10:35:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The MBAMScheduler service failed to start due to the following error:%%1053Error: (12/21/2015 10:35:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.Error: (12/21/2015 10:35:27 AM) (Source: DCOM) (EventID: 10005) (User: sage-pc)Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}Error: (12/21/2015 10:35:25 AM) (Source: DCOM) (EventID: 10005) (User: sage-pc)Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}Error: (12/21/2015 10:35:25 AM) (Source: DCOM) (EventID: 10005) (User: sage-pc)Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}Error: (12/21/2015 10:35:25 AM) (Source: DCOM) (EventID: 10005) (User: sage-pc)Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}Error: (12/21/2015 10:35:25 AM) (Source: DCOM) (EventID: 10005) (User: sage-pc)Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}==================== Memory info ===========================Processor: Intel® Core i7-4720HQ CPU @ 2.60GHzPercentage of memory in use: 27%Total physical RAM: 16333.09 MBAvailable physical RAM: 11859.7 MBTotal Virtual: 18765.09 MBAvailable Virtual: 13362.84 MB==================== Drives ================================Drive c: (OS) (Fixed) (Total:95.39 GB) (Free:27.18 GB) NTFS ==>[system with boot components (obtained from drive)]Drive d: (Data) (Fixed) (Total:127.85 GB) (Free:111.75 GB) NTFSDrive e: (Data1) (Fixed) (Total:465.75 GB) (Free:268.5 GB) NTFSDrive f: (Dev) (Fixed) (Total:465.76 GB) (Free:172.19 GB) NTFS==================== MBR & Partition Table ==========================================================================Disk: 0 (Size: 238.5 GB) (Disk ID: 255D32A0)Partition: GPT.========================================================Disk: 1 (Size: 931.5 GB) (Disk ID: 2E785823)Partition: GPT.==================== End of Addition.txt ============================
Edited by netwalker1, 21 December 2015 - 05:55 AM.