Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can't run any security software [Solved]


  • This topic is locked This topic is locked

#1
netwalker1

netwalker1

    New Member

  • Member
  • Pip
  • 9 posts

Good day, none of the software solutions i download is able to run, avg was dormant, malwarebytes reports application unable to start correctly (0xc0000279), bitdefender can't open a window though its tray icon is available, superantispyware only reported cookies, smadav was able to get some registries values NoFolderOptions, NoRun, NoControlPanel, DisableTaskMgr, DisableRegistryTools, DisableCMD which it corrected though before i ran smadav scan i could access my taskmanager and cmd, also when in safe mode i can run the security software, those are what i have tried but my security tools can't still open its obvious i'm infected. From my observations on the board i'm to post my scan results from farbar(below), thanks.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015

Ran by legendary_sage (administrator) on SAGE-PC (21-12-2015 12:15:33)
Running from C:\Users\legendary_sage\Desktop
Loaded Profiles: legendary_sage (Available Profiles: legendary_sage)
Platform: Windows 8.1 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Bitdefender\Bitdefender 2016\vsserv.exe
() E:\Le Me\Program Files\USB Safely Remove\USBSRService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) D:\Program Files\Sandboxie\SbieSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Video DSP\DriverMFTService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) E:\Le Me\Program Files\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\UCBrowser\Application\UCService.exe
(Bitdefender) C:\Bitdefender\Bitdefender 2016\updatesrv.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Smadsoft) C:\Program Files (x86)\SMADAV\SMΔRTP.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) E:\Le Me\Program Files\iTunes\iTunesHelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Bitdefender) C:\Bitdefender\Bitdefender 2016\bdagent.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Bitdefender) C:\Bitdefender\Bitdefender 2016\bdwtxag.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
() C:\Users\legendary_sage\Desktop\simple server\SimpleServer.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Bitdefender) C:\Bitdefender\Bitdefender 2016\bdwtxcr.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(Don HO [email protected]) C:\Program Files (x86)\Notepad++\notepad++.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(UCWeb Inc.) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
(Bitdefender) C:\Bitdefender\Bitdefender 2016\downloader.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3246920 2014-10-15] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => E:\Le Me\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [Bdagent] => C:\Bitdefender\Bitdefender 2016\bdagent.exe [1688552 2015-10-20] (Bitdefender)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()
HKLM-x32\...\Run: [ASUS ROG MacroKey] => C:\Program Files (x86)\ASUS\ASUS ROG MacroKey\Hid.exe [2036224 2014-07-30] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [atom] => C:\ProgramData\SquirrelMachineInstalls\atom.exe --checkInstall
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104128 2015-08-14] (VMware, Inc.)
HKLM-x32\...\Run: [SYNCIOS DEVICE SERVICE] => E:\Le Me\Program Files\Syncios\SynciosDeviceService.exe [861184 2015-08-04] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\Run: [HW_OPENEYE_OUC_GLO NETPRO] => C:\Program Files (x86)\GLO NETPRO\UpdateDog\ouc.exe [110592 2009-07-27] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\Run: [SandboxieControl] => D:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-10-10] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3911248 2015-11-16] (Tonec Inc.)
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\Run: [Bitdefender Wallet Agent] => C:\Bitdefender\Bitdefender 2016\bdwtxag.exe [1416096 2015-10-13] (Bitdefender)
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-12-02] (SUPERAntiSpyware)
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\Run: [USB Safely Remove] => E:\Le Me\Program Files\USB Safely Remove\USBSafelyRemove.exe [6061056 2012-01-31] (Crystal Rich Ltd)
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\MountPoints2: I - "I:\AutoRun.exe" 
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\MountPoints2: {3f7b560c-6ab2-11e5-8260-cc3d82e2884d} - "H:\AutoRun.exe" 
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\MountPoints2: {3f7b564e-6ab2-11e5-8260-cc3d82e2884d} - "H:\AutoRun.exe" 
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\MountPoints2: {3f7b5bac-6ab2-11e5-8260-cc3d82e2884d} - "H:\AutoRun.exe" 
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\MountPoints2: {3f7b5d7b-6ab2-11e5-8260-cc3d82e2884d} - "I:\AutoRun.exe" 
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\MountPoints2: {8784b0b0-8a8b-11e5-8273-cc3d82e2884d} - "I:\AutoRun.exe" 
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\MountPoints2: {d91cd4ad-6b29-11e5-8262-cc3d82e2884d} - "H:\AutoRun.exe" 
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [S-1-5-21-3578966673-3173021478-2160172042-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-3578966673-3173021478-2160172042-1001] => 127.0.0.1:8080
Winsock: Catalog5 01 C:\Windows\SysWOW64\PrxerNsp.dll [56424 2012-11-22] ()
Winsock: Catalog5-x64 01 C:\Windows\system32\PrxerNsp.dll [57448 2012-11-22] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.137.1
Tcpip\..\Interfaces\{54B75834-BC80-4CE4-82BE-117DAD41C3FE}: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{62C4A55E-8576-4223-B089-AFB23800055B}: [NameServer] 10.109.5.97 10.109.2.97
Tcpip\..\Interfaces\{9F1CEA6F-E88F-420F-BFDE-0B7831BB8881}: [DhcpNameServer] 192.11.128.24
Tcpip\..\Interfaces\{CA8A7453-19EA-49E5-8213-5572AA6FF207}: [DhcpNameServer] 192.168.137.1
Tcpip\..\Interfaces\{F58957DA-E83C-4DF9-9639-5466A67E2BCB}: [NameServer] 10.109.2.97 10.109.5.97
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-09-21] (Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-04] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-04] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-09-21] (Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2015-07-07] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-09-21] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-09-21] (Bitdefender)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\legendary_sage\AppData\Roaming\Mozilla\Firefox\Profiles\nqvzq4iq.default
FF Session Restore: -> is enabled.
FF NetworkProxy: "backup.ftp", "127.0.0.1"
FF NetworkProxy: "backup.ftp_port", 8080
FF NetworkProxy: "backup.socks", "127.0.0.1"
FF NetworkProxy: "backup.socks_port", 8080
FF NetworkProxy: "backup.ssl", "127.0.0.1"
FF NetworkProxy: "backup.ssl_port", 8080
FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_201.dll [2015-10-04] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-04] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_201.dll [2015-10-04] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-12] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3578966673-3173021478-2160172042-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\legendary_sage\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-18] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)
FF Extension: User Agent Switcher - C:\Users\legendary_sage\AppData\Roaming\Mozilla\Firefox\Profiles\nqvzq4iq.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2015-10-09]
FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015-11-09]
FF Extension: Greasemonkey - C:\Users\legendary_sage\AppData\Roaming\Mozilla\Firefox\Profiles\nqvzq4iq.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-11-23]
FF Extension: S3.Google Translator - C:\Users\legendary_sage\AppData\Roaming\Mozilla\Firefox\Profiles\nqvzq4iq.default\extensions\[email protected] [2015-12-18]
FF Extension: ADB Helper - C:\Users\legendary_sage\AppData\Roaming\Mozilla\Firefox\Profiles\rw5qifaq.dev-edition-default\Extensions\[email protected] [2015-12-20]
FF Extension: Valence - C:\Users\legendary_sage\AppData\Roaming\Mozilla\Firefox\Profiles\rw5qifaq.dev-edition-default\Extensions\[email protected] [2015-12-20]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Bitdefender\Bitdefender 2016\bdwteff
FF Extension: Bitdefender Wallet - C:\Bitdefender\Bitdefender 2016\bdwteff [2015-10-20] [not signed]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Bitdefender\Bitdefender 2016\bdtbext [2015-10-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2015-10-20] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Bitdefender\Bitdefender 2016\bdtbext
FF HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\legendary_sage\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\legendary_sage\AppData\Roaming\IDM\idmmzcc5 [2015-12-21] [not signed]
FF HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
StartMenuInternet: FIREFOX.EXE - E:\Le Me\Program Files\FireFox Developer Edition\firefox.exe
 
Chrome: 
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-30]
CHR Extension: (Google Docs) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-30]
CHR Extension: (Google Drive) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
CHR Extension: (YouTube) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-30]
CHR Extension: (Google Search) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Google Sheets) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-30]
CHR Extension: (Google Docs Offline) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-14]
CHR Extension: (IDM Integration Module) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-11-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-30]
CHR Extension: (Gmail) - C:\Users\legendary_sage\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-30]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-11-09]
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-11-09]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
R2 AsusGameFirstService; C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [356664 2015-02-02] (ASUSTeK)
R2 DriverMFTService; C:\Program Files (x86)\Asus\ASUS Video DSP\DriverMFTService.exe [9728 2014-10-29] (ASUSTek Computer Inc.) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [102152 2014-10-01] (ELAN Microelectronics Corp.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] () [File not signed]
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121288 2014-05-09] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel® Corporation) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2015-02-05] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
S2 MBAMScheduler; E:\Le Me\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; E:\Le Me\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SbieSvc; D:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-09-21] (Sandboxie Holdings, LLC)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer; E:\Le Me\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 ThunderboltService; C:\Program Files\Intel\Thunderbolt Software\tbtsvc.exe [1179944 2014-05-13] (Intel Corporation)
R2 UCBrowserSvc; C:\Program Files (x86)\UCBrowser\Application\UCService.exe [515576 2015-12-04] ()
R2 UPDATESRV; C:\Bitdefender\Bitdefender 2016\updatesrv.exe [124488 2015-09-29] (Bitdefender)
R2 USBSafelyRemoveService; E:\Le Me\Program Files\USB Safely Remove\USBSRService.exe [1107288 2012-01-31] ()
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12465344 2015-08-14] ()
R2 VSSERV; C:\Bitdefender\Bitdefender 2016\vsserv.exe [1572168 2015-10-14] (Bitdefender)
S3 VSStandardCollectorService140; E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-10-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-10-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-05-28] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [271272 2015-05-29] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-05-28] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [107208 2014-01-17] (GenesysLogic)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [192456 2014-05-09] (Intel Corporation)
R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [270248 2015-10-08] (Bitdefender)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2014-08-04] (Intel Corporation)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-04-14] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-12-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R1 NFC_Driver; C:\Windows\System32\drivers\NFC_Driver.sys [53440 2015-01-05] (Titan ARC Corp.)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [40256 2015-04-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; D:\Program Files\Sandboxie\SbieDrv.sys [191624 2015-09-21] (Sandboxie Holdings, LLC)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-10-29] (Microsoft Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
R3 USBPcap; C:\Windows\system32\DRIVERS\USBPcap.sys [41720 2015-10-07] (USBPcap)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-10-02] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146584 2015-10-02] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [125520 2015-10-02] (Oracle Corporation)
R3 vmkbd2; C:\Windows\system32\drivers\VMkbd.sys [33472 2015-08-14] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-08-04] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-10-29] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-10-29] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-10-29] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-21 12:15 - 2015-12-21 12:16 - 00037179 _____ C:\Users\legendary_sage\Desktop\FRST.txt
2015-12-21 11:54 - 2015-12-21 07:27 - 02370560 _____ (Farbar) C:\Users\legendary_sage\Desktop\FRST64.exe
2015-12-21 11:15 - 2015-12-21 11:15 - 00003614 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 29d02f23-c02a-40d5-9dfa-043597705cdf
2015-12-21 11:15 - 2015-12-21 11:15 - 00003532 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d28a861a-025a-443b-87c2-d1d8629c9d51
2015-12-21 11:15 - 2015-12-21 11:15 - 00000544 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d28a861a-025a-443b-87c2-d1d8629c9d51.job
2015-12-21 11:15 - 2015-12-21 11:15 - 00000544 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 29d02f23-c02a-40d5-9dfa-043597705cdf.job
2015-12-21 11:15 - 2015-12-21 11:15 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\SUPERAntiSpyware.com
2015-12-21 11:14 - 2015-12-21 11:15 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-12-21 11:14 - 2015-12-21 11:14 - 00001822 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2015-12-21 11:14 - 2015-12-21 11:14 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-12-21 11:14 - 2015-12-21 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-12-21 10:48 - 2015-12-21 07:23 - 00321848 _____ (Malwarebytes Corporation) C:\Users\legendary_sage\Desktop\mbam-clean-2.1.1.1001.exe
2015-12-21 10:30 - 2015-12-21 10:30 - 00249948 _____ C:\Windows\ntbtlog.txt
2015-12-21 08:02 - 2015-12-21 10:29 - 00001571 _____ C:\bdlog.txt
2015-12-21 07:53 - 2015-12-21 08:01 - 00000000 ____D C:\AdwCleaner
2015-12-21 07:32 - 2015-12-21 12:15 - 00000000 ____D C:\FRST
2015-12-21 07:31 - 2015-12-21 07:31 - 00000000 ____D C:\Program Files (x86)\ESET
2015-12-21 06:45 - 2015-12-21 06:45 - 00395467 _____ C:\ProgramData\1450676376.bdinstall.bin
2015-12-21 06:45 - 2015-12-21 06:45 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2015-12-21 06:45 - 2015-12-21 06:45 - 00000385 _____ C:\Users\legendary_sage\AppData\Roaminguser_gensett.xml
2015-12-21 06:45 - 2015-12-21 06:45 - 00000000 ____D C:\Users\legendary_sage\Desktop\Chameleon
2015-12-21 06:44 - 2015-12-21 06:44 - 00001824 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk
2015-12-21 06:44 - 2015-12-21 06:44 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-12-21 06:44 - 2015-12-21 06:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2015-12-21 06:44 - 2015-12-21 06:44 - 00000000 ____D C:\ProgramData\BDLogging
2015-12-21 06:44 - 2015-10-08 12:31 - 00270248 _____ (Bitdefender) C:\Windows\system32\Drivers\ignis.sys
2015-12-21 06:44 - 2015-05-29 09:50 - 00271272 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-12-21 06:44 - 2015-05-28 14:21 - 00747120 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-12-21 06:44 - 2015-05-28 13:37 - 01369288 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-12-21 06:44 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2015-12-21 06:44 - 2013-07-30 18:41 - 00079192 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2015-12-21 06:44 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2015-12-21 06:43 - 2015-12-21 06:50 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Bitdefender
2015-12-21 06:40 - 2015-12-21 06:45 - 00000000 ____D C:\ProgramData\Bitdefender
2015-12-21 06:40 - 2015-12-21 06:40 - 00000000 ____D C:\Bitdefender
2015-12-21 06:40 - 2015-06-02 15:21 - 00477272 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-12-21 06:40 - 2015-04-29 14:32 - 00160032 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-12-21 06:39 - 2015-12-21 06:40 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-12-21 06:39 - 2015-12-21 06:39 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\QuickScan
2015-12-21 06:33 - 2015-12-21 06:34 - 00003180 _____ C:\Users\legendary_sage\Desktop\Rkill.txt
2015-12-21 06:33 - 2015-12-21 06:33 - 00000000 ____D C:\Users\legendary_sage\Desktop\rkill
2015-12-21 05:59 - 2015-12-21 05:59 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\ElevatedDiagnostics
2015-12-21 05:56 - 2015-12-21 05:56 - 00003136 _____ C:\Windows\System32\Tasks\{93EEE56C-9B85-44A3-9C9B-E2930106AA55}
2015-12-18 17:55 - 2015-12-18 17:55 - 00000000 ____D C:\Users\legendary_sage\Documents\makehuman
2015-12-18 05:10 - 2015-12-18 05:10 - 00000218 _____ C:\Users\legendary_sage\AppData\Local\recently-used.xbel
2015-12-17 22:01 - 2015-12-17 22:01 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Wings3D
2015-12-17 19:27 - 2015-12-17 19:27 - 00000825 _____ C:\Users\Public\Desktop\Wings 3D (x64) 1.5.4.lnk
2015-12-17 19:27 - 2015-12-17 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wings 3D 1.5.4
2015-12-17 11:12 - 2015-12-17 11:13 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\npm
2015-12-17 11:12 - 2015-12-17 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2015-12-17 00:23 - 2015-12-17 02:13 - 00000000 ____D C:\Users\legendary_sage\.vagrant.d
2015-12-16 21:10 - 2015-12-16 21:10 - 00000934 _____ C:\Users\Public\Desktop\Git Bash.lnk
2015-12-16 21:10 - 2015-12-16 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2015-12-16 21:10 - 2015-12-16 21:10 - 00000000 ____D C:\ProgramData\Git
2015-12-16 21:08 - 2015-12-16 21:08 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\Deployment
2015-12-16 21:08 - 2015-12-16 21:08 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\Apps\2.0
2015-12-16 13:08 - 2015-11-23 01:13 - 00000000 ____D C:\Users\legendary_sage\Desktop\template
2015-12-16 13:05 - 2015-12-16 13:07 - 00000000 ____D C:\Users\Public\Thunder Network
2015-12-16 13:05 - 2015-12-16 13:05 - 00000000 ____D C:\ProgramData\Thunder Network
2015-12-12 14:20 - 2015-12-12 14:20 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2015 Tools for Unity
2015-12-12 14:20 - 2015-12-12 14:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2015-12-12 06:08 - 2015-12-12 06:10 - 00000000 ____D C:\Users\legendary_sage\Desktop\simple-messenger
2015-12-11 21:55 - 2014-10-21 08:41 - 125897035 _____ C:\Users\legendary_sage\Desktop\CRC.Learning.Csharp.Programming.with.Unity.3D.1466586524.pdf
2015-12-09 16:13 - 2015-12-09 16:13 - 00002009 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk
2015-12-09 16:13 - 2015-12-09 16:13 - 00000000 ____D C:\ProgramData\Visan
2015-12-09 16:13 - 2015-12-09 16:13 - 00000000 ____D C:\ProgramData\HP Photo Creations
2015-12-09 16:13 - 2015-12-09 16:13 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2015-12-09 16:13 - 2015-12-09 16:13 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-12-09 16:12 - 2015-12-16 16:55 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\HpUpdate
2015-12-09 16:12 - 2015-12-09 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-12-09 16:12 - 2015-12-09 16:12 - 00002234 _____ C:\Users\Public\Desktop\HP Deskjet 1510 series.lnk
2015-12-09 16:12 - 2015-12-09 16:12 - 00001181 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 1510 series.lnk
2015-12-09 16:10 - 2015-12-09 16:13 - 00000000 ____D C:\Program Files (x86)\HP
2015-12-09 16:10 - 2015-12-09 16:10 - 00000000 ____D C:\Program Files\HP
2015-12-09 16:09 - 2015-12-09 16:09 - 00000057 _____ C:\ProgramData\Ament.ini
2015-12-09 16:06 - 2015-12-09 16:15 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\HP
2015-12-09 15:01 - 2015-12-09 16:11 - 00000000 ____D C:\ProgramData\HP
2015-12-07 23:47 - 2015-12-07 23:47 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2015-12-07 16:04 - 2015-12-07 16:04 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\MonoDevelop-Unity-4.0
2015-12-07 16:04 - 2015-12-07 16:04 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\MonoDevelop-Unity-4.0
2015-12-07 15:43 - 2015-12-07 20:52 - 00000000 ____D C:\Users\legendary_sage\Documents\New Unity Project
2015-12-06 23:40 - 2015-12-06 23:40 - 00000000 ____D C:\Users\legendary_sage\AppData\LocalLow\Temp
2015-12-06 23:39 - 2015-12-06 23:39 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\NuGet
2015-12-06 23:37 - 2015-12-06 23:37 - 00000000 ____D C:\ProgramData\Microsoft Visual Studio
2015-12-06 23:15 - 2015-12-06 23:15 - 00001429 _____ C:\Users\legendary_sage\Desktop\Blender.lnk
2015-12-06 23:12 - 2015-12-06 23:12 - 00000000 ____D C:\Users\legendary_sage\.thumbnails
2015-12-06 23:11 - 2015-12-06 23:11 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2015-12-06 10:32 - 2015-12-06 10:32 - 00000725 _____ C:\Users\Public\Desktop\JetBrains PhpStorm 10.0.lnk
2015-12-06 06:35 - 2015-12-06 06:35 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\TeamViewer
2015-12-06 06:03 - 2015-12-06 06:03 - 00000821 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-12-06 06:03 - 2015-12-06 06:03 - 00000821 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-12-06 06:02 - 2015-08-18 12:52 - 00035112 _____ (TeamViewer GmbH) C:\Windows\system32\Drivers\teamviewervpn.sys
2015-12-05 15:42 - 2015-12-06 10:49 - 00000000 ____D C:\Users\legendary_sage\.WebIde100
2015-12-04 23:03 - 2015-12-04 23:05 - 00000000 ____D C:\Users\legendary_sage\Desktop\php-chunked-xhtml
2015-12-03 10:03 - 2015-12-03 20:01 - 00000000 ____D C:\Users\legendary_sage\Desktop\New folder (2)
2015-11-30 14:47 - 2015-11-30 14:47 - 00000963 _____ C:\Users\Public\Desktop\Firefox Developer Edition.lnk
2015-11-30 14:47 - 2015-11-30 14:47 - 00000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk
2015-11-30 13:55 - 2015-12-21 11:18 - 00000490 _____ C:\Windows\Tasks\UCBrowserUpdater.job
2015-11-30 13:55 - 2015-11-30 13:55 - 00003458 _____ C:\Windows\System32\Tasks\UCBrowserUpdater
2015-11-30 13:54 - 2015-12-08 04:47 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2015-11-30 13:54 - 2015-11-30 13:54 - 00001692 _____ C:\Users\Public\Desktop\UC Browser.lnk
2015-11-30 13:54 - 2015-11-30 13:54 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\UCBrowser
2015-11-30 13:54 - 2015-11-30 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC Browser
2015-11-29 02:23 - 2015-11-29 02:23 - 00001008 _____ C:\Users\Public\Desktop\Unity 5.1.3f1 (64-bit).lnk
2015-11-29 02:23 - 2015-11-29 02:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.1.3f1 (64-bit)
2015-11-29 01:25 - 2015-11-29 01:25 - 00000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2015-11-29 01:24 - 2015-11-29 01:24 - 00000817 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2015-11-29 01:24 - 2015-11-29 01:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-11-29 01:24 - 2015-11-29 01:24 - 00000000 ____D C:\Program Files (x86)\WinPcap
2015-11-29 01:01 - 2015-11-29 01:01 - 00000000 ____D C:\Users\legendary_sage\Desktop\Autoruns
2015-11-29 00:57 - 2015-11-29 00:57 - 00000000 ____D C:\Users\legendary_sage\Desktop\ProcessExplorer
2015-11-29 00:42 - 2015-12-21 10:36 - 00000000 ____D C:\Program Files (x86)\SMADAV
2015-11-29 00:42 - 2015-12-21 07:51 - 00000000 __SHD C:\[Smad-Cage]
2015-11-29 00:42 - 2015-11-29 00:42 - 00003258 _____ C:\Windows\System32\Tasks\smadav
2015-11-29 00:42 - 2015-11-29 00:42 - 00001090 _____ C:\Users\Public\Desktop\SMADΔV.lnk
2015-11-29 00:42 - 2015-11-29 00:42 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Smadav
2015-11-29 00:42 - 2015-11-29 00:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus
2015-11-28 23:51 - 2015-12-21 10:30 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-28 19:14 - 2015-11-29 00:15 - 00000886 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-28 19:14 - 2015-11-29 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-28 19:14 - 2015-11-28 19:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-28 19:14 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-28 19:14 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-28 19:14 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-11-25 20:27 - 2015-11-25 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telerik
2015-11-25 10:17 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-11-25 10:17 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-11-25 10:17 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-11-25 10:17 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-11-25 08:34 - 2015-04-25 03:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-11-25 08:34 - 2015-04-25 03:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-11-25 08:23 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-25 08:23 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-25 08:23 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-25 08:23 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-25 08:23 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-25 08:23 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-25 08:23 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-25 08:23 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-25 08:23 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-25 08:13 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-25 08:13 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-25 08:12 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-25 08:12 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-25 08:05 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-11-25 08:05 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-11-25 08:00 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-11-25 08:00 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-11-25 08:00 - 2014-10-29 04:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-11-25 08:00 - 2014-10-29 03:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-11-25 07:36 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-11-25 06:58 - 2015-02-24 09:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-11-25 06:57 - 2015-06-16 06:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-11-25 06:57 - 2015-06-16 06:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-11-25 06:40 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-11-25 05:40 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-11-25 05:38 - 2015-04-08 23:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-11-24 20:00 - 2015-07-09 18:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-11-24 20:00 - 2015-07-09 18:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-11-24 20:00 - 2015-07-09 17:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-11-24 19:55 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-11-24 19:48 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-11-24 19:48 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-11-24 19:41 - 2015-08-01 04:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-11-24 19:41 - 2015-08-01 04:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-11-24 19:41 - 2015-08-01 04:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-11-24 19:41 - 2015-08-01 04:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-11-24 19:41 - 2015-08-01 04:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-11-24 19:36 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-11-24 19:36 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-11-24 19:31 - 2015-08-03 22:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-11-24 19:31 - 2015-08-03 22:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-11-24 19:31 - 2015-08-01 15:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-11-24 19:31 - 2014-10-29 03:46 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-11-24 19:31 - 2014-10-29 03:41 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-11-24 19:31 - 2014-10-29 03:28 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-11-24 19:16 - 2015-03-13 03:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-11-24 19:16 - 2015-03-13 03:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-11-24 19:11 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-11-24 19:11 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-11-24 19:11 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-11-24 19:11 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-11-24 19:09 - 2015-06-11 04:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-24 19:09 - 2015-06-10 17:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-24 10:31 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-11-24 10:31 - 2014-10-29 02:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-11-24 10:21 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-11-24 10:21 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-11-24 10:17 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-11-24 10:15 - 2015-07-01 23:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-11-24 10:15 - 2015-07-01 23:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-11-24 10:15 - 2015-07-01 22:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-11-24 10:15 - 2015-07-01 22:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-11-24 10:15 - 2014-09-04 01:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-11-24 10:15 - 2014-09-04 01:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-11-24 10:01 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-11-24 09:01 - 2015-03-04 11:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-11-24 09:01 - 2015-03-04 04:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-11-24 09:01 - 2015-03-04 03:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-11-23 08:19 - 2015-11-23 08:19 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Proxifier
2015-11-23 08:17 - 2015-11-23 08:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxifier
2015-11-23 08:17 - 2012-11-22 18:57 - 00103016 _____ (Initex) C:\Windows\system32\ProxifierShellExt.dll
2015-11-23 08:17 - 2012-11-22 18:57 - 00091240 _____ (Initex) C:\Windows\SysWOW64\ProxifierShellExt.dll
2015-11-23 08:17 - 2012-11-22 18:57 - 00076392 _____ (Initex) C:\Windows\system32\PrxerDrv.dll
2015-11-23 08:17 - 2012-11-22 18:57 - 00070248 _____ (Initex) C:\Windows\SysWOW64\PrxerDrv.dll
2015-11-23 08:17 - 2012-11-22 18:57 - 00057448 _____ C:\Windows\system32\PrxerNsp.dll
2015-11-23 08:17 - 2012-11-22 18:57 - 00056424 _____ C:\Windows\SysWOW64\PrxerNsp.dll
2015-11-23 08:17 - 1997-06-06 15:52 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-21 12:07 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-12-21 12:00 - 2015-10-04 16:53 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-12-21 12:00 - 2015-10-04 16:53 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-12-21 11:30 - 2015-10-30 20:13 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-21 10:42 - 2014-03-18 16:26 - 00867740 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-21 10:42 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2015-12-21 10:36 - 2015-11-17 18:33 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\USBSafelyRemove
2015-12-21 10:36 - 2015-10-30 20:13 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-21 10:36 - 2015-10-04 14:34 - 00000093 _____ C:\Users\legendary_sage\AppData\Roaming\sp_data.sys
2015-12-21 10:35 - 2015-10-08 09:14 - 00000000 ____D C:\ProgramData\VMware
2015-12-21 10:35 - 2015-06-04 20:54 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-21 10:35 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-21 10:28 - 2015-10-04 18:23 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\DMCache
2015-12-21 08:30 - 2015-10-04 14:39 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3578966673-3173021478-2160172042-1001
2015-12-21 08:02 - 2015-11-16 14:07 - 00000000 ____D C:\ProgramData\MFAData
2015-12-21 08:02 - 2015-11-16 14:06 - 00000000 ____D C:\ProgramData\Avg
2015-12-21 08:02 - 2015-11-16 14:05 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\Avg
2015-12-21 08:02 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-12-21 07:31 - 2013-08-22 16:36 - 00000000 ___SD C:\Windows\Downloaded Program Files
2015-12-21 07:18 - 2015-10-08 04:04 - 00000000 ____D C:\Program Files\OpenVPN
2015-12-21 05:55 - 2015-11-16 14:05 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\AvgSetupLog
2015-12-21 05:09 - 2015-10-22 20:12 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\vlc
2015-12-21 03:09 - 2015-10-04 22:41 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\Adobe
2015-12-18 19:45 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-18 19:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-12-18 18:42 - 2015-10-14 20:07 - 00011282 _____ C:\Users\legendary_sage\Desktop\unity_yt.txt
2015-12-18 05:11 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-12-17 18:33 - 2015-11-17 17:39 - 00000000 ____D C:\ProgramData\Unity
2015-12-17 00:41 - 2015-10-30 20:14 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-17 00:23 - 2015-10-04 14:34 - 00000000 ____D C:\Users\legendary_sage
2015-12-16 21:21 - 2015-10-08 14:50 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\VMware
2015-12-16 21:21 - 2015-10-08 14:50 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\VMware
2015-12-15 13:57 - 2015-10-07 03:58 - 00003112 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3578966673-3173021478-2160172042-1001
2015-12-15 13:57 - 2015-10-07 03:58 - 00000000 ___RD C:\Users\legendary_sage\OneDrive
2015-12-12 14:20 - 2014-10-29 12:30 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-12 13:42 - 2015-11-17 16:34 - 00000000 ____D C:\Users\legendary_sage\Desktop\new
2015-12-12 06:34 - 2015-10-05 06:03 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\Genymobile
2015-12-12 05:51 - 2015-10-05 06:04 - 00000000 ____D C:\Users\legendary_sage\.VirtualBox
2015-12-11 11:34 - 2015-06-04 21:07 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-09 16:15 - 2015-10-04 14:34 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\VirtualStore
2015-12-09 15:20 - 2015-10-13 05:06 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Foxit Software
2015-12-07 15:56 - 2015-11-17 17:40 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Unity
2015-12-07 15:43 - 2015-11-17 17:27 - 00000000 ____D C:\Users\legendary_sage\AppData\LocalLow\Unity
2015-12-07 13:45 - 2015-11-16 19:22 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-12-06 23:37 - 2015-11-17 08:02 - 00000000 ____D C:\Users\legendary_sage\Documents\Visual Studio 2015
2015-12-06 10:39 - 2013-08-22 15:44 - 00504672 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-06 10:32 - 2015-10-20 08:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2015-12-06 06:12 - 2015-10-10 06:11 - 00001898 _____ C:\Windows\Sandboxie.ini
2015-12-03 22:25 - 2015-10-30 20:13 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-03 22:25 - 2015-10-30 20:13 - 00003658 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 19:42 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2015-11-29 11:21 - 2015-10-04 14:34 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\Packages
2015-11-29 02:38 - 2015-10-22 20:00 - 00000000 ____D C:\Users\legendary_sage\Desktop\Setup
2015-11-29 02:24 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-29 02:19 - 2015-10-05 05:37 - 00007596 _____ C:\Users\legendary_sage\AppData\Local\Resmon.ResmonCfg
2015-11-28 11:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-11-26 22:05 - 2015-10-04 18:23 - 00000000 ____D C:\Users\legendary_sage\Downloads\Video
2015-11-26 22:04 - 2015-10-04 18:23 - 00000000 ____D C:\Users\legendary_sage\Downloads\Compressed
2015-11-24 11:06 - 2015-10-08 19:54 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Skype
2015-11-23 07:52 - 2015-11-13 22:01 - 00000000 ____D C:\Users\legendary_sage\AppData\Roaming\Apple Computer
2015-11-23 07:52 - 2015-11-13 22:01 - 00000000 ____D C:\Users\legendary_sage\AppData\Local\Apple Computer
 
==================== Files in the root of some directories =======
 
2015-10-04 14:34 - 2015-12-21 10:36 - 0000093 _____ () C:\Users\legendary_sage\AppData\Roaming\sp_data.sys
2015-12-18 05:10 - 2015-12-18 05:10 - 0000218 _____ () C:\Users\legendary_sage\AppData\Local\recently-used.xbel
2015-10-05 05:37 - 2015-11-29 02:19 - 0007596 _____ () C:\Users\legendary_sage\AppData\Local\Resmon.ResmonCfg
2015-12-21 06:45 - 2015-12-21 06:45 - 0395467 _____ () C:\ProgramData\1450676376.bdinstall.bin
2015-12-09 16:09 - 2015-12-09 16:09 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-06-04 20:59 - 2015-06-04 20:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-29 07:25 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-29 07:25 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-29 07:25 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
 
Some files in TEMP:
====================
C:\Users\legendary_sage\AppData\Local\Temp\avguirn_08705168534.exe
C:\Users\legendary_sage\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\legendary_sage\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\legendary_sage\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\legendary_sage\AppData\Local\Temp\pyl5839.tmp.exe
C:\Users\legendary_sage\AppData\Local\Temp\pyl741C.tmp.exe
C:\Users\legendary_sage\AppData\Local\Temp\pylEF1C.tmp.exe
C:\Users\legendary_sage\AppData\Local\Temp\SetupO365HomePremRetail.x86.en-US_O365HomePremRetail_XN8MV-3VD7X-F2M8X-MWR2J-82K88_act_1_.exe
C:\Users\legendary_sage\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\legendary_sage\AppData\Local\Temp\sqlite3.dll
C:\Users\legendary_sage\AppData\Local\Temp\xmlUpdater.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-17 01:45
 
==================== End of FRST.txt ============================

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-12-2015

Ran by legendary_sage (2015-12-21 12:17:10)
Running from C:\Users\legendary_sage\Desktop
Windows 8.1 (X64) (2015-10-04 13:34:04)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3578966673-3173021478-2160172042-500 - Administrator - Disabled)
Guest (S-1-5-21-3578966673-3173021478-2160172042-501 - Limited - Enabled)
legendary_sage (S-1-5-21-3578966673-3173021478-2160172042-1001 - Administrator - Enabled) => C:\Users\legendary_sage
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus (Enabled - Out of date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Out of date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Disabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.193 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.0 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.201 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apache Tomcat 8.0.15 (HKLM\...\nbi-tomcat-8.0.15.0.0) (Version:  - )
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
ASUS Gaming Center (HKLM-x32\...\{23C8A788-4790-4F3C-B103-0ACC7D9DC5BE}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.026 - ASUS)
ASUS ROG MacroKey (HKLM-x32\...\{348022C5-F497-4333-AFEE-208F22F169F2}_is1) (Version: 1.0.0.28 - G-spy Co., Ltd)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.1.0 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.02.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.29 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0038 - ASUS)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.20.1143 - Bitdefender)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\{D593042C-8739-488D-93B8-E6B202013E57}) (Version: 2.76.1 - Blender Foundation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brackets (HKLM-x32\...\{D20AE926-9B7C-45F2-9201-B161CD30350D}) (Version: 1.4 - brackets.io)
Build Tools - amd64 (Version: 12.0.31010 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31010 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden
CodedUITest81 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
ELAN Touchpad 11.5.16.2_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.16.2 - ELAN Microelectronic Corp.)
Entity Framework 6.1.3 Tools  for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Firefox Developer Edition 44.0a2 (x64 en-US) (HKLM\...\Firefox Developer Edition 44.0a2 (x64 en-US)) (Version: 44.0a2 - Mozilla)
Foxit PhantomPDF (HKLM-x32\...\{045A0488-55C1-45B1-9992-4B4134904D61}) (Version: 7.0.59.127 - Foxit Software Inc.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.1.1 - Genesys Logic)
Genymotion version 2.5.4 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.5.4 - Genymobile)
Git version 2.6.4 (HKLM\...\Git_is1) (Version: 2.6.4 - The Git Development Community)
GlassFish Server Open Source Edition 4.1 (HKLM\...\nbi-glassfish-mod-4.1.0.13.0) (Version:  - )
GLO NETPRO (HKLM-x32\...\GLO NETPRO) (Version: 15.001.05.18.251 - Huawei Technologies Co.,Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP Deskjet 1510 series Basic Device Software (HKLM\...\{C9064E5C-D5AB-4EEB-86A6-50756901038A}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP Deskjet 1510 series Help (HKLM-x32\...\{2E25FCEB-EFCB-4696-AA01-D3CBAC721831}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1016 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1419.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
IntelliJ IDEA 14.1.5 (HKLM-x32\...\IntelliJ IDEA 14.1.5) (Version: 141.2735.5 - JetBrains s.r.o.)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JetBrains PhpStorm 10.0 (HKLM-x32\...\PhpStorm 10.0) (Version: 143.381.48 - JetBrains s.r.o.)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) Hidden
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Maxx Audio Installer (x64) (Version: 1.6.5073.106 - Waves Audio Ltd.) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2015 SDK - ENU (HKLM-x32\...\{028a4515-c200-4460-bccf-a9b338b0c0f4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{F0DB2786-18C8-4B0D-9DC2-BA58856A2821}) (Version: 2.1.0.0 - Microsoft Corporation)
Microsoft Visual Studio Enterprise 2015 (HKLM-x32\...\{a60a492e-b5eb-4218-a9e6-f38d18a7dbaf}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Mozilla Firefox 41.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 en-GB)) (Version: 41.0.1 - Mozilla)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
Node.js (HKLM\...\{3E2C7C09-7848-4393-815B-728D96B1E6FF}) (Version: 4.2.3 - Node.js Foundation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA 3D Vision Driver 348.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 348.01 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 348.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 348.01 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 348.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 348.01 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Oracle VM VirtualBox 5.0.6 (HKLM\...\{D09FC154-2747-4BC8-838E-B2EC414C4F6A}) (Version: 5.0.6 - Oracle Corporation)
Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.23 - ASUS)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Project and Item Templates for Visual Studio Community 2015 - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Proxifier version 3.21 (HKLM-x32\...\Proxifier_is1) (Version: 3.21 - Initex)
Python 3.5.0 (32-bit) (HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\{1197d2bb-6cf8-488a-b994-d5bf6d7efe7b}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.0 Add to Path (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Core Interpreter (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Development Libraries (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Documentation (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Executables (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Launcher (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 pip Bootstrap (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Standard Library (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Tcl/Tk Support (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Test Suite (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Utility Scripts (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7432 - Realtek Semiconductor Corp.)
ROG Game First III (HKLM-x32\...\{0C6E32E1-31D9-49F1-B67F-2941994002D5}) (Version: 1.00.27 - ASUSTeK Computer Inc.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Sandboxie 5.04 (64-bit) (HKLM\...\Sandboxie) (Version: 5.04 - Sandboxie Holdings, LLC)
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1210 - SUPERAntiSpyware.com)
Syncios version 4.3.5 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.3.5 - Anvsoft, Inc.)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Telerik UI for JSP Q3 2015 SP1 (HKLM-x32\...\{956C6188-0A43-47B2-B564-3547CC7F93A7}) (Version: 15.3.1111.0 - Telerik AD)
Telerik UI for PHP Q3 2015 SP1 (HKLM-x32\...\{4B8DA200-75DD-4CEA-81C3-BCA4210D74E9}) (Version: 15.3.1111.0 - Telerik AD)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Thunderbolt™ Software (HKLM\...\{BED2816F-D47A-41DA-AFCF-44E1B257C368}) (Version: 2.0.4.250 - Intel® Corporation)
UC Browser (HKLM-x32\...\UCBrowser) (Version: 5.5.8071.1004 - UCWeb Inc.)
Unity (HKLM-x32\...\Unity) (Version: 5.1.3f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft)
USB Safely Remove 5.0 (HKLM-x32\...\USB Safely Remove_is1) (Version:  - SafelyRemove.com)
USBPcap 1.1.0.0-g794bf26 (HKLM\...\USBPcap) (Version:  - )
Vagrant (HKLM-x32\...\{40886BCB-FC93-4ED9-AE73-22568B8972D7}) (Version: 1.7.4 - HashiCorp)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Workstation (HKLM\...\{132E3257-14F1-411A-BC6C-0CA32D3A9BC6}) (Version: 12.0.0 - VMware, Inc.)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
Wings 3D 1.5.4 (HKLM-x32\...\Wings 3D 1.5.4) (Version:  - )
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.30 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.4 - win.rar GmbH)
Wireshark 2.0.0 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.0.0 - The Wireshark developer community, hxxps://www.wireshark.org)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.12-0 - Bitnami)
XSplit Gamecaster (HKLM-x32\...\{4EDB1851-7427-4324-AAAA-9E3852C73DAE}) (Version: 2.2.1502.1741 - SplitmediaLabs)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
16-12-2015 14:23:00 Installed Vagrant
21-12-2015 05:52:36 Removed AVG
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 14:25 - 2015-12-21 11:35 - 00000838 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0D38DEEC-F9CF-4216-A6D5-BDEF81B3F0BE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {13D0E045-ADB8-415A-A7E7-59990E4C7B93} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-02-26] ()
Task: {1A49C99F-D813-4490-BF6F-4D07352E3475} - System32\Tasks\SUPERAntiSpyware Scheduled Task 29d02f23-c02a-40d5-9dfa-043597705cdf => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {1E371D73-79F3-4D4B-9B82-B758EF690FC1} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {21D675C5-6033-4496-810C-630DD6AF9B61} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => start ThunderboltService
Task: {2F81EB96-6811-427A-9927-CCD9177EDEC6} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-01-23] (Realtek Semiconductor)
Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {497D3B2D-C225-4BFC-A090-BA9F4EBCD335} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [2015-12-04] (UCWeb Inc)
Task: {4C2C97AD-AFE1-4A95-B8BD-C251BE284DC4} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-01-23] (Realtek Semiconductor)
Task: {5E84E807-8F1D-41AE-BF4D-DCEB642FD0B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-30] (Google Inc.)
Task: {620BB673-4EE8-4516-891A-223371EBD2A6} - System32\Tasks\{93EEE56C-9B85-44A3-9C9B-E2930106AA55} => pcalua.exe -a "E:\Le Me\Program Files\Malwarebytes Anti-Malware\unins000.exe"
Task: {6296FE7E-65A0-45C9-B0FC-86D851145CB4} - System32\Tasks\SUPERAntiSpyware Scheduled Task d28a861a-025a-443b-87c2-d1d8629c9d51 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {6806CD68-B5D7-45F8-A969-838F8593E2E0} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-06-03] (ASUS)
Task: {682BDF46-F1DE-4843-8414-AF89CBFCF61A} - System32\Tasks\Gaming Center => C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe [2015-02-13] (ASUSTek Computer Inc.)
Task: {73E1641F-0321-402F-A621-FA6A33153493} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {75CC3D17-82C3-4CA2-830E-2DF94942D2B1} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {7AEE0DB3-E6F9-4F9E-BE20-077FA43352AC} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe
Task: {7DB8B65B-834C-494D-8F3C-CC1107F6287A} - System32\Tasks\smadav => C:\Program Files (x86)\Smadav\SMΔRTP.exe [2015-11-24] (Smadsoft)
Task: {8B3F409A-64C7-491B-AF2F-43800BDDB76B} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {971BC007-282D-40C1-B43B-FF2D44EC1138} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {B339181D-F986-4F27-85FE-3627BC70D0CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-30] (Google Inc.)
Task: {B6D04D4B-59B3-465A-8A07-2CE41BCACAAE} - System32\Tasks\AdobeAAMUpdater-1.0-sage-pc-legendary_sage => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated)
Task: {BA0353D8-1920-41B0-B784-E3744800712A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {BC1BADA7-29C2-4A0B-B976-3F0144834E16} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3578966673-3173021478-2160172042-1001 => C:\Users\legendary_sage\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-15] (Microsoft Corporation)
Task: {C12C2661-83A7-466F-8F5A-A432B90675C2} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe [2015-03-25] (SplitmediaLabs)
Task: {C1734735-0402-4439-ABD6-7491C2F69C38} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {EC1B12B2-DE48-47C9-88F7-6158DD2DD15E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe
Task: {FECEF67A-1344-40D9-AE1D-68D7EDABDF54} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 29d02f23-c02a-40d5-9dfa-043597705cdf.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d28a861a-025a-443b-87c2-d1d8629c9d51.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-12-21 06:44 - 2013-09-03 14:29 - 00101328 _____ () C:\Bitdefender\Bitdefender 2016\bdmetrics.dll
2015-11-23 08:17 - 2012-11-22 18:57 - 00057448 _____ () C:\Windows\system32\PrxerNsp.dll
2015-12-21 06:44 - 2015-09-04 17:39 - 00875352 _____ () C:\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpbr.mdl
2015-12-21 06:44 - 2015-09-04 17:39 - 00741952 _____ () C:\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpdsp.mdl
2015-12-21 06:44 - 2015-09-04 17:39 - 02800952 _____ () C:\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpph.mdl
2015-12-21 06:44 - 2015-09-04 17:39 - 01413024 _____ () C:\Bitdefender\Bitdefender 2016\otengines_001_001\ashttprbl.mdl
2015-11-17 18:32 - 2012-01-31 01:16 - 01107288 _____ () E:\Le Me\Program Files\USB Safely Remove\USBSRService.exe
2015-06-04 20:54 - 2015-04-12 20:19 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-11-16 14:38 - 2010-11-16 14:38 - 00339456 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2015-11-30 13:54 - 2015-12-04 11:21 - 00515576 _____ () C:\Program Files (x86)\UCBrowser\Application\UCService.exe
2015-07-31 09:58 - 2015-07-31 09:58 - 08901800 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2015-06-04 21:01 - 2014-02-26 04:13 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe
2015-06-04 21:04 - 2013-05-15 14:39 - 00463872 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
2015-10-04 16:19 - 2013-07-19 09:41 - 04062708 _____ () C:\Users\legendary_sage\Desktop\simple server\SimpleServer.exe
2015-08-14 14:02 - 2015-08-14 14:02 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2014-06-03 20:01 - 2014-06-03 20:01 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-06-03 20:01 - 2014-06-03 20:01 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-06-03 20:01 - 2014-06-03 20:01 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-06-03 20:01 - 2014-06-03 20:01 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2015-06-04 20:55 - 2015-03-28 04:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-04 20:59 - 2013-10-23 13:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-12-08 04:46 - 2015-12-04 11:21 - 01404920 _____ () C:\Program Files (x86)\UCBrowser\Application\5.5.8071.1004\libglesv2.dll
2015-12-08 04:46 - 2015-12-04 11:21 - 00080376 _____ () C:\Program Files (x86)\UCBrowser\Application\5.5.8071.1004\libegl.dll
2015-06-08 20:06 - 2015-06-08 20:06 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2015-05-15 15:24 - 2015-05-15 15:24 - 02873856 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
2015-07-31 10:00 - 2015-07-31 10:00 - 08901800 _____ () C:\Program Files (x86)\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Apress.Beginning.Java.8.APIs.Extensions.and.Libraries.1430266619.pdf:AFP_AfpInfo
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Apress.Beginning.Java.8.APIs.Extensions.and.Libraries.1430266619.pdf:Mac_Metadata
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Apress.Beginning.Java.8.Language.Features.1430266589.pdf:AFP_AfpInfo
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Apress.Beginning.Java.8.Language.Features.1430266589.pdf:Mac_Metadata
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Deitel P.J., Deitel H.M. - Java How to Program, 9th Edition - 2012.pdf:AFP_AfpInfo
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Deitel P.J., Deitel H.M. - Java How to Program, 9th Edition - 2012.pdf:Mac_Metadata
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Fundamental Networking In Java.pdf:AFP_AfpInfo
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Fundamental Networking In Java.pdf:com.apple.quarantine
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Fundamental Networking In Java.pdf:Mac_Metadata
AlternateDataStreams: C:\Users\legendary_sage\Desktop\MGH.Java.WebSocket.Programming.0071827196.pdf:AFP_AfpInfo
AlternateDataStreams: C:\Users\legendary_sage\Desktop\MGH.Java.WebSocket.Programming.0071827196.pdf:Mac_Metadata
AlternateDataStreams: C:\Users\legendary_sage\Desktop\OReilly.Java.Cookbook.3rd.Edition.144933704X.pdf:AFP_AfpInfo
AlternateDataStreams: C:\Users\legendary_sage\Desktop\OReilly.Java.Cookbook.3rd.Edition.144933704X.pdf:Mac_Metadata
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Oreilly.Java.Network.Programming.4.edition.1449357679.pdf:AFP_AfpInfo
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Oreilly.Java.Network.Programming.4.edition.1449357679.pdf:com.apple.quarantine
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Oreilly.Java.Network.Programming.4.edition.1449357679.pdf:Mac_Metadata
AlternateDataStreams: C:\Users\legendary_sage\Desktop\OReilly.Learning.PHP.MySQL.JavaScript.4th.Edition.1491918667.pdf:com.apple.quarantine
AlternateDataStreams: C:\Users\legendary_sage\Desktop\OReilly.Learning.PHP.MySQL.JavaScript.4th.Edition.1491918667.pdf:Mac_Metadata
AlternateDataStreams: C:\Users\legendary_sage\Desktop\OReilly.Programming.PHP.3rd.Edition.1449392776.pdf:com.apple.quarantine
AlternateDataStreams: C:\Users\legendary_sage\Desktop\OReilly.Programming.PHP.3rd.Edition.1449392776.pdf:Mac_Metadata
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Packt.Getting.started.with.IntelliJ.IDEA.1849699615.pdf:AFP_AfpInfo
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Packt.Getting.started.with.IntelliJ.IDEA.1849699615.pdf:Mac_Metadata
AlternateDataStreams: C:\Users\legendary_sage\Desktop\PacktPub.VMware.Workstation.No.Experience.Necessary.1849689180.pdf:AFP_AfpInfo
AlternateDataStreams: C:\Users\legendary_sage\Desktop\PacktPub.VMware.Workstation.No.Experience.Necessary.1849689180.pdf:Mac_Metadata
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Prentice Hall Java How To Program Early Objects 10th Edition.pdf:com.apple.quarantine
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Springer.Advanced.Network.Programming.Principles.and.Techniques.1447152913.pdf:AFP_AfpInfo
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Springer.Advanced.Network.Programming.Principles.and.Techniques.1447152913.pdf:com.apple.quarantine
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Springer.Advanced.Network.Programming.Principles.and.Techniques.1447152913.pdf:Mac_Metadata
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Springer.An.Introduction.to.Network.Programming.with.Java.Java.7.Compatible.1447152530.pdf:AFP_AfpInfo
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Springer.An.Introduction.to.Network.Programming.with.Java.Java.7.Compatible.1447152530.pdf:com.apple.quarantine
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Springer.An.Introduction.to.Network.Programming.with.Java.Java.7.Compatible.1447152530.pdf:Mac_Metadata
AlternateDataStreams: C:\Users\legendary_sage\Desktop\TCP,IP Sockets In Java.pdf:AFP_AfpInfo
AlternateDataStreams: C:\Users\legendary_sage\Desktop\TCP,IP Sockets In Java.pdf:com.apple.quarantine
AlternateDataStreams: C:\Users\legendary_sage\Desktop\TCP,IP Sockets In Java.pdf:Mac_Metadata
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Wrox.Professional.Java.for.Web.Applications.1118656466.pdf:AFP_AfpInfo
AlternateDataStreams: C:\Users\legendary_sage\Desktop\Wrox.Professional.Java.for.Web.Applications.1118656466.pdf:Mac_Metadata
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\legendary_sage\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.137.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "atom"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run32: => "SYNCIOS DEVICE SERVICE"
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\StartupApproved\Run: => "HW_OPENEYE_OUC_GLO NETPRO"
HKU\S-1-5-21-3578966673-3173021478-2160172042-1001\...\StartupApproved\Run: => "SandboxieControl"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D48F6F7F-BD46-41F0-BD6B-37F58504FF32}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5A578180-F033-4EDB-9976-F59AF87F89EB}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{FCBFBC40-56B3-41D5-8C7C-6346B6ECA78F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C5D4040B-A839-4240-8A0D-F9B90CB58775}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E671A1A5-A4B9-47A3-B88D-DABAF2534F52}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3E9CD824-F324-43D7-9164-6D10D701F12E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C1B0E80B-424A-4C82-A158-36C2B7A8C788}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4AC5389B-E167-4015-8CD5-32EB473A8D14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B93A05E4-E997-4377-8FBC-C2D6468330DB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D9B02DF9-D4CB-4E7C-8EBE-83607B54778E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{298887B8-AA95-4F40-B943-FA994ECC64A2}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{15E50453-37CB-44E1-9751-8A9B5A487440}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{7FCCA7CC-C2AA-4D03-8688-D3BC42D5FD88}] => (Allow) C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{78865446-7250-4BFF-9FD4-147FC4FC36E7}] => (Allow) C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{EBCB237F-113A-4073-A767-8B24ED77502E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E532751D-A85C-48E0-A68D-39ED1019D115}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FCC7DD50-0059-4829-BC1F-EE05C3536F91}] => (Allow) C:\Users\legendary_sage\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{E0352228-87C7-4493-B026-3883B599F680}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{1F76CAF2-72A9-4FE7-A4CD-2ADF7865FA57}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{148543C2-1776-4555-AD28-861874C7D5F8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{91D57927-401F-4A5A-BACB-153485CF78C3}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{92FEC02D-38A2-405A-8C56-B29D21029C75}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{005D222B-C8E4-4C1F-B8A6-5577342378A4}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{E7BDC128-9FC4-457B-BB60-9EDA436841F5}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{88060FCB-FE42-4F6F-A831-48CDA5C71E09}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{E36D259E-EBA1-4C46-B7EF-C6FE13EF04A6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B7309BBB-FE65-4669-B4BB-90AC3B0ED457}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B95E803B-74C0-4529-94F2-55F236CEA22B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D648FAD-256A-4C64-B828-E848AB1EE950}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{32E37DCC-964C-472A-88FA-939CE5DE0A8F}] => (Allow) E:\Le Me\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{A6CFC1EB-DE68-4494-83B9-C0E5BFE4B983}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{9E08AB15-8F5B-46AE-9E3F-86E3B061BFB1}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{96A43B07-AA90-4E90-B672-E29AA6FBBF12}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_60\bin\java.exe
FirewallRules: [UDP Query User{50E94653-7BFA-4E5C-A505-1FE4DCD0FDBA}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_60\bin\java.exe
FirewallRules: [{59397CA2-CBF3-4C97-8FB4-9B78F04F731D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{B9E2FBB4-982B-44F8-8B50-EF144D6F0E9F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{8FC22AB6-96E9-4D77-AA0E-E9AE7065FA5D}] => (Allow) E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{86B395D3-0762-42AD-A95C-BC5A5FCA3808}] => (Allow) E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{250259D3-B0BA-46DA-88DC-3285667B1C0F}] => (Allow) E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{5D409274-D6EF-4CAD-8950-167B1BDB48EA}] => (Allow) E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{0572BB50-E0F0-4007-984A-78BE94A0D305}] => (Allow) E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{C8388708-3B98-4E19-9E57-04041E7D4C58}] => (Allow) E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{72832EF3-754D-4978-8FB5-34E79F20D626}] => (Allow) E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{CA6285B8-C82C-44B2-8FA3-B8E2A6915298}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{58BCCA73-0B04-4CF0-ADFD-C0DD37A24592}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{62A6E65D-7E8C-47A8-939B-8C79998E1E4E}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe
FirewallRules: [{37522620-54B1-43C9-82AE-5C60E7E7AE83}] => (Allow) E:\Le Me\Program Files\FireFox Developer Edition\firefox.exe
FirewallRules: [{9CC74FF0-2879-4753-BE9D-3D4C3EA6A861}] => (Allow) E:\Le Me\Program Files\FireFox Developer Edition\firefox.exe
FirewallRules: [TCP Query User{76356374-0A2E-43CD-85D8-8E2B05A6B21E}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{5441D9FE-3F03-4899-9D3E-8745A289FC8B}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{EC84F7EE-C3E0-48FF-8888-15CA664C8256}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{07E0B0BF-A89E-4CEE-BA83-67195B8CA06B}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{90BCBC1C-695B-4BF6-A272-3B483EE34C34}E:\le me\program files\jetbrains\phpstorm 9.0.2\bin\phpstorm.exe] => (Block) E:\le me\program files\jetbrains\phpstorm 9.0.2\bin\phpstorm.exe
FirewallRules: [UDP Query User{0BF62B5F-3216-4433-BA25-E65BB63AE5AD}E:\le me\program files\jetbrains\phpstorm 9.0.2\bin\phpstorm.exe] => (Block) E:\le me\program files\jetbrains\phpstorm 9.0.2\bin\phpstorm.exe
FirewallRules: [{5465634D-5072-499A-A307-E04E4FD270CD}] => (Allow) E:\Le Me\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{B04A4EDD-482F-45F3-BE26-8B6A21AA7A75}] => (Allow) E:\Le Me\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{782D9E8C-F5BE-4F81-9BEF-8118B2B8E053}] => (Allow) E:\Le Me\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3EB88B7C-A6E2-4D10-B05A-142043E1D6B9}] => (Allow) E:\Le Me\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A0AA4BB5-A11A-4850-93E9-DE7FAF15FB1E}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{ADEB5E49-0AEC-4DE5-8FBB-B363CCB42C89}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{BCD68874-167A-45FB-BBEC-7320D09DC476}C:\program files\android\android studio\bin\studio64.exe] => (Block) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{206E2DCC-FB02-41C5-B130-329C2E41BBF2}C:\program files\android\android studio\bin\studio64.exe] => (Block) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{66D98573-58F6-4909-8546-59335EA4D6D5}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Block) C:\program files\java\jdk1.8.0_60\bin\java.exe
FirewallRules: [UDP Query User{12AC699D-E475-4FCD-A72B-79227863FD51}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Block) C:\program files\java\jdk1.8.0_60\bin\java.exe
FirewallRules: [{1B43591E-F30D-4D10-8A7A-E59793277EDE}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe
FirewallRules: [{698C68ED-B406-411E-8896-585959C2A131}] => (Allow) E:\Le Me\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{38510F6C-DA80-4A90-97D2-C667DDC34491}] => (Allow) E:\Le Me\Program Files\Unity_5.1.3\Unity\Editor\Unity.exe
FirewallRules: [{134A10C6-A3FF-483E-A941-D368846FD6C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{6BF605A0-74E7-4265-AFAC-FF3840E253D7}E:\le me\program files\firefox developer edition\firefox.exe] => (Block) E:\le me\program files\firefox developer edition\firefox.exe
FirewallRules: [UDP Query User{133EEF00-11FE-436B-A62B-1414D907EA9D}E:\le me\program files\firefox developer edition\firefox.exe] => (Block) E:\le me\program files\firefox developer edition\firefox.exe
FirewallRules: [TCP Query User{BD36B719-FC29-4062-BF69-38FD52B74C6F}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{38FA488C-1E13-44EF-94DA-658157B16BC2}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{09C208FC-5F7F-46D0-A5A7-9A76B0347B4F}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{31857DB0-7D3F-465E-A38C-D490C3BE240E}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/21/2015 12:15:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 20.12.2015.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 23bc
 
Start Time: 01d13bdf5f3e9898
 
Termination Time: 4294967295
 
Application Path: C:\Users\legendary_sage\Desktop\FRST64.exe
 
Report Id: 169c6986-a7d4-11e5-8288-cc3d82e2884d
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (12/21/2015 10:41:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c117d5
Faulting module name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c117d5
Exception code: 0x40000015
Fault offset: 0x00052d24
Faulting process ID: 0x1850
Faulting application start time: 0xjucheck.exe0
Faulting application path: jucheck.exe1
Faulting module path: jucheck.exe2
Report ID: jucheck.exe3
Faulting package full name: jucheck.exe4
Faulting package-relative application ID: jucheck.exe5
 
Error: (12/21/2015 08:55:22 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
 
Error: (12/21/2015 08:48:50 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
 
Error: (12/21/2015 08:01:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17239, time stamp: 0x53d22946
Faulting module name: ONLINE~1.OCX_unloaded, version: 1.0.0.7777, time stamp: 0x55546935
Exception code: 0xc0000005
Fault offset: 0x0002a100
Faulting process ID: 0x2650
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report ID: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
 
Error: (12/21/2015 07:31:23 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
 
Error: (12/21/2015 03:18:57 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
 
Error: (12/20/2015 08:39:31 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
 
Error: (12/20/2015 07:02:35 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
 
Error: (12/20/2015 05:10:51 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
 
 
System errors:
=============
Error: (12/21/2015 10:36:00 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The VMware Workstation Server service terminated with the following service-specific error: 
%%4294967295
 
Error: (12/21/2015 10:35:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMService service failed to start due to the following error: 
%%1053
 
Error: (12/21/2015 10:35:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.
 
Error: (12/21/2015 10:35:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error: 
%%1053
 
Error: (12/21/2015 10:35:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.
 
Error: (12/21/2015 10:35:27 AM) (Source: DCOM) (EventID: 10005) (User: sage-pc)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (12/21/2015 10:35:25 AM) (Source: DCOM) (EventID: 10005) (User: sage-pc)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (12/21/2015 10:35:25 AM) (Source: DCOM) (EventID: 10005) (User: sage-pc)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (12/21/2015 10:35:25 AM) (Source: DCOM) (EventID: 10005) (User: sage-pc)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (12/21/2015 10:35:25 AM) (Source: DCOM) (EventID: 10005) (User: sage-pc)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4720HQ CPU @ 2.60GHz
Percentage of memory in use: 27%
Total physical RAM: 16333.09 MB
Available physical RAM: 11859.7 MB
Total Virtual: 18765.09 MB
Available Virtual: 13362.84 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:95.39 GB) (Free:27.18 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:127.85 GB) (Free:111.75 GB) NTFS
Drive e: (Data1) (Fixed) (Total:465.75 GB) (Free:268.5 GB) NTFS
Drive f: (Dev) (Fixed) (Total:465.76 GB) (Free:172.19 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 255D32A0)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 2E785823)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 


Edited by netwalker1, 21 December 2015 - 05:55 AM.

  • 0

Advertisements


#2
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,589 posts

Hi. My name is Brian, and I would be happy to look into your issue.
 


- General Instructions -


  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • It is also likely during our cleaning process that your internet browsing history will be removed. Your favorites will be untouched. If you don't want this to happen you need to let me know before running any steps so I can adjust my fixes accordingly.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-



All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-


 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

I'm reviewing your logs now.


  • 0

#3
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,589 posts

I've reviewed your logs and have a few questions before we get started.

 

1. Can you verify that you CAN run your security software while in Safe mode?

2. Are you using the UC Browser?

3. Do you use an Internet Proxy?

 

Thank you.


  • 0

#4
netwalker1

netwalker1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Yes i can run security software in safe mode

Yes i'm using uc browser, got it for testing though i can uninstall it if need be

yes i'm tunneling through a proxy


Edited by netwalker1, 22 December 2015 - 01:11 AM.

  • 0

#5
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,589 posts

Thanks for the info. Please do the following.

 

Step#1 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop.
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

Step#2 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool. Click I agree if you agree with the terms of use.
4. Click on Scan.
5. After the scan is complete click on "Cleaning"
6. Confirm each time with Ok.
7. Your computer will be rebooted automatically. A text file will open after the restart.
8. Please post the content of that logfile with your next answer.
9. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[C1].txt as well.

 

 

Items for your next post

1. Fixlog.txt

2. AdwCleaner log

Attached Files


  • 0

#6
netwalker1

netwalker1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Dunno if it's gonna help my situation, but i was able to install kasperskey total security trial version earlier today, did a full scan but no threats were found, after the scan i tried opening malwarebytes and junkware removal tool but they didn't still run

Attached Files


  • 0

#7
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,589 posts

I would remove kaspersky so you don't have competing products running. That will complicate the process. Please try the following.

 

TDSSKiller - Check for Infected MBR/BCD Entries
 
Please download the latest version of TDSSKiller from here and save it to your Desktop.


  • Right-click on TDSSKiller.exe and select Run as administrator. Allow to run if prompted.
  • Accept the End User License Agreement & KSN Statement
  • Click on Change parameters.
  • Another window will appear.
  • Check "Verify file digital signatures" and "Detect TDLFS file system".
  • Check "Loaded modules" under the Objects to scan section. You will be prompted to reboot. Please do so.
  • Reboot.JPG
  • Once the computer is rebooted, TDDSKiller will open again.
  • Click the Start Scan button.
  • The scan should only take a few minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here. If there are multiple logs, please post the most current.

 


  • 0

#8
netwalker1

netwalker1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Sorry i can't copy and paste, the editor is saying the post is too long, attached

Attached Files


  • 0

#9
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,589 posts

Are you familiar with the following program?

 

C:\Program Files (x86)\GLO NETPRO\UpdateDog\ouc.exe


  • 0

#10
netwalker1

netwalker1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Yes thats my modem interface updater


  • 0

Advertisements


#11
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,589 posts

Thanks. Please ensure you have your license information for your Antivirus and completely uninstall Bitdefender Total Security 2016. Once this is completely uninstalled and you have rebooted let me know if you are able to run any securitiy software.


  • 0

#12
netwalker1

netwalker1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

I uninstalled bitdefender yesterday, almost done with uninstalling kaspersky


  • 0

#13
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,589 posts

After all your AV is uninstalled, if you still have any issue running any security software then please try the below.

 

Dr Web CureIt
1. Go to the link below and follow the instructions to run Dr Web CureIt.

http://free.drweb.com/
2. Dr Web will scan your computer. When finished a report is generated.
3. Please open and copy and paste the contents back here.
Note: If the log is too long for one post just use as many as necessary or zip and upload as an attachment.


  • 0

#14
netwalker1

netwalker1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Something i noticed yesterday after i uninstalled kaspersky, i restarted my system when it came on i couldn't open task manager then i restarted again then it opened, then installed dr web which found nothing after the scan

Attached Files


  • 0

#15
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,589 posts

Thanks. So with your AV uninstalled now, can you run either Junkware Removal Tool or Malwarebytes? Can you now open task manager?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP