Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Problem with the driver for Local Area Connection adapter

AdapterNetwork Drivers Windows7 Local Area Connection

  • Please log in to reply

#1
MCMSBre

MCMSBre

    Member

  • Member
  • PipPip
  • 19 posts

Hello,

So yesterday i woke up and turned my PC on to find out that i have a big red "X" on my connection thingy in the bottom right corner. When i tried to use the "Solve Problems" option i got this message: "There might be a problem with the driver for the Local Area Connection Adapter". I searched online on my phone to find some solutions. I found a couple:

-Update network adapter drivers
-Deinstall all those drivers and let windows install them again
-Tried connecting wirelessly, but once again i got the same problem (just this time it said "wireless something something 11 adapter)
-Tried using my ethernet cable on my laptop, it worked, it´s not in the cable
-Disabled and enabled Local Area Connection in the "Change Adapter Settings"
-Made sure TCP/IPv4 and TCP/IPv6 are both on Auto

Nothing worked. In the end i decided to restore my PC to a couple of days ago. In those couple of days there were some Windows updates that got installed.

After restoring, my internet worked again. I decided to immediatly update my Network Adapter Drivers. Upon doing that my internet icon went crazy, one seccond i had internet the other not. Now that i think about it it was probably because those drivers were being installed. After that i restarted my PC a couple of times. On one restart those updates got installed (18 of them), but after every restart my internet worked. I am not sure if the problem is in those updates since the first time i got them installed it was about a week before my problem occured.

After all of that i posted my first cry for help online. I got one answer and the person told me to download and run "Tweaking Windows Repair". I downloaded it but i didn´t run it until today. The reason being, my internet worked, and a part of me thought (hoped) that the problem was gone... Oh silly me.

Today i turned on my PC with fear, unfortunately my fear was justified. Same thing. First thing i tried was restoring my PC again, so that i can at least have internet access and start working on the solution. The problem is, this time it didn´t let me go that far back, it only gave me the option to go back to yesterday. I did that, but this time it did not work.

Then i decided to use the "Tweaking" program. It finished, problem was still there. I did it again, since it said that they recommend doing it twice. Still nothing. After that i decided to manually deinstall all updates that windows installed for this month. I managed to deinstall everything (even microsoft .net framework, which i don´t know if it´s good or bad). The only thing i was not able to deinstall was "Adobe Acrobat Reader DC (15.010.20060)", but only because it didn´t let me do that.

I honestly have no idea what to do next, and i hope some of you have the solution.

My IPCONFIG /ALL:

Windows IP Configuration
host name..............................: user-pc
primary dns suffix....................: (blank)
node type...............................: hybrid
ip routing enabled....................: no
wins proxy enabled..................: no

Tunnel adapter Teredo Tunneling Pseudo-Interface:
media state.............................: media disconnected
connection-specific dns suffix.....: (blank)
description...............................: teredo tunneling pseudo-interface
physical address.......................: 00-00-00-00-00-00-00-E0
dhcp enabled............................: no
autoconfiguration enabled..........: yes

I have no idea what any of this is, but i saw some people do it so i did it as well. The only thing i think i know is that DHCP should be enabled, and i did that, i´ve put TCP/IPv4 and TCP/IPv6 on auto. Unless there is another way to enable DHCP.

So there it is, I hope some of you know what the problem is, and hopefully it can be fixed. If more information is needed i am more than happy to provide it.

System spec:
Windows 7 Ultimate
Processor: Intel® Core™ i3-3240 CPU @ 3.40GHz 3.40 GHz
RAM: 8,00 GB (7,89 GB Usable)
64-bit OS

Thank you.


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

I wonder if the hard drive has a bad spot where the driver sits.

 

 
1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.
 
Right click on (My) Computer and select Manage (Yes) Then the Event Viewer. Next select Windows Logs.  Right click on System and Clear Log, Clear. Repeat for Application.
 
Go in to Device Manager and uninstall the Network Adapters.
 
Reboot. The disk check will run and will probably take an hour or more to finish.
 
 
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
 
sfc /scannow
 
(SPACE after sfc.  This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:
 
Copy the next two lines:
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Yes.  Right click and Paste or Edit then Paste and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.  Close notepad.  Close the Command Window.
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.

  • 0

#3
MCMSBre

MCMSBre

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Thank you for your answer,
I did the check disk, it finished. The "sfc /scannow" finished as well, after which i got: " Windows Resource Protection did not find any integrity violations." I´m guessing that´s good.
I´ve put 2 files in the attachments, one is VEW log for system and the other for application. My unexperienced eye saw quite some errors in those 2 reports, i hope it is not something too serious...

Attached Files


Edited by MCMSBre, 14 March 2016 - 12:41 PM.

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Looks like this is the culprit:

 

Log: 'System' Date/Time: 14/03/2016 5:42:08 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load:  JSWPSLWF

 

 

 
 
There have been problems with older versions of the driver not being signed and suddenly failing after a windows update.  
 
 
Where did you get the driver updates that you mentioned at the beginning?
 
There is a way to get it to ignore signing.  
 
First go into device manager and uninstall the Network adapters then reboot
 
1. During boot-up, After you see the PC maker's logo continuously press (and release) <F8> to get to Advanced Boot Options. Note: On some systems, you need to first press <F2> to go into Boot Menu, then press <F8> to reach Advanced Boot Options.

2. When the menu appears, use the DOWN arrow key to scroll to “Disable Driver Signature Enforcement.”

3. Press <Enter>.

4. Continue the boot process.  Not a good long term fix since it makes your system more vulnerable to infection but it will show if we are on the right track if the network starts working again.
 
What make and model number is the PC?
What version of the Network drivers are you using and where did you get them?

  • 0

#5
MCMSBre

MCMSBre

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Using “Disable Driver Signature Enforcement.” did help, i do have internet connection on my PC now.
Which drivers do you have in mind? The ones I installed myself for Network adapters? I found them online on Realteks official page. But i do not think that that driver is the problem since i lost my connection before i installed that driver. Me installing that driver was just me trying to fix this thing myself.
I got my internet connection again after restoring my pc to before some 18 updates were installed. Those updates are from the windows automatic update system. I do not know which updates i got, but like i said i deinstalled all updates i got from windows for this month. Can windows install drivers as well automatically? Maybe i haven´t deinstalled all updates, are some hidden in some way?

A wierd thing about my make and model number. First i had no idea what that is, then i found online the "
wmic bios get serialnumber" command for command prompt. The thing i got was "to be filled by o.e.m". I searched online and saw that a bios update was needed, which i have never done. Can that lead to some problems? Should i do that, how do i do that? I know i´m getting sidetracked but i don´t want more problems in the near future.
Anyway i went behind to search for the number on my case and the only number i found that i would say looks like that is: "923B130100591". But i dont know if that is it nor do i know what the "make" is. I apologise.
If those numbers are the same as the motherboard numbers, which i managed to find, then those are:
Manufacturer: ASRock
Product: Z77 Pro4-M
SerialNumber: E80-31021900027
Version: (Blank)

Network adapters: Realtek PCIe GBE Family Controller
Driver Date: 7.1.2016
Driver Version: 7.98.107.2016

I Hope i got the right information, the needed information.


Edited by MCMSBre, 14 March 2016 - 02:57 PM.

  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Until you get it sorted out I would go into Control Panel, Windows Update and turn off automatic download & install.

 

The motherboard number will do.  The driver that  ASRock provides is

 

http://www.asrock.co...nload&os=Win764

 

You might try it.

 

We can also look at your drivers to see which are not signed.

 

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator.  Yes.

 

Type:

sigverif

and hit Enter then Start (in the new window)

 

When it finishes it will tell you which drivers it doesn't like if any.


  • 0

#7
MCMSBre

MCMSBre

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

I have already disabled windows automatic download and install, unfortunately it was too late.
Which drivers from that site should i download and install, all of them?
I did the "sigverif" and i got a full list of items. I suppose that´s bad. What do i do now? I have noticed that "jswpslwfx.sys" is on the list. It has almost the same name as that driver that failed to load, just with an "x" at the end...


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

I don't usually run sigverif with the driver signing turned off so that might be why you get so many.  On mine it's on and sigverif doesn't find any.

 

Appears jswpslwfx.sys is the driver in charge of the  jswpslwf service.  Appears it's a 32 bit driver since on another site I found it listed as 

C:\Windows\SysWOW64\DRIVERS\jswpslwfx.sys

 

This is normally hidden by windows so:

 

Open the Control Panel menu and click Folder Options.

    After the new window appears select the View tab.
    Put a checkmark in the checkbox labeled Display the contents of system folders.
    Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
    Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
    Remove the checkmark from the checkbox labeled Hide protected operating system files.
    Press the Apply button and then the OK button 
 
Then right click on the Start button and select Start Windows Explorer.  Then navigate down to
 
C:\Windows\SysWOW64\DRIVERS\jswpslwfx.sys 
 
Right click on it and select Properties then Digital Signature.  Does it have one?  Select the   Details tab and tell me what version it has.
 
Check if there is one at C:\Windows\System32\DRIVERS\jswpslwfx.sys too.
 
Then go to the http://www.asrock.co...nload&os=Win764site and get the 7th one down.
 
It says:
 
3/14/2012 Windows® 7 64bit 5.53MB   Realtek Lan driver ver:7048 Windows 7 ver:7.48.823.2011 Windows 7 64bit ver:7.48.823.2011
 
After the install look in the same two locations again and see if there is a Digital Signature and what Version we have.
 

  • 0

#9
MCMSBre

MCMSBre

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

I have to mention that i have done the "sigverif" command on both the normal startup (when i don´t have internet connection) and on the one with the driver signing turned off, both times i got same results. I mean i haven´t gone through each thing on the list and compare it but the list was long on both occasions.

I have
selected averything you said in the folder options/view tab except "Display the contents of system folders." because it is not there. The rest was there however.

In the C:\Windows\SysWOW64\DRIVERS folder i do not have the "jswpslwfx.sys". I only have a couple of folders there and some files.

I do however have the "jswpslwfx.sys" in the C:\Windows\System32\DRIVERS folder. When go in into properties i do not have a "Digital Signature" tab nor is it listed in the details or on any other tabs. In details it says that the version is: 1.0.0.50. Both file version and product version are the same. Makes sense...

After Installing the driver, and rebooting normally:
The
"jswpslwfx.sys" in System32 folder is completely the same. Still no Digital Signature and even the version is still the same.
The SysWOW64/drivers folder still doesn´t have the "jswpslwfx.sys".


After rebooting with the driver signing turned off:
It´s the same. I don´t know why i thought it wouldn´t be. I guess there is no harm in checking...

Maybe i haven´t installed the driver properly. After the Install wizard, of whatever the name is finished i did nothing more, i just restarted my PC afterwards. Am i supposed to manually install something afterwards, after that initial instalation is complete?


Edited by MCMSBre, 15 March 2016 - 10:53 AM.

  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

The jswpslwfx.sys seems wrong.  Pretty old version number.

 

That the file is in System32 makes more sense than it being in SysWOW64.  System32 is where the 64 bit files are supposed to be.  

 

My PC is also running Win 7 Ultimate, 64 bit so I'm not sure why yours is so different.  Perhaps the signing stays off once you turn it off and that is why there is no  "Digital Signature"  tab.

 

Run sigverif

click on Advanced and then on View Log  Copy and paste the log into a reply.  If there is no log then check the Save the sig ver. results to a log file then OK and Start.  (If the log is too big for the forum then attach it.)


  • 0

Advertisements


#11
MCMSBre

MCMSBre

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

I haven´t even tried copy-pasting the text, i assume it was too big.

Attached Files


  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

I downloaded the driver program.  It's a zip file so you have to save it then (right click and Show in Folder) then right click and Extract All.  That will open to a folder Realtek_Win7-64_Win7(7048)\LAN(7048)

 

Double click on Lan(7048) and it opens to show a setup.exe file (and a bunch of other files and folders) .  Right click on  setup.exe  and Run As Admin.  That should install a new driver.  The one you have is ancient.


  • 0

#13
MCMSBre

MCMSBre

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

I did that but nothing changed. Does it have something to do with the thing that i downloaded the driver on my laptop, then used a usb stick to get it to my pc? It shouldn´t make a diference right?

Where is that driver in the device manager, which one is it, maybe i have to somehow install it from there as well? Is it the network adapters?

EDIT: I just saw that the "jswpslwfx.sys", in properties it says that it opens with "Unknown application". I am not sure if that is supposed to be like that, just decided to share that, maybe it´s important...


Edited by MCMSBre, 15 March 2016 - 12:34 PM.

  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

The driver on the motherboard is realtek so this must be a separate card from the onboard network device.

 

I'm going to have this topic moved to malware so I can run FRST and see what is going on.

 

 

 
Please download Farbar Recovery Scan Tool and save it to your Desktop. 
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. 
 
  •  
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 

    • 0

    #15
    MCMSBre

    MCMSBre

      Member

    • Topic Starter
    • Member
    • PipPip
    • 19 posts

    FRST Results.

     

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
    Ran by User (administrator) on USER-PC (15-03-2016 20:48:03)
    Running from C:\Users\User\Desktop\FRST64
    Loaded Profiles: User (Available Profiles: User & Guest)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AMD) C:\Windows\System32\atiesrxx.exe
    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
    (TeamViewer GmbH) D:\Teamviewer\TeamViewer_Service.exe
    () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avpui.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
     
     
    ==================== Registry (Whitelisted) ===========================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13516360 2013-04-02] (Realtek Semiconductor)
    HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-14] (Intel Corporation)
    HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
    HKLM-x32\...\Run: [jswtrayutil] => "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe"
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-03] (Advanced Micro Devices, Inc.)
    Winlogon\Notify\igfxcui: igfxdev.dll [X]
    HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2016-01-28] (Garmin Ltd. or its subsidiaries)
    ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-14] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-14] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-14] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
    ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} =>  No File
    ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} =>  No File
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk [2016-01-30]
    ShortcutTarget: NETGEAR WNA1100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe ()
    Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 2540 series.lnk [2016-03-15]
    ShortcutTarget: Monitor Ink Alerts - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
    GroupPolicyScripts: Restriction <======= ATTENTION
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
    Tcpip\..\Interfaces\{57C84DA3-60F6-4DE1-9A32-2A9681C5337B}: [DhcpNameServer] 10.0.0.138
     
    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-2278087175-315393774-4205556306-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-2278087175-315393774-4205556306-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://at.search.yahoo.com/?type=903578&fr=spigot-yhp-ie
    SearchScopes: HKU\S-1-5-21-2278087175-315393774-4205556306-1000 -> DefaultScope {9E03EC2F-2194-4BC8-9698-27993060BD56} URL = hxxps://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-2278087175-315393774-4205556306-1000 -> {9E03EC2F-2194-4BC8-9698-27993060BD56} URL = hxxps://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
    BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-03-14] (Microsoft Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-03-14] (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-14] (Microsoft Corporation)
    BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2016-03-14] (Microsoft Corporation)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-06] (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2016-03-14] (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-14] (Microsoft Corporation)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-06] (Oracle Corporation)
    Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
    Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
    Toolbar: HKU\S-1-5-21-2278087175-315393774-4205556306-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
    Toolbar: HKU\S-1-5-21-2278087175-315393774-4205556306-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-04-27] (Microsoft Corporation)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5gsjqgb1.default-1446418166396
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
    FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2014-05-19] (Oracle Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-03-19] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-06] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-06] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-03-19] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-2278087175-315393774-4205556306-1000: @hola.org/FlashPlayer -> C:\Users\User\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-02-17] ()
    FF Plugin HKU\S-1-5-21-2278087175-315393774-4205556306-1000: @hola.org/vlc -> C:\Users\User\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-02-17] (Hola)
    FF Plugin HKU\S-1-5-21-2278087175-315393774-4205556306-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
    FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5gsjqgb1.default-1446418166396\user.js [2015-11-01]
    FF Extension: Adblock Plus Pop-up Addon - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5gsjqgb1.default-1446418166396\extensions\[email protected] [2015-11-02]
    FF Extension: NoScript - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5gsjqgb1.default-1446418166396\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-12]
    FF Extension: Ghostery - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5gsjqgb1.default-1446418166396\Extensions\[email protected] [2016-03-10]
    FF Extension: Hola Better Internet - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5gsjqgb1.default-1446418166396\Extensions\[email protected] [2016-02-17]
    FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5gsjqgb1.default-1446418166396\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
    FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2015-12-22]
     
    Chrome: 
    =======
    CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
    CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
     
    ==================== Services (Whitelisted) ========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2828016 2016-02-09] (Microsoft Corporation)
    S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2015-02-11] (EasyAntiCheat Ltd)
    S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [803856 2016-01-28] (Garmin Ltd. or its subsidiaries)
    R2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
    R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319096 2016-01-13] (Intel Corporation)
    R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
    R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-14] ()
    S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
    S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
    R2 TeamViewer; D:\Teamviewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [297440 2011-07-28] ()
     
    ===================== Drivers (Whitelisted) ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
    R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
    R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-27] (Disc Soft Ltd)
    S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
    R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
    R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
    R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
    R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
    R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
    R1 JSWPSLWF; C:\Windows\System32\DRIVERS\jswpslwfx.sys [26624 2008-05-15] (Atheros Communications, Inc.) [File not signed]
    R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
    R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
    R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
    R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
    R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab)
    R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [237448 2015-12-19] (AO Kaspersky Lab)
    R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [178872 2016-03-15] (AO Kaspersky Lab)
    R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [998280 2015-12-11] (AO Kaspersky Lab)
    R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-03-11] (AO Kaspersky Lab)
    R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
    R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
    R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
    R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
    R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [112520 2015-12-03] (AO Kaspersky Lab)
    R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
    S3 athur; system32\DRIVERS\athurx.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-03-15 20:47 - 2016-03-15 20:48 - 00000000 ____D C:\Users\User\Desktop\FRST64
    2016-03-15 20:46 - 2016-03-15 20:48 - 00000000 ____D C:\FRST
    2016-03-15 19:17 - 2011-08-23 20:57 - 00565352 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
    2016-03-15 19:17 - 2011-08-23 20:57 - 00074272 _____ C:\Windows\system32\RtNicProp64.dll
    2016-03-15 19:10 - 2016-03-15 19:10 - 00000000 ____D C:\Users\User\Desktop\Driver
    2016-03-15 12:34 - 2016-03-15 18:48 - 00137926 _____ C:\Users\Public\Documents\SIGVERIF.TXT
    2016-03-14 18:43 - 2016-03-14 18:48 - 00006391 _____ C:\VEW.txt
    2016-03-14 18:33 - 2016-03-14 16:53 - 00061440 _____ ( ) C:\Users\User\Desktop\VEW.exe
    2016-03-14 13:43 - 2016-03-14 13:43 - 00000000 ____D C:\Users\User\AppData\Local\Intel_Corporation
    2016-03-13 22:40 - 2016-03-13 22:40 - 00072338 _____ C:\Windows\system32\log.xml
    2016-03-13 22:40 - 2016-03-13 22:40 - 00000000 ____D C:\ProgramData\ATI
    2016-03-13 22:37 - 2016-03-13 22:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_INETMON_01011.Wdf
    2016-03-13 22:37 - 2014-05-27 11:21 - 00025800 _____ C:\Windows\system32\Drivers\INETMON.sys
    2016-03-13 22:34 - 2016-03-13 22:34 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
    2016-03-13 22:34 - 2016-03-13 22:34 - 00000000 ____D C:\Program Files\Realtek
    2016-03-13 22:34 - 2013-04-03 19:19 - 03382984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
    2016-03-13 22:34 - 2013-04-01 13:54 - 03180912 _____ C:\Windows\system32\Drivers\rtvienna.dat
    2016-03-13 22:34 - 2013-03-26 17:06 - 02797128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
    2016-03-13 22:34 - 2013-03-26 14:38 - 01659464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
    2016-03-13 22:34 - 2013-03-20 13:16 - 02102040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
    2016-03-13 22:34 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
    2016-03-13 22:34 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
    2016-03-13 22:34 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
    2016-03-13 22:34 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
    2016-03-13 22:34 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
    2016-03-13 22:34 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
    2016-03-13 22:34 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
    2016-03-13 22:33 - 2013-04-03 22:02 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
    2016-03-13 22:33 - 2013-04-03 16:56 - 00449509 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
    2016-03-13 22:33 - 2013-03-27 16:57 - 00135240 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
    2016-03-13 22:33 - 2013-03-26 17:04 - 02734624 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
    2016-03-13 22:33 - 2013-03-26 15:40 - 03693128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
    2016-03-13 22:33 - 2013-03-23 03:43 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
    2016-03-13 22:33 - 2013-03-20 13:16 - 00910104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
    2016-03-13 22:33 - 2013-02-28 13:10 - 02032408 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
    2016-03-13 22:33 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
    2016-03-13 22:33 - 2013-02-19 18:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
    2016-03-13 22:33 - 2013-01-11 16:27 - 00628504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
    2016-03-13 22:33 - 2013-01-11 16:27 - 00563992 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
    2016-03-13 22:33 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
    2016-03-13 22:33 - 2012-06-08 16:23 - 00083072 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
    2016-03-13 22:33 - 2012-06-08 16:21 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
    2016-03-13 22:33 - 2012-06-08 16:21 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
    2016-03-13 22:33 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
    2016-03-13 22:33 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
    2016-03-13 22:33 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
    2016-03-13 22:33 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
    2016-03-13 22:33 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
    2016-03-13 22:33 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
    2016-03-13 22:33 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
    2016-03-13 22:33 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
    2016-03-13 22:33 - 2009-11-18 07:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
    2016-03-13 22:27 - 2016-03-13 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
    2016-03-13 22:22 - 2016-03-13 22:22 - 00003176 _____ C:\Windows\System32\Tasks\{90EC5867-59BF-4FE7-BD45-1451449C0A69}
    2016-03-13 22:19 - 2016-03-13 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
    2016-03-13 22:18 - 2016-03-13 22:27 - 00000000 ____D C:\Program Files (x86)\AMD
    2016-03-13 22:15 - 2016-03-13 22:15 - 00003172 _____ C:\Windows\System32\Tasks\{08D6EE61-D8EE-4B26-890C-B0E61292495D}
    2016-03-13 22:11 - 2016-03-13 22:18 - 00000000 ____D C:\SWSETUP
    2016-03-13 22:09 - 2016-03-13 22:09 - 00001536 _____ C:\Windows\SysWOW64\RtkMsgs.dll
    2016-03-13 22:09 - 2016-03-13 22:09 - 00000000 ____D C:\Dell
    2016-03-13 16:01 - 2016-03-13 16:01 - 00000000 ____D C:\Users\User\AppData\Roaming\driveridentifier
    2016-03-13 15:16 - 2016-03-15 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
    2016-03-12 18:47 - 2016-03-12 18:47 - 00000207 _____ C:\Windows\tweaking.com-regbackup-USER-PC-Windows-7-Ultimate-(64-bit).dat
    2016-03-12 18:47 - 2016-03-12 18:47 - 00000000 ____D C:\RegBackup
    2016-03-11 20:34 - 2016-03-11 20:33 - 07179399 _____ C:\Users\User\Desktop\Bock_Duden_Arbeit aus Liebe - Liebe als Arbeit 1977.pdf
    2016-03-11 20:34 - 2016-03-11 20:20 - 08977556 _____ C:\Users\User\Desktop\Aulenbacher-Riegraf_Markteffizienz und Ungleichheit – Zwei Seiten einer Medaille_ KlasseSchicht, Geschlecht und Ethnie im Uebergang zur postfordistischen Arbeitsgesellschaft_2009.pdf
    2016-03-11 20:34 - 2016-03-11 20:17 - 00070966 _____ C:\Users\User\Desktop\sandner.pdf
    2016-03-11 16:21 - 2016-03-11 16:22 - 00114748 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
    2016-03-11 16:21 - 2016-03-11 16:21 - 20151816 _____ (Tweaking.com) C:\Users\User\Downloads\tweaking.com_windows_repair_aio_setup.exe
    2016-03-11 15:58 - 2011-08-23 20:57 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
    2016-03-06 00:23 - 2016-03-06 00:23 - 00228660 _____ C:\Users\User\Downloads\Diamond Gear Repair Guide - Reddit.xlsx
    2016-03-06 00:23 - 2016-03-06 00:23 - 00030394 _____ C:\Users\User\Desktop\Diamond Gear Repair Guide - Reddit Diamond Pickaxe OR Shovel.pdf
    2016-03-05 18:35 - 2016-03-05 18:36 - 00228660 ____R C:\Users\User\Desktop\Diamond Gear Repair Guide - Reddit.xlsx
    2016-02-20 19:32 - 2016-02-28 20:07 - 00000232 _____ C:\Users\User\Desktop\MC.txt
    2016-02-20 18:36 - 2016-03-11 18:34 - 00000000 ____D C:\Users\User\AppData\Roaming\.minecraft
    2016-02-20 15:53 - 2016-02-20 15:53 - 00093003 _____ C:\Users\User\Desktop\Mineshafter-launcher.jar
    2016-02-17 11:34 - 2016-03-11 15:52 - 00000000 ____D C:\Users\User\AppData\Roaming\Hola
    2016-02-17 11:34 - 2016-02-17 11:34 - 00000000 ____D C:\Users\User\AppData\Local\Hola
    2016-02-17 11:34 - 2016-02-17 11:34 - 00000000 ____D C:\Program Files\Hola
    2016-02-17 11:33 - 2016-02-17 11:33 - 00665984 _____ (Hola Networks Ltd.) C:\Users\User\Downloads\Hola-Setup.exe
    2016-02-14 15:33 - 2016-03-13 23:21 - 00000000 ____D C:\Users\User\Desktop\Battlenet ID
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-03-15 20:46 - 2009-07-14 05:45 - 00022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2016-03-15 20:46 - 2009-07-14 05:45 - 00022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2016-03-15 20:28 - 2014-02-06 19:42 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2016-03-15 19:29 - 2015-05-02 23:58 - 00000000 __SHD C:\Users\User\IntelGraphicsProfiles
    2016-03-15 19:29 - 2015-02-04 17:52 - 00000000 ____D C:\ProgramData\Kaspersky Lab
    2016-03-15 19:28 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-03-15 19:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
    2016-03-15 19:17 - 2013-12-30 09:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2016-03-15 19:17 - 2013-12-30 09:29 - 00000000 ____D C:\Program Files (x86)\Realtek
    2016-03-15 17:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
    2016-03-15 12:35 - 2015-09-29 01:22 - 00000000 ____D C:\Program Files (x86)\TweakBit
    2016-03-15 12:24 - 2009-07-14 03:34 - 00000502 _____ C:\Windows\win.ini
    2016-03-14 22:20 - 2014-03-06 14:32 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2016-03-14 22:19 - 2014-03-06 14:28 - 00000000 ____D C:\Program Files\Microsoft Office 15
    2016-03-14 20:50 - 2014-01-08 17:35 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
    2016-03-14 18:42 - 2013-12-30 09:31 - 00112088 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
    2016-03-14 18:41 - 2009-07-14 05:45 - 00428648 _____ C:\Windows\system32\FNTCACHE.DAT
    2016-03-13 22:41 - 2014-10-31 16:08 - 00678180 _____ C:\Windows\system32\perfh007.dat
    2016-03-13 22:41 - 2014-10-31 16:08 - 00143204 _____ C:\Windows\system32\perfc007.dat
    2016-03-13 22:41 - 2009-07-14 06:13 - 01603002 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-03-13 22:35 - 2013-12-30 09:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
    2016-03-13 22:35 - 2013-12-30 09:29 - 00000000 ___HD C:\Program Files (x86)\Temp
    2016-03-13 22:34 - 2013-12-30 09:31 - 00000000 ____D C:\Program Files\Intel
    2016-03-13 22:32 - 2015-05-02 23:58 - 00000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
    2016-03-13 22:26 - 2013-12-30 09:49 - 00000000 ____D C:\Program Files\ATI Technologies
    2016-03-13 22:24 - 2014-01-09 20:49 - 00000000 ____D C:\Program Files\AMD
    2016-03-13 22:24 - 2014-01-09 20:43 - 00000000 ____D C:\ProgramData\Package Cache
    2016-03-13 22:22 - 2014-01-09 20:41 - 00000000 ____D C:\AMD
    2016-03-13 22:21 - 2015-05-02 23:56 - 00000700 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
    2016-03-13 22:19 - 2013-12-30 09:50 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
    2016-03-13 20:05 - 2014-01-08 17:33 - 00671068 _____ C:\Windows\ntbtlog.txt
    2016-03-13 20:05 - 2011-04-12 09:28 - 00000000 ____D C:\Windows\CSC
    2016-03-13 15:16 - 2015-09-29 01:22 - 00000000 ____D C:\ProgramData\TweakBit
    2016-03-13 14:59 - 2009-07-14 06:08 - 00032614 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2016-03-12 23:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
    2016-03-12 21:44 - 2014-11-05 02:46 - 00000000 ____D C:\Users\Тест
    2016-03-12 21:44 - 2014-05-01 14:37 - 00000000 ____D C:\Users\Guest
    2016-03-12 21:15 - 2014-01-18 20:12 - 00000000 ____D C:\Program Files\OBS
    2016-03-12 21:01 - 2014-12-10 03:10 - 00000000 ____D C:\Windows\system32\appraiser
    2016-03-12 21:01 - 2014-05-06 15:55 - 00000000 ___SD C:\Windows\system32\CompatTel
    2016-03-12 20:23 - 2009-07-14 03:34 - 00000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_574
    2016-03-12 19:15 - 2009-07-14 03:34 - 00000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_172
    2016-03-11 22:35 - 2014-01-08 17:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
    2016-03-11 18:28 - 2014-02-06 19:42 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2016-03-11 18:28 - 2014-02-06 19:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2016-03-11 18:28 - 2014-02-06 19:42 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2016-03-11 16:44 - 2014-01-08 00:40 - 00000000 ____D C:\Windows\system32\MRT
    2016-03-11 16:39 - 2014-01-08 00:40 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2016-03-11 16:20 - 2015-12-01 10:59 - 00050776 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
    2016-03-11 16:03 - 2015-06-09 20:16 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2016-03-11 15:40 - 2016-01-16 21:38 - 00000000 ___RD C:\Program Files (x86)\Skype
    2016-03-11 15:40 - 2014-02-06 19:41 - 00000000 ____D C:\Windows\system32\Macromed
    2016-03-11 15:40 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
    2016-03-11 15:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
    2016-03-11 15:37 - 2014-01-08 17:12 - 00000000 ____D C:\ProgramData\Skype
    2016-03-11 15:30 - 2011-04-12 09:28 - 00000000 ___RD C:\Users\Public\Recorded TV
    2016-03-08 01:07 - 2013-12-30 13:03 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
    2016-03-02 20:11 - 2014-01-07 21:31 - 00000000 ____D C:\temp
    2016-02-20 01:59 - 2016-01-31 19:17 - 00000000 ____D C:\Users\User\AppData\Local\Battle.net
    2016-02-18 18:14 - 2014-01-09 00:05 - 00000000 ____D C:\ProgramData\Battle.net
    2016-02-18 18:14 - 2014-01-08 10:23 - 00000000 ____D C:\Users\User\AppData\Roaming\Battle.net
    2016-02-14 01:59 - 2013-12-30 09:36 - 01585718 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
     
    ==================== Files in the root of some directories =======
     
    2014-11-10 23:10 - 2014-11-10 23:10 - 0001181 _____ () C:\Users\User\AppData\Roaming\trace_FilterInstaller.1.txt
    2014-11-10 23:10 - 2014-11-30 00:31 - 0000919 _____ () C:\Users\User\AppData\Roaming\trace_FilterInstaller.txt
    2014-11-10 23:10 - 2014-11-30 00:31 - 0000000 _____ () C:\Users\User\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
    2016-01-23 22:51 - 2016-02-11 12:12 - 0007606 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
    2013-12-30 09:37 - 2013-12-30 09:37 - 0000003 _____ () C:\Users\User\AppData\Local\user_data.ini
    2015-10-08 11:35 - 2015-10-08 11:35 - 0000057 _____ () C:\ProgramData\Ament.ini
     
    ==================== Bamital & volsnap =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2016-03-09 11:56
     
    ==================== End of FRST.txt ============================
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
    Ran by User (2016-03-15 20:48:33)
    Running from C:\Users\User\Desktop\FRST64
    Windows 7 Ultimate Service Pack 1 (X64) (2013-12-30 08:17:45)
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-2278087175-315393774-4205556306-500 - Administrator - Disabled)
    Guest (S-1-5-21-2278087175-315393774-4205556306-501 - Limited - Disabled) => C:\Users\Guest
    HomeGroupUser$ (S-1-5-21-2278087175-315393774-4205556306-1004 - Limited - Enabled)
    User (S-1-5-21-2278087175-315393774-4205556306-1000 - Administrator - Enabled) => C:\Users\User
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    µTorrent (HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
    A1 Powerline Adapter (HKLM-x32\...\dlanwlancfg) (Version: 3.0.0.0 - PLC)
    Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
    Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
    Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
    Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
    AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
    AMD Catalyst Install Manager (HKLM\...\{0FC66755-FB35-2CBD-C838-70B4984C2C67}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
    Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology)
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
    Creativerse (HKLM-x32\...\Steam App 280790) (Version:  - Playful Corporation)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
    Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
    Dota 2 Workshop Tools Alpha (HKLM-x32\...\Steam App 316570) (Version:  - )
    Dungeon Defenders II (HKLM-x32\...\Steam App 236110) (Version:  - Trendy Entertainment)
    Elevated Installer (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
    erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
    Garmin Express (HKLM-x32\...\{0733d53f-b41d-47cc-b336-d95751c4b2cb}) (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries)
    Garmin Express (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
    Garmin Express Tray (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
    Gear Up (HKLM-x32\...\Steam App 214420) (Version:  - Doctor Entertainment AB)
    Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
    Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
    Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
    HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
    HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    IBM SPSS Statistics 20 (HKLM-x32\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
    Intel® Chipset Device Software (x32 Version: 10.1.1.13 - Intel® Corporation) Hidden
    Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
    Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
    Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
    Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    Intel® Smart Connect Technology (HKLM\...\{A22FA2CB-294A-495C-B784-79981E0BD6F5}) (Version: 5.0.10.2861 - Intel Corporation)
    Intel® Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
    Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
    Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
    Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
    Kaspersky Total Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
    Kaspersky Total Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
    Kingdom Wars (HKLM-x32\...\Steam App 227180) (Version:  - Reverie World Studios, INC)
    Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
    Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
    Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
    Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
    Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4805.1003 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
    Mozilla Firefox 44.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-GB)) (Version: 44.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
    Mozilla Thunderbird 24.6.0 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 en-GB)) (Version: 24.6.0 - Mozilla)
    NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
    Neverwinter (HKLM-x32\...\Steam App 109600) (Version:  - Cryptic Studios)
    OEM Application Profile (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
    Office 15 Click-to-Run Extensibility Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
    Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
    PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
    PRIME Z-DW Gaming Mouse (HKLM-x32\...\PRIME Gaming Mouse) (Version: 1.0 - SPEEDLINK)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6876 - Realtek Semiconductor Corp.)
    RIFT™ (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
    Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
    Settings Manager (HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\Settings Manager) (Version: 21.4.0.1 - Spigot, Inc.) <==== ATTENTION
    Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
    Snow Sakura (HKLM-x32\...\Snow Sakura) (Version:  - )
    StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
    Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
    TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
    TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
    Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.7.0.9 - GOG.com)
    The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version:  - Ubisoft Montreal)
    Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version:  - Ubisoft Singapore)
    Transformice (HKLM-x32\...\Steam App 335240) (Version:  - Atelier 801)
    Tribes: Ascend (HKLM-x32\...\Steam App 17080) (Version:  - Hi-Rez Studios)
    TwitchAlerts (HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\fb3f6ca9b67f53a3) (Version: 1.0.0.8 - TwitchAlerts)
    Unity Web Player (HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
    Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
    War Thunder Launcher 1.0.1.542 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
    Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
    Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
    Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
    WinRAR 5.21 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.1 - win.rar GmbH)
    World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
    World of Warplanes (HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813eu}_is1) (Version:  - Wargaming.net)
     
    ==================== Custom CLSID (Whitelisted): ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    CustomCLSID: HKU\S-1-5-21-2278087175-315393774-4205556306-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
     
    ==================== Scheduled Tasks (Whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    Task: {10C8072C-5429-454C-8B52-A072AE9DABE9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
    Task: {1EA493D9-9F24-4B1A-B947-40AF5936EAD5} - System32\Tasks\{90EC5867-59BF-4FE7-BD45-1451449C0A69} => pcalua.exe -a "C:\Users\User\Desktop\Novi Driveri\win64_153342.exe" -d "C:\Users\User\Desktop\Novi Driveri"
    Task: {3B62A958-D36E-4D68-BDAA-3F8DE7E0C56E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11] (Adobe Systems Incorporated)
    Task: {4015565D-9D43-4255-9E36-907D5AED6C92} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2015-11-13] (AO Kaspersky Lab)
    Task: {660FD778-A06B-4EF1-A489-E3859B780342} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
    Task: {6C70FB2C-EF68-4A60-87A1-782A989B063C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
    Task: {775CD278-F74B-4D7B-B4E1-66F4F7B1DEEE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
    Task: {8A26BDA7-6965-46ED-BA0A-FD35139FAB62} - System32\Tasks\{0F3F4A73-0B4D-4033-9389-4244F58D88AE} => pcalua.exe -a "C:\Program Files (x86)\NETGEAR\WNA1100\Uninstall.exe" -d "C:\Program Files (x86)\NETGEAR\WNA1100"
    Task: {906A3458-62FE-47AC-A277-1059B980D973} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-03-14] (Microsoft Corporation)
    Task: {9C64BCB3-88B0-4B9A-914C-EFD8902E8686} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
    Task: {A72EBFE3-5303-4405-AAD0-B8C3A0F37A19} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
    Task: {B4997671-EEFF-4282-B597-DEC847CE95BA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
    Task: {C58A51B3-2337-44B8-8162-E341F401468A} - System32\Tasks\{1E0B926D-F26C-44D5-89A8-DDAA1EA94006} => pcalua.exe -a C:\Users\User\AppData\Roaming\.minecraft\Uninstall.exe
    Task: {C5BD7536-550E-4D52-9B7F-CA26F8A29D75} - System32\Tasks\{08D6EE61-D8EE-4B26-890C-B0E61292495D} => pcalua.exe -a "C:\Users\User\Desktop\Novi Driveri\sp74100(1).exe" -d "C:\Users\User\Desktop\Novi Driveri"
    Task: {CEADE8D9-F509-432D-9262-174810E42DBB} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-01-28] ()
    Task: {E21AAC68-F734-4785-9E52-EED72FAEC14E} - System32\Tasks\asrRd => C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
     
    ==================== Shortcuts =============================
     
    (The entries could be listed to be restored or removed.)
     
    ==================== Loaded Modules (Whitelisted) ==============
     
    2015-10-28 11:59 - 2015-09-01 17:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
    2014-03-06 14:28 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2014-08-14 09:28 - 2014-08-14 09:28 - 00209712 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
    2014-08-14 09:28 - 2014-08-14 09:28 - 00057648 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
    2014-08-14 09:28 - 2014-08-14 09:28 - 00037168 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
    2014-08-14 09:28 - 2014-08-14 09:28 - 00057648 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTEncryptionCheck.dll
    2015-01-07 21:38 - 2011-07-28 17:06 - 08247264 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
    2015-01-07 21:38 - 2011-07-28 17:06 - 00297440 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
    2015-12-22 02:47 - 2015-12-22 02:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\kpcengine.2.3.dll
    2015-01-07 21:38 - 2009-08-28 16:50 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvcLib.dll
    2015-01-07 21:38 - 2011-07-27 11:53 - 00360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
    2013-12-30 09:31 - 2012-07-18 06:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
     
    ==================== Alternate Data Streams (Whitelisted) =========
     
    (If an entry is included in the fixlist, only the ADS will be removed.)
     
     
    ==================== Safe Mode (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
     
    ==================== EXE Association (Whitelisted) ===============
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
     
     
    ==================== Internet Explorer trusted/restricted ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry.)
     
    IE trusted site: HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\clonewarsadventures.com -> clonewarsadventures.com
    IE trusted site: HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\freerealms.com -> freerealms.com
    IE trusted site: HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\hola.org -> hxxp://hola.org
    IE trusted site: HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\soe.com -> soe.com
    IE trusted site: HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\sony.com -> sony.com
     
    ==================== Hosts content: ===============================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2009-07-14 03:34 - 2016-03-13 20:01 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
     
    127.0.0.1       localhost
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-2278087175-315393774-4205556306-1000\Control Panel\Desktop\\Wallpaper -> 
    DNS Servers: 10.0.0.138
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
    MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun
    MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
    MSCONFIG\startupreg: hola => C:\Program Files\Hola\app\hola.exe --silent
    MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
    MSCONFIG\startupreg: LogMeIn Hamachi Ui => "D:\Hamachi\hamachi-2-ui.exe" --auto-start
    MSCONFIG\startupreg: LWS => D:\Logitech Webcam\LWS\Webcam Software\LWS.exe -hide
    MSCONFIG\startupreg: OscarEditor => "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
    MSCONFIG\startupreg: PRIME Gaming Mouse => "C:\Program Files (x86)\SPEEDLINK Gaming Mouse\Gaming Mouse.exe" /hide
     
    ==================== FirewallRules (Whitelisted) ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    FirewallRules: [TCP Query User{0ACE2391-7261-4788-BA91-67D5144B8ACE}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
    FirewallRules: [UDP Query User{94DDE979-E508-49F7-865F-E14BB2833D43}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
    FirewallRules: [TCP Query User{96E5D5C1-BF15-4D21-BE0B-0E1523EB5702}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
    FirewallRules: [UDP Query User{DB557478-A8BC-487F-A3A7-84E308C651F1}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
    FirewallRules: [{202D3F82-E79D-43F3-A426-A4939FDDC3FA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
    FirewallRules: [{6BEE9D72-7F1A-4F5B-A6B4-10D8607B2475}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
    FirewallRules: [{F6CEE56E-95B8-47AC-A58D-5D3AED6F70C0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
    FirewallRules: [{C6E091E9-916E-43F6-8AA9-FE2E72183AB1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
    FirewallRules: [{557B388F-0C76-4B6A-A6F2-E85E887947A5}] => (Allow) D:\Battle.net\Battle.net.exe
    FirewallRules: [{4D0CF7E9-4495-43B4-9D73-0EB088952B05}] => (Allow) D:\Battle.net\Battle.net.exe
    FirewallRules: [{A1DF34E3-5083-42BE-947D-B491091EBC53}] => (Allow) D:\Hearthstone\Hearthstone.exe
    FirewallRules: [{4AEB95B0-1CB7-41CA-80B8-8FF1B5F69CD0}] => (Allow) D:\Hearthstone\Hearthstone.exe
    FirewallRules: [{402D9FA7-0D8A-49BB-B6FD-9EE54797E0F3}] => (Allow) D:\Steam\Steam.exe
    FirewallRules: [{5D82D92C-8607-43C2-9EE8-41AE1B31F49B}] => (Allow) D:\Steam\Steam.exe
    FirewallRules: [{4DE69CDE-68D7-4790-A6CD-E43FEBCD56C8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{2347DF1A-084D-4711-8D66-EADF2D0FD95A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
    FirewallRules: [{DF0A83BD-698E-41D7-8454-C8DA0A19586E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
    FirewallRules: [TCP Query User{B50339F5-5DFA-4C1E-9CEF-1366D0C6C439}C:\program files (x86)\media crawler\mediacrawler.exe] => (Allow) C:\program files (x86)\media crawler\mediacrawler.exe
    FirewallRules: [UDP Query User{9B2E1E35-5651-4EC7-A6A0-B8BEB47369A7}C:\program files (x86)\media crawler\mediacrawler.exe] => (Allow) C:\program files (x86)\media crawler\mediacrawler.exe
    FirewallRules: [{638012C7-0A85-4B84-82AE-B8513114B31F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
    FirewallRules: [{C984B089-468F-4AA8-B59D-A76F46C19007}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
    FirewallRules: [{C83604B7-E573-4467-9796-BF45D92CB664}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{5A4380BA-D2BC-4BB3-BE75-744FA303B944}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{2F028CBC-60EB-470E-8BEE-C7B708FDAF9F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
    FirewallRules: [{923069C0-85A6-43F4-ACB4-3D5CCBC3AA13}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
    FirewallRules: [{91950AA6-7634-44A6-B0D9-80D31E1ADB30}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
    FirewallRules: [{4C7377F9-A082-409B-8092-7F11EEF32C8B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
    FirewallRules: [{5225E6D3-0D8A-47B5-AEC4-EEDCB09E034E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
    FirewallRules: [{216C57E2-81D2-4768-B918-AE6FDD183C71}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
    FirewallRules: [{F891E9DD-4ED9-45A4-9501-E76A8FC404E5}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
    FirewallRules: [{F1FD281B-0D25-404C-971E-F2B4B1DA08B4}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
    FirewallRules: [{806643C4-A32C-471E-8A5A-C135BAB7706B}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
    FirewallRules: [{C8E986D2-651D-4B41-923C-35F7655D5F44}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
    FirewallRules: [{1450997B-0C4D-4754-BB1F-B5D30E5C4A47}] => (Allow) D:\Steam\SteamApps\common\Loadout\Loadout.exe
    FirewallRules: [{721E9C2F-0AD4-4AC8-BC96-646EB79BC01F}] => (Allow) D:\Steam\SteamApps\common\Loadout\Loadout.exe
    FirewallRules: [{2BAE9DB2-607B-4C7D-8DBB-32FE666E77FC}] => (Allow) D:\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
    FirewallRules: [{E7FBB589-98EC-45C3-B036-0C3D42867E86}] => (Allow) D:\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
    FirewallRules: [{9D871D06-E969-4088-9DC9-EDC63E0B9C5E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
    FirewallRules: [TCP Query User{88087A4B-6D2D-42ED-9C20-D7DF877B9A4D}D:\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) D:\steam\steamapps\common\planetside 2\planetside2.exe
    FirewallRules: [UDP Query User{A64E7E76-2286-4B2B-A5A8-411CE253E6AD}D:\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) D:\steam\steamapps\common\planetside 2\planetside2.exe
    FirewallRules: [TCP Query User{19DFEA7B-5C35-485D-8274-92871EFDDAA6}D:\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) D:\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
    FirewallRules: [UDP Query User{3C32EFD3-79AD-4D72-A91D-BDC2FCE7387E}D:\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) D:\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
    FirewallRules: [{3E757E4E-D90A-4583-B584-21F8971DB671}] => (Allow) D:\StarCraft II\StarCraft II Public Test.exe
    FirewallRules: [{91D4BDF7-7ECC-4AE9-A614-812AAE884362}] => (Allow) D:\StarCraft II\StarCraft II Public Test.exe
    FirewallRules: [{22DB5699-9E2C-436B-899C-DD49F3AC65A1}] => (Allow) D:\Steam\SteamApps\common\RIFT\riftpatchlive.exe
    FirewallRules: [{66503966-9E77-488F-94F1-797911225589}] => (Allow) D:\Steam\SteamApps\common\RIFT\riftpatchlive.exe
    FirewallRules: [{65F6DC20-93B9-4804-9E68-86EDA442023A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
    FirewallRules: [{413B2105-C6F5-4955-AD24-DB731F4B2BBD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
    FirewallRules: [{0927C497-A953-492C-AE18-5BE24B181ECF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{0AA96537-5365-48E9-AAAE-08131D87E3B3}] => (Allow) LPort=2869
    FirewallRules: [{15F16C05-B7C0-4B9D-AD4C-69B681DABB0E}] => (Allow) LPort=1900
    FirewallRules: [{EBAE0B13-038D-46E7-A2EA-6EC1DF4AE350}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
    FirewallRules: [{C90E294F-1867-429A-A7EA-5AF532BA8446}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
    FirewallRules: [{DD998AA6-228A-4609-9EF2-0B4771EE4E61}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
    FirewallRules: [{CDEE2BA1-5FAF-4900-AC9C-A80D2858FBB9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
    FirewallRules: [TCP Query User{4C8F56B2-DEAB-4CD4-B08F-2D3A09883B77}D:\starcraft ii\versions\base28667\sc2.exe] => (Allow) D:\starcraft ii\versions\base28667\sc2.exe
    FirewallRules: [UDP Query User{1B057E48-9F93-41D1-9F40-226CA4C98F18}D:\starcraft ii\versions\base28667\sc2.exe] => (Allow) D:\starcraft ii\versions\base28667\sc2.exe
    FirewallRules: [{ABBD466A-F93B-4DB2-94D2-1E4B1F36B409}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
    FirewallRules: [{AC31B4E2-58DC-4728-8906-70BB168C41B3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
    FirewallRules: [{0CAA0B4E-FD64-43D9-8781-EDC955FC86A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
    FirewallRules: [{9DDACEB5-C214-4A13-9D6D-3970DC76BD2C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
    FirewallRules: [{242E647D-F5F2-49B0-AEEE-E9BA8CF32FA8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
    FirewallRules: [{55655955-4446-4A0B-B534-33D554F6AA6A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
    FirewallRules: [{078223E3-D47A-4FAF-B9F8-77C64960323C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
    FirewallRules: [{8E45046C-3E65-4488-B1A6-FDA1B4A4D762}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
    FirewallRules: [{0BA5E194-D55C-4A15-A958-FA65A5E5B421}] => (Allow) D:\Steam\bin\steamwebhelper.exe
    FirewallRules: [{3342D768-5FA2-4748-BA80-8ED87C68E61D}] => (Allow) D:\Steam\bin\steamwebhelper.exe
    FirewallRules: [{880E93AC-5799-4628-8934-E746374FA1F9}] => (Allow) D:\SPSSv20\stats.com
    FirewallRules: [{13643EE4-5986-49A0-8B36-89CFDE33A7A1}] => (Allow) D:\SPSSv20\WinWrapIDE.exe
    FirewallRules: [{0DA66D41-2344-441D-88E7-2101D086AE2F}] => (Allow) D:\SPSSv20\stats.exe
    FirewallRules: [{7613D2AA-4F33-4006-A101-B2D8D4F7B25E}] => (Allow) D:\SPSSv20\stats.com
    FirewallRules: [{97C59F14-505E-4D9C-AA8A-0441418B6E70}] => (Allow) D:\SPSSv20\WinWrapIDE.exe
    FirewallRules: [{98B4F909-2580-4D58-874A-82FEBC0B3723}] => (Allow) D:\SPSSv20\stats.exe
    FirewallRules: [TCP Query User{13DF6C0B-9F95-4E9B-A4CB-9060756E4907}D:\spssv20\jre\bin\javaw.exe] => (Allow) D:\spssv20\jre\bin\javaw.exe
    FirewallRules: [UDP Query User{C4146805-CC22-4CB4-8C6B-21A069988034}D:\spssv20\jre\bin\javaw.exe] => (Allow) D:\spssv20\jre\bin\javaw.exe
    FirewallRules: [{1A8FB125-E062-4C1B-9222-132C695C82D3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{86B8B13C-2C03-48C3-B91B-408D26EDC5D1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{572B0DB6-2309-4D8C-9695-C7A7F5D969CC}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [{FF2CD405-D0F9-47DC-9645-C7D76B41FE5C}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
    FirewallRules: [TCP Query User{31619507-37D7-4125-8600-A4E68764414A}D:\heroes of the storm\versions\base32524\heroesofthestorm.exe] => (Allow) D:\heroes of the storm\versions\base32524\heroesofthestorm.exe
    FirewallRules: [UDP Query User{3E4396D5-39DE-4327-B532-415E2AA18552}D:\heroes of the storm\versions\base32524\heroesofthestorm.exe] => (Allow) D:\heroes of the storm\versions\base32524\heroesofthestorm.exe
    FirewallRules: [{AB02221B-7830-4A52-9E8F-E9CBBF8D0FAB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{30710694-1A98-4FC1-B3EE-45462089F4B2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{F70FA21A-CB7B-443A-B80E-351D79DCD4F6}] => (Allow) D:\Teamviewer\TeamViewer.exe
    FirewallRules: [{2184DF54-9436-468B-AE22-2863B2B795EA}] => (Allow) D:\Teamviewer\TeamViewer.exe
    FirewallRules: [{2096F03F-9FE4-441A-8F93-B43EAF0BE38B}] => (Allow) D:\Teamviewer\TeamViewer_Service.exe
    FirewallRules: [{1EC0443E-EB61-490F-A0CA-802D175A64E9}] => (Allow) D:\Teamviewer\TeamViewer_Service.exe
    FirewallRules: [{3196F5A0-BE5A-4477-8F42-587AD2A6AC61}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
    FirewallRules: [{8A57ACBC-EF51-481A-88CA-6A0EE6F4A118}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
    FirewallRules: [{31FFD30A-AE8A-49A9-8B03-B439DA19454F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{D1C866ED-4C9F-4DE5-8319-00FED628B5BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{81766993-B737-4668-AEA5-5AED2C753F48}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
    FirewallRules: [{5AEF10AC-9F8F-498D-BEBB-A4CC76F1FB65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
    FirewallRules: [{027461BD-3692-4D83-B383-ACED883F5C53}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{8634CCD7-93E8-4A9F-9270-B5D951B306AD}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{506E1D63-7F23-4AC6-A08B-3C729297A16B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
    FirewallRules: [{FB773CFD-35B8-4751-B8A2-906502C98FDB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
    FirewallRules: [{A00DBC9A-A3E9-4529-83C6-E962E4AC4649}] => (Allow) D:\Steam\SteamApps\common\Transformice\Transformice.exe
    FirewallRules: [{32CF1278-E697-4BB3-9654-730AAF63166A}] => (Allow) D:\Steam\SteamApps\common\Transformice\Transformice.exe
    FirewallRules: [{EAC54EDC-42A5-486B-92BD-0D223C768FB2}] => (Allow) D:\Steam\SteamApps\common\GearUp\bin\Traktor.Amalgam.App.exe
    FirewallRules: [{E3B1507D-4DD5-4B8D-A169-3840B5A70515}] => (Allow) D:\Steam\SteamApps\common\GearUp\bin\Traktor.Amalgam.App.exe
    FirewallRules: [{CB01132B-6F54-4068-9344-EF19B3E1EA88}] => (Allow) D:\Steam\SteamApps\common\Robocraft\Robocraft.exe
    FirewallRules: [{0F713A14-E615-4E68-B69D-19C3CC4A629E}] => (Allow) D:\Steam\SteamApps\common\Robocraft\Robocraft.exe
    FirewallRules: [{AB3FFD04-6928-4AF1-AE1D-134B3358260B}] => (Allow) D:\StarCraft II\StarCraft II.exe
    FirewallRules: [{26998DD3-7AB1-42C9-9971-17BB623EA2F2}] => (Allow) D:\StarCraft II\StarCraft II.exe
    FirewallRules: [{AC1A1136-137E-459A-8341-8D9606F0C59B}] => (Allow) D:\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
    FirewallRules: [{822352DA-B920-4113-9B25-70951C58B3DA}] => (Allow) D:\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
    FirewallRules: [{12A4B308-83B6-45AA-86F4-9A50A101B419}] => (Allow) D:\Steam\SteamApps\common\Cryptic Studios\Neverwinter.exe
    FirewallRules: [{4720E5D9-550B-4E1F-A87A-99FEBC983512}] => (Allow) D:\Steam\SteamApps\common\Cryptic Studios\Neverwinter.exe
    FirewallRules: [{C1BA5FD4-DB99-44E3-904D-6E19D0F3EA72}] => (Allow) D:\Steam\SteamApps\common\Dawn of Fantasy\Dof.exe
    FirewallRules: [{DDF947DB-991B-4CA3-82E6-1302D0B16CC7}] => (Allow) D:\Steam\SteamApps\common\Dawn of Fantasy\Dof.exe
    FirewallRules: [{5BC4B26C-DE10-41C1-9809-40531E7B1880}] => (Allow) D:\Steam\SteamApps\common\Dawn of Fantasy\dof_options.exe
    FirewallRules: [{FB06EE7A-9F1E-4AA3-A071-0986DD08AC5E}] => (Allow) D:\Steam\SteamApps\common\Dawn of Fantasy\dof_options.exe
    FirewallRules: [{7C76F2E4-9A7F-4C80-9380-ADE2AA293B09}] => (Allow) D:\Steam\SteamApps\common\Dawn of Fantasy\Editor.exe
    FirewallRules: [{A94AC120-3CD4-494F-9BBA-5F7FF967E2AF}] => (Allow) D:\Steam\SteamApps\common\Dawn of Fantasy\Editor.exe
    FirewallRules: [{6E0BB6D6-1CFA-49B1-879D-104620EEDBB4}] => (Allow) D:\Steam\SteamApps\common\Tribes\Binaries\Win32\HirezBridge.exe
    FirewallRules: [{57BE7863-963A-4746-97E5-F0796F89AFF4}] => (Allow) D:\Steam\SteamApps\common\Tribes\Binaries\Win32\HirezBridge.exe
    FirewallRules: [{ECF5E19B-2277-41DE-8964-86745575BC1E}] => (Allow) D:\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
    FirewallRules: [{EB61660B-30EE-42EF-81D5-9F2C3C424B48}] => (Allow) D:\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
    FirewallRules: [{576C2C3F-A1EC-4E2D-A96B-B67EC1F4FD50}] => (Allow) D:\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
    FirewallRules: [{BFB20AE9-F186-4B1B-8BD3-89D2C4AC09C2}] => (Allow) D:\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
    FirewallRules: [{81FB2BEE-4D18-4EFA-848B-1C19EBCAF37D}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
    FirewallRules: [{FFC9806A-AC02-4575-BC58-FE74169BFF52}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
    FirewallRules: [{B4FC640F-C511-404E-BEA4-A70F259DB333}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
    FirewallRules: [{3E213AED-CBAB-451D-AC87-A9C020C0652E}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
    FirewallRules: [{89176DD8-EEF5-4517-9E24-AD12A906C07B}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
    FirewallRules: [{DE657D76-8D02-4479-856F-9293609D9E3C}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
    FirewallRules: [{4A618A3E-18F7-456E-B49B-C3F60921A415}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
    FirewallRules: [{F2930CCC-9D8E-444B-B758-E6DFB3CC5FFA}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
    FirewallRules: [{1D806487-F095-4214-B667-856B29284002}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
    FirewallRules: [{80E02DEA-9994-4334-A3BA-19D7BAA91F46}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
    FirewallRules: [{1E4641DD-79C0-47E5-BCDB-5B5CA5CA3A6F}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
    FirewallRules: [{01517821-8B7F-49DC-8C09-E0466429DBD7}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
    FirewallRules: [{410D3636-2354-457D-9493-AD1680DDABB3}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
    FirewallRules: [{F7BBB84B-F8F9-41CE-B727-653CAE033B18}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
    FirewallRules: [{D889FDD8-3489-4F22-B948-6BC68506496C}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
    FirewallRules: [{ACE60DE2-FF3F-44C8-B191-3665D887256C}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
    FirewallRules: [{2F1DCAB0-026B-48FA-8492-24DD7D8CD202}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
    FirewallRules: [{F5B22798-D843-4163-BE8D-A5BC57812168}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
    FirewallRules: [{B4768B0B-55BD-43AA-964B-7549F715B1F6}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
    FirewallRules: [{371B409B-8951-44C3-801F-1519E57EDC5E}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
    FirewallRules: [{602D4EAC-CDC9-4C85-A77F-9F13D567C455}] => (Allow) D:\War Thunder\WarThunder\launcher.exe
    FirewallRules: [{34E3AB9E-CA15-433C-B7AC-531B5D0F09AD}] => (Allow) D:\War Thunder\WarThunder\launcher.exe
    FirewallRules: [{DE73C143-EA4E-4131-AB65-81347DAC1D82}] => (Allow) D:\War Thunder\WarThunder\bpreport.exe
    FirewallRules: [{F559AAAC-609E-44EE-B710-A6FF13F93CEF}] => (Allow) D:\War Thunder\WarThunder\bpreport.exe
    FirewallRules: [{8B898A11-3A4F-4B02-B661-D5291ABD9EC3}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
    FirewallRules: [{6EBC1F2D-C4E1-4A9C-80B7-DFE8E2E93B6C}] => (Allow) LPort=5357
    FirewallRules: [{DBCF1010-1257-4228-B587-523039C4375D}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
    FirewallRules: [{7FE091C7-6D25-4A94-BE4B-873DE6206C49}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{6B463128-CE54-43F3-A6B7-793AC6014806}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{BD7C8F8C-8A0F-4242-91E4-7EAF1A87999F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
    FirewallRules: [{725C300A-7608-404D-96A1-F6DCFF311B87}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
    FirewallRules: [{29D8F059-06FE-461B-91D8-CDA06D20D288}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
    FirewallRules: [{02168E8E-6E1D-4D08-B2A8-06C9C760FC9A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
    FirewallRules: [{A62D08CA-063C-4FAA-9FC0-5CCE01D69525}] => (Allow) C:\Program Files (x86)\PLC\dlanwlancfg\dlanwlancfg.exe
    FirewallRules: [TCP Query User{8E673F5E-1D8E-456F-BF99-8C3CEA068AE1}C:\program files (x86)\speedlink gaming mouse\gaming mouse.exe] => (Allow) C:\program files (x86)\speedlink gaming mouse\gaming mouse.exe
    FirewallRules: [UDP Query User{C274F0FF-FE2B-4C7A-B483-D7B80448C2CD}C:\program files (x86)\speedlink gaming mouse\gaming mouse.exe] => (Allow) C:\program files (x86)\speedlink gaming mouse\gaming mouse.exe
    FirewallRules: [{0FD0B41A-2029-4FD5-B566-4CD11EBB0F22}] => (Allow) D:\Steam\SteamApps\common\Unturned\Unturned.exe
    FirewallRules: [{B26CC9C6-260A-40B6-833E-105FBDA6F155}] => (Allow) D:\Steam\SteamApps\common\Unturned\Unturned.exe
    FirewallRules: [{8A9BB1A8-7B33-407A-83FA-B27210A0F2C0}] => (Allow) D:\Steam\SteamApps\common\Creativerse\Creativerse.exe
    FirewallRules: [{8B0D37E7-02C0-426B-A7BB-778A480692B0}] => (Allow) D:\Steam\SteamApps\common\Creativerse\Creativerse.exe
    FirewallRules: [{DDAB0F0B-C10D-4597-933B-267E74E03F12}] => (Allow) D:\Steam\SteamApps\common\Dungeon Defenders 2\DunDefLauncher.exe
    FirewallRules: [{F85A9A6E-DC31-4CE4-8C76-AE9E59C4BE20}] => (Allow) D:\Steam\SteamApps\common\Dungeon Defenders 2\DunDefLauncher.exe
    FirewallRules: [{CBECA9D1-9462-4E45-85A3-7FDDCADF9605}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{63665025-B45A-416C-B06B-C2368ABC089C}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{9AA2B242-581D-44A7-AEDB-B1C1F64851A3}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{E6A2CC75-CFDE-4310-A5E5-22442AFC42DD}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{62E8BEF6-D743-4652-844A-289A006EE106}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
    FirewallRules: [{AD59A93D-DC60-4838-AC1B-49208F55222C}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
    FirewallRules: [{19924C70-CFCD-41A1-85A4-621306526B9A}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{457AEFC1-1062-486C-A53C-B786091A8913}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{16F80790-347E-41CE-86F4-D79E2DFF0329}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
    FirewallRules: [{93A3108C-F21E-4A6E-8F26-127773DDF856}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
    FirewallRules: [{A5F1DA9D-6E40-41AF-BA31-B5DB4DDEC775}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
    FirewallRules: [{FC166EEE-7031-473C-B570-BD5D4910B131}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
    FirewallRules: [TCP Query User{4D8DCCBE-2E3C-43E1-82DF-BCE4F0259B0F}D:\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base39576\sc2_x64.exe
    FirewallRules: [UDP Query User{CEB11D74-A1AD-4BF6-894B-BFCE2F81BC94}D:\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base39576\sc2_x64.exe
    FirewallRules: [TCP Query User{57CE2250-F1D7-4B0A-B297-6BFB8DD29620}D:\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
    FirewallRules: [UDP Query User{CB106CC7-5199-4076-B389-7D97D885D268}D:\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
     
    ==================== Restore Points =========================
     
    13-03-2016 22:23:42 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
    13-03-2016 22:24:08 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
    13-03-2016 22:25:12 Device Driver Package Install: Advanced Micro Devices, Inc. Display adapters
    15-03-2016 17:36:54 Installed Realtek Ethernet Controller Driver
    15-03-2016 19:11:05 Installed Realtek Ethernet Controller Driver
    15-03-2016 19:16:26 Removed Realtek Ethernet Controller Driver
    15-03-2016 19:17:21 Installed Realtek Ethernet Controller Driver
    15-03-2016 19:17:38 Installed Realtek Ethernet Controller Driver
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
     
    System errors:
    =============
    Error: (03/15/2016 07:29:18 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
    Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
     
    Error: (03/15/2016 07:27:31 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
    Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
     
    Error: (03/15/2016 07:27:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load: 
    JSWPSLWF
     
    Error: (03/15/2016 07:25:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load: 
    JSWPSLWF
     
    Error: (03/15/2016 07:15:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load: 
    JSWPSLWF
     
    Error: (03/15/2016 05:46:48 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
    Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
     
    Error: (03/15/2016 05:39:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load: 
    JSWPSLWF
     
    Error: (03/15/2016 12:41:21 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
    Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
     
    Error: (03/15/2016 12:14:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load: 
    JSWPSLWF
     
    Error: (03/15/2016 12:14:51 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
    Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
     
     
    CodeIntegrity:
    ===================================
      Date: 2016-03-15 19:26:49.439
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-03-15 19:26:49.392
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-03-15 19:24:18.702
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-03-15 19:24:18.655
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-03-15 19:14:27.280
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-03-15 19:14:27.234
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-03-15 17:39:03.468
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-03-15 17:39:03.405
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-03-15 12:13:57.904
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-03-15 12:13:57.857
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™ i3-3240 CPU @ 3.40GHz
    Percentage of memory in use: 31%
    Total physical RAM: 8076.95 MB
    Available physical RAM: 5568.86 MB
    Total Virtual: 16152.11 MB
    Available Virtual: 13152.25 MB
     
    ==================== Drives ================================
     
    Drive c: () (Fixed) (Total:464.84 GB) (Free:363.74 GB) NTFS
    Drive d: () (Fixed) (Total:466.57 GB) (Free:222.17 GB) NTFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A29DB488)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=466.6 GB) - (Type=07 NTFS)
     
    ==================== End of Addition.txt ============================
     

    Attached Files


    • 0






    Similar Topics


    Also tagged with one or more of these keywords: AdapterNetwork, Drivers, Windows7, Local Area Connection

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP