FRST Results.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by User (administrator) on USER-PC (15-03-2016 20:48:03)
Running from C:\Users\User\Desktop\FRST64
Loaded Profiles: User (Available Profiles: User & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(TeamViewer GmbH) D:\Teamviewer\TeamViewer_Service.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avpui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13516360 2013-04-02] (Realtek Semiconductor)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-14] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [jswtrayutil] => "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-03] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2016-01-28] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => No File
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk [2016-01-30]
ShortcutTarget: NETGEAR WNA1100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 2540 series.lnk [2016-03-15]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicyScripts: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{57C84DA3-60F6-4DE1-9A32-2A9681C5337B}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2278087175-315393774-4205556306-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2278087175-315393774-4205556306-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://at.search.yahoo.com/?type=903578&fr=spigot-yhp-ie
SearchScopes: HKU\S-1-5-21-2278087175-315393774-4205556306-1000 -> DefaultScope {9E03EC2F-2194-4BC8-9698-27993060BD56} URL = hxxps://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2278087175-315393774-4205556306-1000 -> {9E03EC2F-2194-4BC8-9698-27993060BD56} URL = hxxps://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-03-14] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-03-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-14] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2016-03-14] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-06] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2016-03-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-14] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-06] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-2278087175-315393774-4205556306-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-2278087175-315393774-4205556306-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-04-27] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5gsjqgb1.default-1446418166396
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2014-05-19] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-03-19] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-03-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2278087175-315393774-4205556306-1000: @hola.org/FlashPlayer -> C:\Users\User\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-02-17] ()
FF Plugin HKU\S-1-5-21-2278087175-315393774-4205556306-1000: @hola.org/vlc -> C:\Users\User\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-02-17] (Hola)
FF Plugin HKU\S-1-5-21-2278087175-315393774-4205556306-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5gsjqgb1.default-1446418166396\user.js [2015-11-01]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5gsjqgb1.default-1446418166396\extensions\
[email protected] [2015-11-02]
FF Extension: NoScript - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5gsjqgb1.default-1446418166396\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-12]
FF Extension: Ghostery - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5gsjqgb1.default-1446418166396\Extensions\
[email protected] [2016-03-10]
FF Extension: Hola Better Internet - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5gsjqgb1.default-1446418166396\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2016-02-17]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5gsjqgb1.default-1446418166396\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2015-12-22]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2828016 2016-02-09] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2015-02-11] (EasyAntiCheat Ltd)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [803856 2016-01-28] (Garmin Ltd. or its subsidiaries)
R2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319096 2016-01-13] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-14] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 TeamViewer; D:\Teamviewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [297440 2011-07-28] ()
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-27] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
R1 JSWPSLWF; C:\Windows\System32\DRIVERS\jswpslwfx.sys [26624 2008-05-15] (Atheros Communications, Inc.) [File not signed]
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [237448 2015-12-19] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [178872 2016-03-15] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [998280 2015-12-11] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-03-11] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [112520 2015-12-03] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
S3 athur; system32\DRIVERS\athurx.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-15 20:47 - 2016-03-15 20:48 - 00000000 ____D C:\Users\User\Desktop\FRST64
2016-03-15 20:46 - 2016-03-15 20:48 - 00000000 ____D C:\FRST
2016-03-15 19:17 - 2011-08-23 20:57 - 00565352 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2016-03-15 19:17 - 2011-08-23 20:57 - 00074272 _____ C:\Windows\system32\RtNicProp64.dll
2016-03-15 19:10 - 2016-03-15 19:10 - 00000000 ____D C:\Users\User\Desktop\Driver
2016-03-15 12:34 - 2016-03-15 18:48 - 00137926 _____ C:\Users\Public\Documents\SIGVERIF.TXT
2016-03-14 18:43 - 2016-03-14 18:48 - 00006391 _____ C:\VEW.txt
2016-03-14 18:33 - 2016-03-14 16:53 - 00061440 _____ ( ) C:\Users\User\Desktop\VEW.exe
2016-03-14 13:43 - 2016-03-14 13:43 - 00000000 ____D C:\Users\User\AppData\Local\Intel_Corporation
2016-03-13 22:40 - 2016-03-13 22:40 - 00072338 _____ C:\Windows\system32\log.xml
2016-03-13 22:40 - 2016-03-13 22:40 - 00000000 ____D C:\ProgramData\ATI
2016-03-13 22:37 - 2016-03-13 22:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_INETMON_01011.Wdf
2016-03-13 22:37 - 2014-05-27 11:21 - 00025800 _____ C:\Windows\system32\Drivers\INETMON.sys
2016-03-13 22:34 - 2016-03-13 22:34 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-03-13 22:34 - 2016-03-13 22:34 - 00000000 ____D C:\Program Files\Realtek
2016-03-13 22:34 - 2013-04-03 19:19 - 03382984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-03-13 22:34 - 2013-04-01 13:54 - 03180912 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-03-13 22:34 - 2013-03-26 17:06 - 02797128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-03-13 22:34 - 2013-03-26 14:38 - 01659464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-03-13 22:34 - 2013-03-20 13:16 - 02102040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2016-03-13 22:34 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-03-13 22:34 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-03-13 22:34 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-03-13 22:34 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-03-13 22:34 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-03-13 22:34 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-03-13 22:34 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-03-13 22:33 - 2013-04-03 22:02 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-03-13 22:33 - 2013-04-03 16:56 - 00449509 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-03-13 22:33 - 2013-03-27 16:57 - 00135240 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-03-13 22:33 - 2013-03-26 17:04 - 02734624 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-03-13 22:33 - 2013-03-26 15:40 - 03693128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2016-03-13 22:33 - 2013-03-23 03:43 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-03-13 22:33 - 2013-03-20 13:16 - 00910104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-03-13 22:33 - 2013-02-28 13:10 - 02032408 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-03-13 22:33 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-03-13 22:33 - 2013-02-19 18:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-03-13 22:33 - 2013-01-11 16:27 - 00628504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2016-03-13 22:33 - 2013-01-11 16:27 - 00563992 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2016-03-13 22:33 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-03-13 22:33 - 2012-06-08 16:23 - 00083072 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2016-03-13 22:33 - 2012-06-08 16:21 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2016-03-13 22:33 - 2012-06-08 16:21 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2016-03-13 22:33 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-03-13 22:33 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-03-13 22:33 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-03-13 22:33 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-03-13 22:33 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-03-13 22:33 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-03-13 22:33 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-03-13 22:33 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-03-13 22:33 - 2009-11-18 07:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2016-03-13 22:27 - 2016-03-13 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-03-13 22:22 - 2016-03-13 22:22 - 00003176 _____ C:\Windows\System32\Tasks\{90EC5867-59BF-4FE7-BD45-1451449C0A69}
2016-03-13 22:19 - 2016-03-13 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2016-03-13 22:18 - 2016-03-13 22:27 - 00000000 ____D C:\Program Files (x86)\AMD
2016-03-13 22:15 - 2016-03-13 22:15 - 00003172 _____ C:\Windows\System32\Tasks\{08D6EE61-D8EE-4B26-890C-B0E61292495D}
2016-03-13 22:11 - 2016-03-13 22:18 - 00000000 ____D C:\SWSETUP
2016-03-13 22:09 - 2016-03-13 22:09 - 00001536 _____ C:\Windows\SysWOW64\RtkMsgs.dll
2016-03-13 22:09 - 2016-03-13 22:09 - 00000000 ____D C:\Dell
2016-03-13 16:01 - 2016-03-13 16:01 - 00000000 ____D C:\Users\User\AppData\Roaming\driveridentifier
2016-03-13 15:16 - 2016-03-15 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2016-03-12 18:47 - 2016-03-12 18:47 - 00000207 _____ C:\Windows\tweaking.com-regbackup-USER-PC-Windows-7-Ultimate-(64-bit).dat
2016-03-12 18:47 - 2016-03-12 18:47 - 00000000 ____D C:\RegBackup
2016-03-11 20:34 - 2016-03-11 20:33 - 07179399 _____ C:\Users\User\Desktop\Bock_Duden_Arbeit aus Liebe - Liebe als Arbeit 1977.pdf
2016-03-11 20:34 - 2016-03-11 20:20 - 08977556 _____ C:\Users\User\Desktop\Aulenbacher-Riegraf_Markteffizienz und Ungleichheit – Zwei Seiten einer Medaille_ KlasseSchicht, Geschlecht und Ethnie im Uebergang zur postfordistischen Arbeitsgesellschaft_2009.pdf
2016-03-11 20:34 - 2016-03-11 20:17 - 00070966 _____ C:\Users\User\Desktop\sandner.pdf
2016-03-11 16:21 - 2016-03-11 16:22 - 00114748 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2016-03-11 16:21 - 2016-03-11 16:21 - 20151816 _____ (Tweaking.com) C:\Users\User\Downloads\tweaking.com_windows_repair_aio_setup.exe
2016-03-11 15:58 - 2011-08-23 20:57 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2016-03-06 00:23 - 2016-03-06 00:23 - 00228660 _____ C:\Users\User\Downloads\Diamond Gear Repair Guide - Reddit.xlsx
2016-03-06 00:23 - 2016-03-06 00:23 - 00030394 _____ C:\Users\User\Desktop\Diamond Gear Repair Guide - Reddit Diamond Pickaxe OR Shovel.pdf
2016-03-05 18:35 - 2016-03-05 18:36 - 00228660 ____R C:\Users\User\Desktop\Diamond Gear Repair Guide - Reddit.xlsx
2016-02-20 19:32 - 2016-02-28 20:07 - 00000232 _____ C:\Users\User\Desktop\MC.txt
2016-02-20 18:36 - 2016-03-11 18:34 - 00000000 ____D C:\Users\User\AppData\Roaming\.minecraft
2016-02-20 15:53 - 2016-02-20 15:53 - 00093003 _____ C:\Users\User\Desktop\Mineshafter-launcher.jar
2016-02-17 11:34 - 2016-03-11 15:52 - 00000000 ____D C:\Users\User\AppData\Roaming\Hola
2016-02-17 11:34 - 2016-02-17 11:34 - 00000000 ____D C:\Users\User\AppData\Local\Hola
2016-02-17 11:34 - 2016-02-17 11:34 - 00000000 ____D C:\Program Files\Hola
2016-02-17 11:33 - 2016-02-17 11:33 - 00665984 _____ (Hola Networks Ltd.) C:\Users\User\Downloads\Hola-Setup.exe
2016-02-14 15:33 - 2016-03-13 23:21 - 00000000 ____D C:\Users\User\Desktop\Battlenet ID
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-15 20:46 - 2009-07-14 05:45 - 00022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-15 20:46 - 2009-07-14 05:45 - 00022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-15 20:28 - 2014-02-06 19:42 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-15 19:29 - 2015-05-02 23:58 - 00000000 __SHD C:\Users\User\IntelGraphicsProfiles
2016-03-15 19:29 - 2015-02-04 17:52 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-03-15 19:28 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-15 19:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-15 19:17 - 2013-12-30 09:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-03-15 19:17 - 2013-12-30 09:29 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-03-15 17:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-03-15 12:35 - 2015-09-29 01:22 - 00000000 ____D C:\Program Files (x86)\TweakBit
2016-03-15 12:24 - 2009-07-14 03:34 - 00000502 _____ C:\Windows\win.ini
2016-03-14 22:20 - 2014-03-06 14:32 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-14 22:19 - 2014-03-06 14:28 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-03-14 20:50 - 2014-01-08 17:35 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2016-03-14 18:42 - 2013-12-30 09:31 - 00112088 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-14 18:41 - 2009-07-14 05:45 - 00428648 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-13 22:41 - 2014-10-31 16:08 - 00678180 _____ C:\Windows\system32\perfh007.dat
2016-03-13 22:41 - 2014-10-31 16:08 - 00143204 _____ C:\Windows\system32\perfc007.dat
2016-03-13 22:41 - 2009-07-14 06:13 - 01603002 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-13 22:35 - 2013-12-30 09:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-03-13 22:35 - 2013-12-30 09:29 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-03-13 22:34 - 2013-12-30 09:31 - 00000000 ____D C:\Program Files\Intel
2016-03-13 22:32 - 2015-05-02 23:58 - 00000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-03-13 22:26 - 2013-12-30 09:49 - 00000000 ____D C:\Program Files\ATI Technologies
2016-03-13 22:24 - 2014-01-09 20:49 - 00000000 ____D C:\Program Files\AMD
2016-03-13 22:24 - 2014-01-09 20:43 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-13 22:22 - 2014-01-09 20:41 - 00000000 ____D C:\AMD
2016-03-13 22:21 - 2015-05-02 23:56 - 00000700 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2016-03-13 22:19 - 2013-12-30 09:50 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-03-13 20:05 - 2014-01-08 17:33 - 00671068 _____ C:\Windows\ntbtlog.txt
2016-03-13 20:05 - 2011-04-12 09:28 - 00000000 ____D C:\Windows\CSC
2016-03-13 15:16 - 2015-09-29 01:22 - 00000000 ____D C:\ProgramData\TweakBit
2016-03-13 14:59 - 2009-07-14 06:08 - 00032614 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-12 23:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-03-12 21:44 - 2014-11-05 02:46 - 00000000 ____D C:\Users\Тест
2016-03-12 21:44 - 2014-05-01 14:37 - 00000000 ____D C:\Users\Guest
2016-03-12 21:15 - 2014-01-18 20:12 - 00000000 ____D C:\Program Files\OBS
2016-03-12 21:01 - 2014-12-10 03:10 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-12 21:01 - 2014-05-06 15:55 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-03-12 20:23 - 2009-07-14 03:34 - 00000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_574
2016-03-12 19:15 - 2009-07-14 03:34 - 00000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_172
2016-03-11 22:35 - 2014-01-08 17:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2016-03-11 18:28 - 2014-02-06 19:42 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-11 18:28 - 2014-02-06 19:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-11 18:28 - 2014-02-06 19:42 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-11 16:44 - 2014-01-08 00:40 - 00000000 ____D C:\Windows\system32\MRT
2016-03-11 16:39 - 2014-01-08 00:40 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-11 16:20 - 2015-12-01 10:59 - 00050776 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2016-03-11 16:03 - 2015-06-09 20:16 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-11 15:40 - 2016-01-16 21:38 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-03-11 15:40 - 2014-02-06 19:41 - 00000000 ____D C:\Windows\system32\Macromed
2016-03-11 15:40 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-03-11 15:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-03-11 15:37 - 2014-01-08 17:12 - 00000000 ____D C:\ProgramData\Skype
2016-03-11 15:30 - 2011-04-12 09:28 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-03-08 01:07 - 2013-12-30 13:03 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
2016-03-02 20:11 - 2014-01-07 21:31 - 00000000 ____D C:\temp
2016-02-20 01:59 - 2016-01-31 19:17 - 00000000 ____D C:\Users\User\AppData\Local\Battle.net
2016-02-18 18:14 - 2014-01-09 00:05 - 00000000 ____D C:\ProgramData\Battle.net
2016-02-18 18:14 - 2014-01-08 10:23 - 00000000 ____D C:\Users\User\AppData\Roaming\Battle.net
2016-02-14 01:59 - 2013-12-30 09:36 - 01585718 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
==================== Files in the root of some directories =======
2014-11-10 23:10 - 2014-11-10 23:10 - 0001181 _____ () C:\Users\User\AppData\Roaming\trace_FilterInstaller.1.txt
2014-11-10 23:10 - 2014-11-30 00:31 - 0000919 _____ () C:\Users\User\AppData\Roaming\trace_FilterInstaller.txt
2014-11-10 23:10 - 2014-11-30 00:31 - 0000000 _____ () C:\Users\User\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2016-01-23 22:51 - 2016-02-11 12:12 - 0007606 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2013-12-30 09:37 - 2013-12-30 09:37 - 0000003 _____ () C:\Users\User\AppData\Local\user_data.ini
2015-10-08 11:35 - 2015-10-08 11:35 - 0000057 _____ () C:\ProgramData\Ament.ini
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-09 11:56
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by User (2016-03-15 20:48:33)
Running from C:\Users\User\Desktop\FRST64
Windows 7 Ultimate Service Pack 1 (X64) (2013-12-30 08:17:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2278087175-315393774-4205556306-500 - Administrator - Disabled)
Guest (S-1-5-21-2278087175-315393774-4205556306-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-2278087175-315393774-4205556306-1004 - Limited - Enabled)
User (S-1-5-21-2278087175-315393774-4205556306-1000 - Administrator - Enabled) => C:\Users\User
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
A1 Powerline Adapter (HKLM-x32\...\dlanwlancfg) (Version: 3.0.0.0 - PLC)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version: - Hyper Hippo Games)
AMD Catalyst Install Manager (HKLM\...\{0FC66755-FB35-2CBD-C838-70B4984C2C67}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Creativerse (HKLM-x32\...\Steam App 280790) (Version: - Playful Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dota 2 Workshop Tools Alpha (HKLM-x32\...\Steam App 316570) (Version: - )
Dungeon Defenders II (HKLM-x32\...\Steam App 236110) (Version: - Trendy Entertainment)
Elevated Installer (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Garmin Express (HKLM-x32\...\{0733d53f-b41d-47cc-b336-d95751c4b2cb}) (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
Gear Up (HKLM-x32\...\Steam App 214420) (Version: - Doctor Entertainment AB)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IBM SPSS Statistics 20 (HKLM-x32\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
Intel® Chipset Device Software (x32 Version: 10.1.1.13 - Intel® Corporation) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{A22FA2CB-294A-495C-B784-79981E0BD6F5}) (Version: 5.0.10.2861 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
Kingdom Wars (HKLM-x32\...\Steam App 227180) (Version: - Reverie World Studios, INC)
Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4805.1003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 44.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-GB)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 en-GB)) (Version: 24.6.0 - Mozilla)
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version: - Cryptic Studios)
OEM Application Profile (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
PRIME Z-DW Gaming Mouse (HKLM-x32\...\PRIME Gaming Mouse) (Version: 1.0 - SPEEDLINK)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6876 - Realtek Semiconductor Corp.)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version: - Trion Worlds)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Settings Manager (HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\Settings Manager) (Version: 21.4.0.1 - Spigot, Inc.) <==== ATTENTION
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Snow Sakura (HKLM-x32\...\Snow Sakura) (Version: - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.7.0.9 - GOG.com)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version: - Ubisoft Montreal)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore)
Transformice (HKLM-x32\...\Steam App 335240) (Version: - Atelier 801)
Tribes: Ascend (HKLM-x32\...\Steam App 17080) (Version: - Hi-Rez Studios)
TwitchAlerts (HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\fb3f6ca9b67f53a3) (Version: 1.0.0.8 - TwitchAlerts)
Unity Web Player (HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
War Thunder Launcher 1.0.1.542 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 5.21 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.1 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warplanes (HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813eu}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2278087175-315393774-4205556306-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {10C8072C-5429-454C-8B52-A072AE9DABE9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {1EA493D9-9F24-4B1A-B947-40AF5936EAD5} - System32\Tasks\{90EC5867-59BF-4FE7-BD45-1451449C0A69} => pcalua.exe -a "C:\Users\User\Desktop\Novi Driveri\win64_153342.exe" -d "C:\Users\User\Desktop\Novi Driveri"
Task: {3B62A958-D36E-4D68-BDAA-3F8DE7E0C56E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11] (Adobe Systems Incorporated)
Task: {4015565D-9D43-4255-9E36-907D5AED6C92} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2015-11-13] (AO Kaspersky Lab)
Task: {660FD778-A06B-4EF1-A489-E3859B780342} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {6C70FB2C-EF68-4A60-87A1-782A989B063C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {775CD278-F74B-4D7B-B4E1-66F4F7B1DEEE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {8A26BDA7-6965-46ED-BA0A-FD35139FAB62} - System32\Tasks\{0F3F4A73-0B4D-4033-9389-4244F58D88AE} => pcalua.exe -a "C:\Program Files (x86)\NETGEAR\WNA1100\Uninstall.exe" -d "C:\Program Files (x86)\NETGEAR\WNA1100"
Task: {906A3458-62FE-47AC-A277-1059B980D973} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-03-14] (Microsoft Corporation)
Task: {9C64BCB3-88B0-4B9A-914C-EFD8902E8686} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {A72EBFE3-5303-4405-AAD0-B8C3A0F37A19} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {B4997671-EEFF-4282-B597-DEC847CE95BA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {C58A51B3-2337-44B8-8162-E341F401468A} - System32\Tasks\{1E0B926D-F26C-44D5-89A8-DDAA1EA94006} => pcalua.exe -a C:\Users\User\AppData\Roaming\.minecraft\Uninstall.exe
Task: {C5BD7536-550E-4D52-9B7F-CA26F8A29D75} - System32\Tasks\{08D6EE61-D8EE-4B26-890C-B0E61292495D} => pcalua.exe -a "C:\Users\User\Desktop\Novi Driveri\sp74100(1).exe" -d "C:\Users\User\Desktop\Novi Driveri"
Task: {CEADE8D9-F509-432D-9262-174810E42DBB} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-01-28] ()
Task: {E21AAC68-F734-4785-9E52-EED72FAEC14E} - System32\Tasks\asrRd => C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-10-28 11:59 - 2015-09-01 17:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2014-03-06 14:28 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-08-14 09:28 - 2014-08-14 09:28 - 00209712 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2014-08-14 09:28 - 2014-08-14 09:28 - 00057648 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2014-08-14 09:28 - 2014-08-14 09:28 - 00037168 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-14 09:28 - 2014-08-14 09:28 - 00057648 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2015-01-07 21:38 - 2011-07-28 17:06 - 08247264 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
2015-01-07 21:38 - 2011-07-28 17:06 - 00297440 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2015-12-22 02:47 - 2015-12-22 02:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\kpcengine.2.3.dll
2015-01-07 21:38 - 2009-08-28 16:50 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvcLib.dll
2015-01-07 21:38 - 2011-07-27 11:53 - 00360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2013-12-30 09:31 - 2012-07-18 06:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2278087175-315393774-4205556306-1000\...\sony.com -> sony.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2016-03-13 20:01 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2278087175-315393774-4205556306-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: hola => C:\Program Files\Hola\app\hola.exe --silent
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "D:\Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: LWS => D:\Logitech Webcam\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: OscarEditor => "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
MSCONFIG\startupreg: PRIME Gaming Mouse => "C:\Program Files (x86)\SPEEDLINK Gaming Mouse\Gaming Mouse.exe" /hide
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{0ACE2391-7261-4788-BA91-67D5144B8ACE}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{94DDE979-E508-49F7-865F-E14BB2833D43}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{96E5D5C1-BF15-4D21-BE0B-0E1523EB5702}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{DB557478-A8BC-487F-A3A7-84E308C651F1}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{202D3F82-E79D-43F3-A426-A4939FDDC3FA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{6BEE9D72-7F1A-4F5B-A6B4-10D8607B2475}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{F6CEE56E-95B8-47AC-A58D-5D3AED6F70C0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{C6E091E9-916E-43F6-8AA9-FE2E72183AB1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{557B388F-0C76-4B6A-A6F2-E85E887947A5}] => (Allow) D:\Battle.net\Battle.net.exe
FirewallRules: [{4D0CF7E9-4495-43B4-9D73-0EB088952B05}] => (Allow) D:\Battle.net\Battle.net.exe
FirewallRules: [{A1DF34E3-5083-42BE-947D-B491091EBC53}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{4AEB95B0-1CB7-41CA-80B8-8FF1B5F69CD0}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{402D9FA7-0D8A-49BB-B6FD-9EE54797E0F3}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{5D82D92C-8607-43C2-9EE8-41AE1B31F49B}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{4DE69CDE-68D7-4790-A6CD-E43FEBCD56C8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2347DF1A-084D-4711-8D66-EADF2D0FD95A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{DF0A83BD-698E-41D7-8454-C8DA0A19586E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [TCP Query User{B50339F5-5DFA-4C1E-9CEF-1366D0C6C439}C:\program files (x86)\media crawler\mediacrawler.exe] => (Allow) C:\program files (x86)\media crawler\mediacrawler.exe
FirewallRules: [UDP Query User{9B2E1E35-5651-4EC7-A6A0-B8BEB47369A7}C:\program files (x86)\media crawler\mediacrawler.exe] => (Allow) C:\program files (x86)\media crawler\mediacrawler.exe
FirewallRules: [{638012C7-0A85-4B84-82AE-B8513114B31F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{C984B089-468F-4AA8-B59D-A76F46C19007}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{C83604B7-E573-4467-9796-BF45D92CB664}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5A4380BA-D2BC-4BB3-BE75-744FA303B944}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2F028CBC-60EB-470E-8BEE-C7B708FDAF9F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{923069C0-85A6-43F4-ACB4-3D5CCBC3AA13}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{91950AA6-7634-44A6-B0D9-80D31E1ADB30}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{4C7377F9-A082-409B-8092-7F11EEF32C8B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{5225E6D3-0D8A-47B5-AEC4-EEDCB09E034E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{216C57E2-81D2-4768-B918-AE6FDD183C71}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{F891E9DD-4ED9-45A4-9501-E76A8FC404E5}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{F1FD281B-0D25-404C-971E-F2B4B1DA08B4}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{806643C4-A32C-471E-8A5A-C135BAB7706B}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{C8E986D2-651D-4B41-923C-35F7655D5F44}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{1450997B-0C4D-4754-BB1F-B5D30E5C4A47}] => (Allow) D:\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{721E9C2F-0AD4-4AC8-BC96-646EB79BC01F}] => (Allow) D:\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{2BAE9DB2-607B-4C7D-8DBB-32FE666E77FC}] => (Allow) D:\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{E7FBB589-98EC-45C3-B036-0C3D42867E86}] => (Allow) D:\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{9D871D06-E969-4088-9DC9-EDC63E0B9C5E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [TCP Query User{88087A4B-6D2D-42ED-9C20-D7DF877B9A4D}D:\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) D:\steam\steamapps\common\planetside 2\planetside2.exe
FirewallRules: [UDP Query User{A64E7E76-2286-4B2B-A5A8-411CE253E6AD}D:\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) D:\steam\steamapps\common\planetside 2\planetside2.exe
FirewallRules: [TCP Query User{19DFEA7B-5C35-485D-8274-92871EFDDAA6}D:\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) D:\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{3C32EFD3-79AD-4D72-A91D-BDC2FCE7387E}D:\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) D:\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [{3E757E4E-D90A-4583-B584-21F8971DB671}] => (Allow) D:\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{91D4BDF7-7ECC-4AE9-A614-812AAE884362}] => (Allow) D:\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{22DB5699-9E2C-436B-899C-DD49F3AC65A1}] => (Allow) D:\Steam\SteamApps\common\RIFT\riftpatchlive.exe
FirewallRules: [{66503966-9E77-488F-94F1-797911225589}] => (Allow) D:\Steam\SteamApps\common\RIFT\riftpatchlive.exe
FirewallRules: [{65F6DC20-93B9-4804-9E68-86EDA442023A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{413B2105-C6F5-4955-AD24-DB731F4B2BBD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{0927C497-A953-492C-AE18-5BE24B181ECF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0AA96537-5365-48E9-AAAE-08131D87E3B3}] => (Allow) LPort=2869
FirewallRules: [{15F16C05-B7C0-4B9D-AD4C-69B681DABB0E}] => (Allow) LPort=1900
FirewallRules: [{EBAE0B13-038D-46E7-A2EA-6EC1DF4AE350}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{C90E294F-1867-429A-A7EA-5AF532BA8446}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{DD998AA6-228A-4609-9EF2-0B4771EE4E61}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{CDEE2BA1-5FAF-4900-AC9C-A80D2858FBB9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [TCP Query User{4C8F56B2-DEAB-4CD4-B08F-2D3A09883B77}D:\starcraft ii\versions\base28667\sc2.exe] => (Allow) D:\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{1B057E48-9F93-41D1-9F40-226CA4C98F18}D:\starcraft ii\versions\base28667\sc2.exe] => (Allow) D:\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{ABBD466A-F93B-4DB2-94D2-1E4B1F36B409}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{AC31B4E2-58DC-4728-8906-70BB168C41B3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{0CAA0B4E-FD64-43D9-8781-EDC955FC86A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{9DDACEB5-C214-4A13-9D6D-3970DC76BD2C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{242E647D-F5F2-49B0-AEEE-E9BA8CF32FA8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{55655955-4446-4A0B-B534-33D554F6AA6A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{078223E3-D47A-4FAF-B9F8-77C64960323C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{8E45046C-3E65-4488-B1A6-FDA1B4A4D762}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{0BA5E194-D55C-4A15-A958-FA65A5E5B421}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{3342D768-5FA2-4748-BA80-8ED87C68E61D}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{880E93AC-5799-4628-8934-E746374FA1F9}] => (Allow) D:\SPSSv20\stats.com
FirewallRules: [{13643EE4-5986-49A0-8B36-89CFDE33A7A1}] => (Allow) D:\SPSSv20\WinWrapIDE.exe
FirewallRules: [{0DA66D41-2344-441D-88E7-2101D086AE2F}] => (Allow) D:\SPSSv20\stats.exe
FirewallRules: [{7613D2AA-4F33-4006-A101-B2D8D4F7B25E}] => (Allow) D:\SPSSv20\stats.com
FirewallRules: [{97C59F14-505E-4D9C-AA8A-0441418B6E70}] => (Allow) D:\SPSSv20\WinWrapIDE.exe
FirewallRules: [{98B4F909-2580-4D58-874A-82FEBC0B3723}] => (Allow) D:\SPSSv20\stats.exe
FirewallRules: [TCP Query User{13DF6C0B-9F95-4E9B-A4CB-9060756E4907}D:\spssv20\jre\bin\javaw.exe] => (Allow) D:\spssv20\jre\bin\javaw.exe
FirewallRules: [UDP Query User{C4146805-CC22-4CB4-8C6B-21A069988034}D:\spssv20\jre\bin\javaw.exe] => (Allow) D:\spssv20\jre\bin\javaw.exe
FirewallRules: [{1A8FB125-E062-4C1B-9222-132C695C82D3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{86B8B13C-2C03-48C3-B91B-408D26EDC5D1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{572B0DB6-2309-4D8C-9695-C7A7F5D969CC}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{FF2CD405-D0F9-47DC-9645-C7D76B41FE5C}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{31619507-37D7-4125-8600-A4E68764414A}D:\heroes of the storm\versions\base32524\heroesofthestorm.exe] => (Allow) D:\heroes of the storm\versions\base32524\heroesofthestorm.exe
FirewallRules: [UDP Query User{3E4396D5-39DE-4327-B532-415E2AA18552}D:\heroes of the storm\versions\base32524\heroesofthestorm.exe] => (Allow) D:\heroes of the storm\versions\base32524\heroesofthestorm.exe
FirewallRules: [{AB02221B-7830-4A52-9E8F-E9CBBF8D0FAB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{30710694-1A98-4FC1-B3EE-45462089F4B2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{F70FA21A-CB7B-443A-B80E-351D79DCD4F6}] => (Allow) D:\Teamviewer\TeamViewer.exe
FirewallRules: [{2184DF54-9436-468B-AE22-2863B2B795EA}] => (Allow) D:\Teamviewer\TeamViewer.exe
FirewallRules: [{2096F03F-9FE4-441A-8F93-B43EAF0BE38B}] => (Allow) D:\Teamviewer\TeamViewer_Service.exe
FirewallRules: [{1EC0443E-EB61-490F-A0CA-802D175A64E9}] => (Allow) D:\Teamviewer\TeamViewer_Service.exe
FirewallRules: [{3196F5A0-BE5A-4477-8F42-587AD2A6AC61}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{8A57ACBC-EF51-481A-88CA-6A0EE6F4A118}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{31FFD30A-AE8A-49A9-8B03-B439DA19454F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D1C866ED-4C9F-4DE5-8319-00FED628B5BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{81766993-B737-4668-AEA5-5AED2C753F48}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{5AEF10AC-9F8F-498D-BEBB-A4CC76F1FB65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{027461BD-3692-4D83-B383-ACED883F5C53}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8634CCD7-93E8-4A9F-9270-B5D951B306AD}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{506E1D63-7F23-4AC6-A08B-3C729297A16B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{FB773CFD-35B8-4751-B8A2-906502C98FDB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{A00DBC9A-A3E9-4529-83C6-E962E4AC4649}] => (Allow) D:\Steam\SteamApps\common\Transformice\Transformice.exe
FirewallRules: [{32CF1278-E697-4BB3-9654-730AAF63166A}] => (Allow) D:\Steam\SteamApps\common\Transformice\Transformice.exe
FirewallRules: [{EAC54EDC-42A5-486B-92BD-0D223C768FB2}] => (Allow) D:\Steam\SteamApps\common\GearUp\bin\Traktor.Amalgam.App.exe
FirewallRules: [{E3B1507D-4DD5-4B8D-A169-3840B5A70515}] => (Allow) D:\Steam\SteamApps\common\GearUp\bin\Traktor.Amalgam.App.exe
FirewallRules: [{CB01132B-6F54-4068-9344-EF19B3E1EA88}] => (Allow) D:\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{0F713A14-E615-4E68-B69D-19C3CC4A629E}] => (Allow) D:\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{AB3FFD04-6928-4AF1-AE1D-134B3358260B}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{26998DD3-7AB1-42C9-9971-17BB623EA2F2}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{AC1A1136-137E-459A-8341-8D9606F0C59B}] => (Allow) D:\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{822352DA-B920-4113-9B25-70951C58B3DA}] => (Allow) D:\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{12A4B308-83B6-45AA-86F4-9A50A101B419}] => (Allow) D:\Steam\SteamApps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{4720E5D9-550B-4E1F-A87A-99FEBC983512}] => (Allow) D:\Steam\SteamApps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{C1BA5FD4-DB99-44E3-904D-6E19D0F3EA72}] => (Allow) D:\Steam\SteamApps\common\Dawn of Fantasy\Dof.exe
FirewallRules: [{DDF947DB-991B-4CA3-82E6-1302D0B16CC7}] => (Allow) D:\Steam\SteamApps\common\Dawn of Fantasy\Dof.exe
FirewallRules: [{5BC4B26C-DE10-41C1-9809-40531E7B1880}] => (Allow) D:\Steam\SteamApps\common\Dawn of Fantasy\dof_options.exe
FirewallRules: [{FB06EE7A-9F1E-4AA3-A071-0986DD08AC5E}] => (Allow) D:\Steam\SteamApps\common\Dawn of Fantasy\dof_options.exe
FirewallRules: [{7C76F2E4-9A7F-4C80-9380-ADE2AA293B09}] => (Allow) D:\Steam\SteamApps\common\Dawn of Fantasy\Editor.exe
FirewallRules: [{A94AC120-3CD4-494F-9BBA-5F7FF967E2AF}] => (Allow) D:\Steam\SteamApps\common\Dawn of Fantasy\Editor.exe
FirewallRules: [{6E0BB6D6-1CFA-49B1-879D-104620EEDBB4}] => (Allow) D:\Steam\SteamApps\common\Tribes\Binaries\Win32\HirezBridge.exe
FirewallRules: [{57BE7863-963A-4746-97E5-F0796F89AFF4}] => (Allow) D:\Steam\SteamApps\common\Tribes\Binaries\Win32\HirezBridge.exe
FirewallRules: [{ECF5E19B-2277-41DE-8964-86745575BC1E}] => (Allow) D:\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{EB61660B-30EE-42EF-81D5-9F2C3C424B48}] => (Allow) D:\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{576C2C3F-A1EC-4E2D-A96B-B67EC1F4FD50}] => (Allow) D:\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{BFB20AE9-F186-4B1B-8BD3-89D2C4AC09C2}] => (Allow) D:\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{81FB2BEE-4D18-4EFA-848B-1C19EBCAF37D}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{FFC9806A-AC02-4575-BC58-FE74169BFF52}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{B4FC640F-C511-404E-BEA4-A70F259DB333}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{3E213AED-CBAB-451D-AC87-A9C020C0652E}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{89176DD8-EEF5-4517-9E24-AD12A906C07B}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{DE657D76-8D02-4479-856F-9293609D9E3C}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{4A618A3E-18F7-456E-B49B-C3F60921A415}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{F2930CCC-9D8E-444B-B758-E6DFB3CC5FFA}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{1D806487-F095-4214-B667-856B29284002}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{80E02DEA-9994-4334-A3BA-19D7BAA91F46}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{1E4641DD-79C0-47E5-BCDB-5B5CA5CA3A6F}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{01517821-8B7F-49DC-8C09-E0466429DBD7}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{410D3636-2354-457D-9493-AD1680DDABB3}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{F7BBB84B-F8F9-41CE-B727-653CAE033B18}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{D889FDD8-3489-4F22-B948-6BC68506496C}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{ACE60DE2-FF3F-44C8-B191-3665D887256C}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{2F1DCAB0-026B-48FA-8492-24DD7D8CD202}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{F5B22798-D843-4163-BE8D-A5BC57812168}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{B4768B0B-55BD-43AA-964B-7549F715B1F6}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{371B409B-8951-44C3-801F-1519E57EDC5E}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{602D4EAC-CDC9-4C85-A77F-9F13D567C455}] => (Allow) D:\War Thunder\WarThunder\launcher.exe
FirewallRules: [{34E3AB9E-CA15-433C-B7AC-531B5D0F09AD}] => (Allow) D:\War Thunder\WarThunder\launcher.exe
FirewallRules: [{DE73C143-EA4E-4131-AB65-81347DAC1D82}] => (Allow) D:\War Thunder\WarThunder\bpreport.exe
FirewallRules: [{F559AAAC-609E-44EE-B710-A6FF13F93CEF}] => (Allow) D:\War Thunder\WarThunder\bpreport.exe
FirewallRules: [{8B898A11-3A4F-4B02-B661-D5291ABD9EC3}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{6EBC1F2D-C4E1-4A9C-80B7-DFE8E2E93B6C}] => (Allow) LPort=5357
FirewallRules: [{DBCF1010-1257-4228-B587-523039C4375D}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{7FE091C7-6D25-4A94-BE4B-873DE6206C49}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6B463128-CE54-43F3-A6B7-793AC6014806}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BD7C8F8C-8A0F-4242-91E4-7EAF1A87999F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{725C300A-7608-404D-96A1-F6DCFF311B87}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{29D8F059-06FE-461B-91D8-CDA06D20D288}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{02168E8E-6E1D-4D08-B2A8-06C9C760FC9A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{A62D08CA-063C-4FAA-9FC0-5CCE01D69525}] => (Allow) C:\Program Files (x86)\PLC\dlanwlancfg\dlanwlancfg.exe
FirewallRules: [TCP Query User{8E673F5E-1D8E-456F-BF99-8C3CEA068AE1}C:\program files (x86)\speedlink gaming mouse\gaming mouse.exe] => (Allow) C:\program files (x86)\speedlink gaming mouse\gaming mouse.exe
FirewallRules: [UDP Query User{C274F0FF-FE2B-4C7A-B483-D7B80448C2CD}C:\program files (x86)\speedlink gaming mouse\gaming mouse.exe] => (Allow) C:\program files (x86)\speedlink gaming mouse\gaming mouse.exe
FirewallRules: [{0FD0B41A-2029-4FD5-B566-4CD11EBB0F22}] => (Allow) D:\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{B26CC9C6-260A-40B6-833E-105FBDA6F155}] => (Allow) D:\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{8A9BB1A8-7B33-407A-83FA-B27210A0F2C0}] => (Allow) D:\Steam\SteamApps\common\Creativerse\Creativerse.exe
FirewallRules: [{8B0D37E7-02C0-426B-A7BB-778A480692B0}] => (Allow) D:\Steam\SteamApps\common\Creativerse\Creativerse.exe
FirewallRules: [{DDAB0F0B-C10D-4597-933B-267E74E03F12}] => (Allow) D:\Steam\SteamApps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{F85A9A6E-DC31-4CE4-8C76-AE9E59C4BE20}] => (Allow) D:\Steam\SteamApps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{CBECA9D1-9462-4E45-85A3-7FDDCADF9605}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{63665025-B45A-416C-B06B-C2368ABC089C}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{9AA2B242-581D-44A7-AEDB-B1C1F64851A3}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{E6A2CC75-CFDE-4310-A5E5-22442AFC42DD}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{62E8BEF6-D743-4652-844A-289A006EE106}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{AD59A93D-DC60-4838-AC1B-49208F55222C}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{19924C70-CFCD-41A1-85A4-621306526B9A}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{457AEFC1-1062-486C-A53C-B786091A8913}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{16F80790-347E-41CE-86F4-D79E2DFF0329}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{93A3108C-F21E-4A6E-8F26-127773DDF856}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{A5F1DA9D-6E40-41AF-BA31-B5DB4DDEC775}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{FC166EEE-7031-473C-B570-BD5D4910B131}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{4D8DCCBE-2E3C-43E1-82DF-BCE4F0259B0F}D:\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{CEB11D74-A1AD-4BF6-894B-BFCE2F81BC94}D:\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{57CE2250-F1D7-4B0A-B297-6BFB8DD29620}D:\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CB106CC7-5199-4076-B389-7D97D885D268}D:\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe
==================== Restore Points =========================
13-03-2016 22:23:42 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
13-03-2016 22:24:08 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
13-03-2016 22:25:12 Device Driver Package Install: Advanced Micro Devices, Inc. Display adapters
15-03-2016 17:36:54 Installed Realtek Ethernet Controller Driver
15-03-2016 19:11:05 Installed Realtek Ethernet Controller Driver
15-03-2016 19:16:26 Removed Realtek Ethernet Controller Driver
15-03-2016 19:17:21 Installed Realtek Ethernet Controller Driver
15-03-2016 19:17:38 Installed Realtek Ethernet Controller Driver
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (03/15/2016 07:29:18 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Error: (03/15/2016 07:27:31 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Error: (03/15/2016 07:27:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
JSWPSLWF
Error: (03/15/2016 07:25:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
JSWPSLWF
Error: (03/15/2016 07:15:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
JSWPSLWF
Error: (03/15/2016 05:46:48 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Error: (03/15/2016 05:39:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
JSWPSLWF
Error: (03/15/2016 12:41:21 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Error: (03/15/2016 12:14:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
JSWPSLWF
Error: (03/15/2016 12:14:51 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
CodeIntegrity:
===================================
Date: 2016-03-15 19:26:49.439
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-15 19:26:49.392
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-15 19:24:18.702
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-15 19:24:18.655
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-15 19:14:27.280
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-15 19:14:27.234
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-15 17:39:03.468
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-15 17:39:03.405
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-15 12:13:57.904
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-15 12:13:57.857
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\jswpslwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 31%
Total physical RAM: 8076.95 MB
Available physical RAM: 5568.86 MB
Total Virtual: 16152.11 MB
Available Virtual: 13152.25 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.84 GB) (Free:363.74 GB) NTFS
Drive d: () (Fixed) (Total:466.57 GB) (Free:222.17 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A29DB488)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=466.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================