Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 7 Black Screen virus [Solved] [Closed]


  • This topic is locked This topic is locked

#1
filipfilip

filipfilip

    Member

  • Member
  • PipPip
  • 45 posts

So I recently downloaded bittorrent followed by a torrent for photoshop however when I started the startup and was greeted with error messages, I quickly deleted it and restarted my computer

where i was met with a black screen and a mouse cursor. I am able to go onto start task manager to access the internet however i cannot find a fix.

I've been dealing with this for a few days

Any help would be great

Many thanks


Edited by filipfilip, 03 April 2016 - 07:26 AM.

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are you able to get into safe mode ?

Is this a 32 or 64 bit system
  • 0

#3
filipfilip

filipfilip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

When i restart i have the option to go into safe mode and its a 64 bit system.


  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

OK could you try safe mode with networking

 

If that works then :

 

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.



  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select  additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from. 
  • Please attach both logs generated.

 

 

If not then let me know and we will go to plan B


  • 0

#5
filipfilip

filipfilip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

FIRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Admin (administrator) on ADMIN-PC (03-04-2016 18:04:22)
Running from D:\Downloads
Loaded Profiles: Admin (Available Profiles: Admin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_svc.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
() C:\Users\Admin\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Steam2\Steam\Steam.exe
(Valve Corporation) D:\Steam2\Steam\bin\steamwebhelper.exe
(Valve Corporation) D:\Steam2\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() D:\Steam2\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Valve Corporation) D:\Steam2\Steam\GameOverlayUI.exe
(Valve Corporation) D:\Steam2\Steam\bin\steamwebhelper.exe
(Valve Corporation) D:\Steam2\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NVRaidService] => C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe [291944 2010-04-09] (NVIDIA Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [SoundMax] => C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [3895296 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2036864 2016-03-21] (Hola Networks Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-03-22] (LogMeIn Inc.)
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINFE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINFE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23260000 2016-02-24] (Google)
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Run: [**eK**<*>] => C:\Program Files (x86)\Tongbu\tbMobileService.exe /start <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Run: [GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136 2016-03-27] (Google Inc.)
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\MountPoints2: {ab077309-29d1-11e2-907a-806e6f6e6963} - E:\DVDSetup.exe
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [1MediaFireIconError] -> {5EE8C634-CDC0-453D-9731-DF0B19F4E807} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon3_4eb5e.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconReadOnly] -> {7995D0FC-769B-4197-AEC0-991921CB99E1} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon5_4eb5e.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSynched] -> {9A3B79CB-D899-40B5-8DBC-20447F1ADC8F} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon_4eb5e.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSyncing] -> {C4D81971-6B13-4173-AB21-F83AD20CCC04} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon2_4eb5e.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [MediaFireIconLock] -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon4_4eb5e.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog9 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 17 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 18 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 17 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 18 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{5AA81275-6143-4A59-957C-E64C0433711E}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7EE26703-8635-4D2E-B8F4-5685C65A656A}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{8F64559A-494E-4A7C-B269-D145DC1D0D98}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://websearch.swellsearch.info/?pid=3500&r=2015/03/14&hid=7649762504677559751&lg=EN&cc=GB&unqvl=84
URLSearchHook: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000 - (No Name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No File
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=3500&r=2015/03/14&hid=7649762504677559751&lg=EN&cc=GB&unqvl=84
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=3500&r=2015/03/14&hid=7649762504677559751&lg=EN&cc=GB&unqvl=84
SearchScopes: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000 -> DefaultScope {F5E60108-BA73-4D4D-BBF7-F528A3282D84} URL = hxxps://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=M0CB1C089-73A1-41F2-A296-88E520549C3A&SearchSource=58&CUI=&UM=5&UP=SPC820C670-3FA5-454E-BA85-4900C051ECF4&q=UCM_SEARCH_TERM&SSPV=
SearchScopes: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000 -> {5F4F12C0-BFBD-4912-A288-5771E3BA50C0} URL = hxxp://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=293224&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=3500&r=2015/03/14&hid=7649762504677559751&lg=EN&cc=GB&unqvl=84
SearchScopes: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000 -> {F5E60108-BA73-4D4D-BBF7-F528A3282D84} URL = hxxps://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
BHO: TrustMediaViewerV1alpha4147 -> {0a4c5b85-7f94-4e69-9eb1-7c3a7da837ef} -> No File
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2015-01-06] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-06] (Oracle Corporation)
BHO-x32: Trust Media Viewer -> {0a4c5b85-7f94-4e69-9eb1-7c3a7da837ef} -> No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
BHO-x32: Applon -> {1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-03-29] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-03-29] (Oracle Corporation)
BHO-x32: ͬ²½Ò»¼ü°²×°Ö§³Ö -> {F72C8153-7140-4FEE-8F69-CA4579D71195} -> C:\Program Files (x86)\Tongbu\Addin\tbIEAddin.dll [2016-01-31] (同步网络平台)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\tzl9ri9s.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-24] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @tongbu.com/tongbu,version=0.1 -> C:\Program Files (x86)\Tongbu\Addin\npTongbuAddin.dll [2016-01-31] (同步网络平台)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-24] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-03-29] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-23] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2006-10-07] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2006-10-07] (RealNetworks, Inc.)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] ()
FF Plugin-x32: @tongbu.com/tongbu,version=0.1 -> C:\Program Files (x86)\Tongbu\Addin\npTongbuAddin.dll [2016-01-31] (同步网络平台)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Admin\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-03-21] ()
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Admin\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-03-21] (Hola)
FF Plugin HKU\S-1-5-21-2055958020-1542119278-3283414598-1000: @coreonline.com/run3d,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Square Enix\nprun3d.dll [2012-09-14] (Square Enix)
FF Plugin HKU\S-1-5-21-2055958020-1542119278-3283414598-1000: @hola.org/FlashPlayer -> C:\Users\Admin\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-03-21] ()
FF Plugin HKU\S-1-5-21-2055958020-1542119278-3283414598-1000: @hola.org/vlc -> C:\Users\Admin\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-03-21] (Hola)
FF Plugin HKU\S-1-5-21-2055958020-1542119278-3283414598-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll [No File]
FF Plugin HKU\S-1-5-21-2055958020-1542119278-3283414598-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2055958020-1542119278-3283414598-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-02-17] ()
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4147\ff => not found
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.co.uk/
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (BetterTTV) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-01-10]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-01]
CHR Extension: (Steam inventory helper) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2016-03-20]
CHR Extension: (LoungeDestroyer) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2016-03-29]
CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-18]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-03-17]
CHR Extension: (Google Play) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-02-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-11-30]
CHR Extension: (Plants vs Zombies) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2014-10-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Admin\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-11-29]
CHR HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Admin\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx <not found>
CHR HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bdiebckmgicbiemeadkbioloodpnlhng] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4147\ch\TrustMediaViewerV1alpha4147.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Admin\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com) [File not signed]
R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2009-06-05] (Andrea Electronics Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1141248 2015-06-10] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-01-05] (BitRaider, LLC)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.)
S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-10] ()
S3 GalaxyClientService; D:\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-31] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6952504 2015-10-31] (GOG.com)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [23504 2014-12-25] (Micro-Star Int'l Co., Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [File not signed]
R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [8127616 2016-03-21] (Hola Networks Ltd.)
R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [8127616 2016-03-20] (Hola Networks Ltd.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-03-22] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MF NTFS Monitor; C:\Users\Admin\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe [456176 2015-04-23] ()
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [100864 2015-06-15] (Microsoft Corporation) [File not signed]
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1736872 2015-04-29] (Micro-Star INT'L CO., LTD.)
R2 NitroDriverReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [324928 2010-02-02] (Nitro PDF Software)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2104840 2016-01-19] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-12] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607048 2012-11-09] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1353544 2009-10-29] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 celavimushost; "C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows ® Win 7 DDK provider)
S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-05-24] (Phoenix Technologies) [File not signed]
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 mfmonitor; C:\Windows\System32\DRIVERS\mfmonitor_x64.sys [20696 2015-04-23] (Windows ® Win 7 DDK provider)
S3 MSICDSetup; E:\CDriver64.sys [28984 2009-08-10] (Your Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_C; E:\NTIOLib_X64.sys [11888 2011-06-29] (MSI) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2009-10-14] (TuneUp Software)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 SUNSTREAKER; system32\DRIVERS\Sunstreaker.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-03 18:04 - 2016-04-03 18:04 - 00000000 ____D C:\FRST
2016-04-03 13:49 - 2016-04-03 13:50 - 00000000 ____D C:\Users\Admin\AppData\Local\AvgSetupLog
2016-04-03 13:49 - 2016-04-03 13:49 - 00000000 ____D C:\Users\Admin\AppData\Local\Avg
2016-04-03 13:49 - 2016-04-03 13:49 - 00000000 ____D C:\ProgramData\Avg
2016-04-03 13:49 - 2016-04-03 13:49 - 00000000 ____D C:\Program Files (x86)\AVG
2016-03-30 13:21 - 2016-03-30 13:21 - 00000209 _____ C:\Users\Admin\Desktop\Orcs Must Die! Unchained.url
2016-03-23 18:41 - 2016-03-23 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-03-23 18:41 - 2016-03-23 18:41 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-03-20 18:42 - 2016-03-21 16:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Hola
2016-03-20 18:42 - 2016-03-20 18:42 - 00001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk
2016-03-20 18:42 - 2016-03-20 18:42 - 00000000 ____D C:\Users\Admin\AppData\Local\Hola
2016-03-19 16:15 - 2016-03-19 16:15 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-09 20:39 - 2016-02-12 19:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 20:39 - 2016-02-12 19:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 20:39 - 2016-02-12 19:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 20:39 - 2016-02-12 19:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 20:39 - 2016-02-12 19:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 20:39 - 2016-02-12 19:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 20:39 - 2016-02-12 19:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 20:39 - 2016-02-12 19:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 20:39 - 2016-02-12 19:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 20:39 - 2016-02-12 19:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 20:39 - 2016-02-12 19:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 20:39 - 2016-02-12 19:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 20:39 - 2016-02-12 19:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 20:39 - 2016-02-12 19:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 20:39 - 2016-02-12 19:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 20:39 - 2016-02-12 19:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 20:39 - 2016-02-11 19:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 20:39 - 2016-02-11 19:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 20:39 - 2016-02-11 19:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 20:39 - 2016-02-11 19:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 20:39 - 2016-02-11 19:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 20:39 - 2016-02-11 19:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 20:39 - 2016-02-11 19:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 20:39 - 2016-02-11 19:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 20:39 - 2016-02-11 19:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 20:39 - 2016-02-11 19:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 20:39 - 2016-02-11 19:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 20:39 - 2016-02-11 19:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 20:39 - 2016-02-11 19:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 20:39 - 2016-02-11 19:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 20:39 - 2016-02-11 19:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 20:39 - 2016-02-11 19:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 20:39 - 2016-02-11 19:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 20:39 - 2016-02-11 19:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 20:39 - 2016-02-11 19:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 20:39 - 2016-02-11 19:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 20:39 - 2016-02-11 19:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 20:39 - 2016-02-11 19:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 20:39 - 2016-02-11 19:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 20:39 - 2016-02-11 19:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 20:39 - 2016-02-11 19:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 20:39 - 2016-02-11 19:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 20:39 - 2016-02-11 19:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 20:39 - 2016-02-11 19:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 20:39 - 2016-02-11 19:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 20:39 - 2016-02-11 19:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 20:39 - 2016-02-11 19:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 20:39 - 2016-02-11 19:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 20:39 - 2016-02-11 19:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 20:39 - 2016-02-11 19:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 20:39 - 2016-02-11 19:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 20:39 - 2016-02-11 19:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 20:39 - 2016-02-11 19:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 20:39 - 2016-02-11 19:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 20:39 - 2016-02-11 19:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 20:39 - 2016-02-11 19:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 20:39 - 2016-02-11 19:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 20:39 - 2016-02-11 19:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 20:39 - 2016-02-11 19:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 20:39 - 2016-02-11 19:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 20:39 - 2016-02-11 19:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 20:39 - 2016-02-11 19:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 18:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 20:39 - 2016-02-11 18:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 20:39 - 2016-02-11 18:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 20:39 - 2016-02-11 18:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 20:39 - 2016-02-11 18:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 20:39 - 2016-02-11 18:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 20:39 - 2016-02-11 18:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 20:39 - 2016-02-11 18:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 20:39 - 2016-02-11 18:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 20:39 - 2016-02-11 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 20:39 - 2016-02-11 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 20:39 - 2016-02-11 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 20:39 - 2016-02-11 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 20:39 - 2016-02-11 18:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 20:39 - 2016-02-11 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 20:39 - 2016-02-09 10:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 20:39 - 2016-02-09 10:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 20:39 - 2016-02-09 10:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 20:39 - 2016-02-09 10:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 20:39 - 2016-02-09 10:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 20:39 - 2016-02-09 10:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 20:39 - 2016-02-09 10:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 20:39 - 2016-02-09 10:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 20:39 - 2016-02-09 10:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 20:39 - 2016-02-09 10:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 20:39 - 2016-02-09 10:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 20:39 - 2016-02-05 19:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 20:39 - 2016-02-05 19:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 20:39 - 2016-02-05 19:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 20:39 - 2016-02-05 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 20:39 - 2016-02-05 19:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 20:39 - 2016-02-05 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 20:39 - 2016-02-05 19:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 20:39 - 2016-02-05 18:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 20:39 - 2016-02-05 18:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 20:39 - 2016-02-05 18:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 20:39 - 2016-02-05 02:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 20:39 - 2016-02-04 19:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 20:39 - 2016-02-04 18:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 20:39 - 2016-02-03 19:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 20:39 - 2016-02-03 19:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 20:39 - 2016-02-03 19:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 20:39 - 2016-02-03 19:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 20:39 - 2016-02-03 19:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-03 18:04 - 2014-05-30 23:12 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2016-04-03 17:59 - 2012-12-12 19:30 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-03 17:55 - 2015-05-20 19:55 - 00000911 _____ C:\Windows\Tasks\EPSON XP-225 Series Update {5BF11956-C7BD-477A-BA44-9CF28160D1CA}.job
2016-04-03 17:53 - 2015-06-17 15:41 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2055958020-1542119278-3283414598-1000UA.job
2016-04-03 17:48 - 2015-05-20 17:48 - 00000911 _____ C:\Windows\Tasks\EPSON XP-225 Series Update {080F73AB-460F-450F-9325-C292070A702C}.job
2016-04-03 17:40 - 2015-02-04 16:47 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-03 17:21 - 2015-03-15 21:58 - 00000388 _____ C:\Windows\Tasks\update-sys.job
2016-04-03 16:55 - 2015-12-25 14:48 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-04-03 16:48 - 2016-01-04 13:26 - 02371128 _____ C:\Windows\ntbtlog.txt
2016-04-03 16:47 - 2015-05-31 21:38 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-03 16:47 - 2015-02-04 16:47 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-03 16:47 - 2014-01-30 19:06 - 00000362 _____ C:\Windows\Tasks\AmiUpdXp.job
2016-04-03 16:47 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-03 16:45 - 2009-07-14 05:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-03 16:45 - 2009-07-14 05:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-03 15:53 - 2015-06-17 15:41 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2055958020-1542119278-3283414598-1000Core.job
2016-04-03 00:47 - 2015-03-15 21:58 - 00000388 _____ C:\Windows\Tasks\update-S-1-5-21-2055958020-1542119278-3283414598-1000.job
2016-04-02 00:25 - 2012-11-11 19:51 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2016-03-31 00:53 - 2012-11-10 13:09 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-31 00:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-03-31 00:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-30 21:41 - 2015-11-29 16:37 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-30 21:41 - 2012-11-10 14:19 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-30 15:55 - 2012-11-08 19:33 - 00000000 ____D C:\Users\Admin
2016-03-30 01:13 - 2015-05-31 21:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-29 16:43 - 2015-11-13 23:22 - 00000000 ____D C:\Users\Admin\AppData\Roaming\qBittorrent
2016-03-29 16:18 - 2012-12-25 15:47 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2016-03-29 14:07 - 2009-07-14 06:13 - 00786474 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-29 14:04 - 2014-09-02 22:17 - 00000000 ___RD C:\Users\Admin\Dropbox
2016-03-29 14:04 - 2014-09-02 22:13 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Dropbox
2016-03-29 00:22 - 2015-11-28 21:25 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2016-03-27 20:26 - 2015-05-31 21:23 - 00000000 ____D C:\Users\Admin\AppData\Local\NVIDIA Corporation
2016-03-27 20:26 - 2015-05-31 21:22 - 00000000 ____D C:\Users\Admin\AppData\Local\NVIDIA
2016-03-27 20:26 - 2015-05-31 21:19 - 00001383 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-03-27 20:26 - 2012-12-11 21:18 - 00000000 ____D C:\Users\Admin\AppData\Local\Deployment
2016-03-24 21:59 - 2012-12-12 19:30 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-24 21:59 - 2012-12-12 19:30 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-24 21:59 - 2012-12-12 19:30 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-23 18:41 - 2015-01-16 19:04 - 00000928 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-03-22 17:20 - 2013-05-22 17:27 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-03-20 18:42 - 2014-12-22 00:50 - 00000000 ____D C:\Program Files\Hola
2016-03-19 00:59 - 2015-01-24 12:47 - 10610600 ____H C:\Users\Admin\AppData\Local\IconCache.db.backup
2016-03-16 22:11 - 2014-10-15 21:17 - 00000000 ____D C:\Program Files (x86)\Tongbu
2016-03-16 22:09 - 2014-10-15 21:17 - 00001899 _____ C:\Users\Public\Desktop\Tongbu Assistant.lnk
2016-03-12 16:42 - 2015-11-29 14:44 - 00002044 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-03-12 16:42 - 2015-11-29 14:44 - 00002042 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-03-12 16:42 - 2015-11-29 14:44 - 00002032 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-03-12 16:42 - 2015-11-29 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-03-10 16:43 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-03-10 16:43 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-10 16:42 - 2009-07-14 05:45 - 00412864 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-08 16:41 - 2016-01-11 21:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-05 22:19 - 2016-01-10 14:32 - 00002164 _____ C:\Users\Admin\Desktop\Discord.lnk
2016-03-05 22:19 - 2016-01-10 14:32 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-03-05 22:19 - 2016-01-10 14:31 - 00000000 ____D C:\Users\Admin\AppData\Local\Discord
2016-03-05 22:18 - 2016-01-10 14:31 - 00000000 ____D C:\Users\Admin\AppData\Local\SquirrelTemp
 
==================== Files in the root of some directories =======
 
2013-12-01 17:58 - 2013-12-01 17:58 - 49940480 _____ () C:\Program Files (x86)\GUTA421.tmp
2016-01-19 08:23 - 2016-01-19 08:23 - 15290222 _____ () C:\Program Files (x86)\NCWest.zip
2013-07-06 18:29 - 2013-07-06 18:29 - 0000132 _____ () C:\Users\Admin\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-03-16 22:12 - 2013-03-17 19:27 - 0000154 _____ () C:\Users\Admin\AppData\Roaming\Rim.Desktop.Exception.log
2013-03-16 22:11 - 2013-03-16 22:11 - 0001153 _____ () C:\Users\Admin\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-03-16 22:12 - 2013-03-17 19:27 - 0000154 _____ () C:\Users\Admin\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-11-24 15:34 - 2013-02-08 21:36 - 0703117 _____ () C:\Users\Admin\AppData\Roaming\technic-launcher.jar
2012-11-24 15:34 - 2013-01-16 14:14 - 0703007 _____ () C:\Users\Admin\AppData\Roaming\technic-launcher.jar.bak
2013-09-01 16:05 - 2013-09-01 16:05 - 0000000 _____ () C:\Users\Admin\AppData\Roaming\TS3Patch.lck
2014-01-03 14:02 - 2014-01-03 14:02 - 0000000 ___SH () C:\Users\Admin\AppData\Local\LumaEmu
2015-03-15 21:58 - 2015-03-15 21:58 - 0000003 _____ () C:\Users\Admin\AppData\Local\updater.log
2015-03-15 21:58 - 2015-10-02 20:31 - 0000424 _____ () C:\Users\Admin\AppData\Local\UserProducts.xml
2015-05-05 17:11 - 2015-05-05 17:11 - 0000000 _____ () C:\Users\Admin\AppData\Local\{B9B500B6-0B82-45F6-8B09-C2BEE666F918}
 
Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\164416.exe
C:\Users\Admin\AppData\Local\Temp\Hola-Setup-x64-1.12.239.exe
C:\Users\Admin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Admin\AppData\Local\Temp\nvStInst.exe
C:\Users\Admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Admin\AppData\Local\Temp\tbIEAddin.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe
[2015-07-07 17:04] - [2011-01-16 01:01] - 0389632 ____A (Microsoft Corporation) 81257415084B84F3C0D95C381A8D4C8F
 
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2012-06-15 21:27] - [2012-06-15 21:27] - 2899456 ____A (Microsoft Corporation) 8453CA1A6EDD468A5E421D0D829B574F
 
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2015-12-09 17:25] - [2011-01-16 01:01] - 1008640 ____A (Microsoft Corporation) 0B864E15A0BADFF0E7BB8B59009FDDCF
 
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-03-19 14:27
 
==================== End of FRST.txt ============================
 
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Admin (2016-04-03 18:05:23)
Running from D:\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2012-11-08 18:33:28)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Admin (S-1-5-21-2055958020-1542119278-3283414598-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2055958020-1542119278-3283414598-500 - Administrator - Disabled)
Guest (S-1-5-21-2055958020-1542119278-3283414598-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2055958020-1542119278-3283414598-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.0.708 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Besiege (HKLM-x32\...\Steam App 346010) (Version:  - Spiderling Studios)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.37 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.37 - Research In Motion Ltd.) Hidden
BlueStacks App Player (HKLM-x32\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version:  - Blue Mammoth Games)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.51.1022 - Webteh, d.o.o.)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version:  - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version:  - Techland)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version:  - Splash Damage®)
Discord (HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Discord) (Version: 0.0.286 - Hammer & Chisel, Inc.)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
DriverAgent by eSupport.com (HKLM-x32\...\DriverAgent_is1) (Version:  - Copyright © 2015 eSupport.com, Inc • All Rights Reserved)
Dropbox (HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dxtory version 2.0.119 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.119 - Dxtory Software)
Easy Auto Clicker (HKLM-x32\...\Easy Auto Clicker_is1) (Version: V2.0 - easyautoclicker.com)
Epic Games Launcher (HKLM-x32\...\{16969EF2-23EA-4BD9-B085-4952D95E8A7D}) (Version: 1.1.48.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Printer Connection Checker (HKLM-x32\...\{7BE20D33-EAE9-4E85-870F-204F65E04F89}) (Version: 1.0.1.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-225 Series Printer Uninstall (HKLM\...\EPSON XP-225 Series) (Version:  - SEIKO EPSON Corporation)
FastStone Capture 6.3 (HKLM-x32\...\FastStone Capture) (Version: 6.3 - FastStone Soft)
FastStone Image Viewer 4.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.5 - FastStone Soft)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.)
Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Hola™ 1.12.459 - Better Internet (HKLM\...\Hola) (Version: 1.12.459 - Hola Networks Ltd.)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)
Image Resizer Powertoy Clone for Windows (64 bit) (HKLM\...\{80A620C1-B22C-4781-A351-B14B8A37BFE3}) (Version: 2.1 - Brice Lambson)
InstallShieldHiRezCurrent (HKLM-x32\...\{9433FC1C-7405-433C-A26D-81076293BBCE}) (Version: 3.0.0.0 - Hi-Rez Studios)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.420 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.420 - LogMeIn, Inc.) Hidden
Magic ISO Maker v5.5 (build 0268) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0268)) (Version:  - )
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
MediaFire Desktop (HKLM-x32\...\MediaFire Desktop 1.4.29.10845) (Version: 1.4.29.10845 - MediaFire)
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Converter Pack (HKLM-x32\...\{6EECB283-E65F-40EF-86D3-D51BF02A8D43}) (Version: 11.0.0.0 - Microsoft Corporation - Office Resource Kit Group)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MIT App Inventor Tools 2.3.0 (HKLM-x32\...\MIT App Inventor Tools) (Version: 2.3.0 - Massachusetts Institute of Technology)
Mozilla Firefox 41.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-GB)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 4.0.0.05 - MSI)
MSI Kombustor 2.5.9 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.017 - MSI)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
Nero 8 Micro (HKLM-x32\...\Nero8Lite_is1) (Version: 8.3.13.0 - UpdatePack.nl)
NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.2.0 - Nexon)
Nitro PDF Professional (HKLM\...\{9FB4D083-69AB-4BA4-A534-A97232EEFF01}) (Version: 6.0.3.1 - Nitro PDF Software)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 362.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 362.00 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7316 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Graphics Driver 362.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 362.00 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA MediaShield (HKLM-x32\...\{CC452A50-5C87-4A1F-B295-445C3C69BF7D}) (Version: 11.1.0.43 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{9573e8a8-632f-4841-8398-db9abe8fb013}) (Version: latest - ppy Pty Ltd)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version:  - Running With Scissors)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.9 - Power Software Ltd)
qBittorrent 3.2.5 (HKLM-x32\...\qBittorrent) (Version: 3.2.5 - The qBittorrent project)
QuickTime Alternative 2.8.0 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 2.8.0 - )
Ralink Wireless LAN Card (HKLM-x32\...\{FAB1F336-1B7C-4057-A7BC-2922CD82A781}) (Version: 1.00.01 - RALINK)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.23944 - Razer Inc.)
Real Alternative 1.52 (HKLM-x32\...\RealAlt_is1) (Version: 1.52 - )
RepZ Launcher (HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\e5eb66b1ac30da66) (Version: 1.0.0.82 - RepZIW4)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.9 - ) <==== ATTENTION
SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.6585 - Analog Devices)
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
SpinTires Tech Demo (June 060613) (HKLM-x32\...\{9AF7D6F5-50A5-432C-9F7B-83BCE03B11A0}) (Version: 1.3 - Oovee)
Square Enix Secure Launcher (HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Square Enix Secure Launcher) (Version: 1.0.0.108 - Square Enix)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1012 - SUPERAntiSpyware.com)
System Requirements Lab Detection (HKLM-x32\...\{93116137-51CA-4C09-97EA-9CADEF9BFF45}) (Version: 6.1.4.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
Tongbu Assistant 2.2.0 (HKLM-x32\...\Tongbu2) (Version: 2.2.0 - Xiamen Tongbu Network Ltd.)
TuneUp Utilities (HKLM-x32\...\TuneUp Utilities) (Version: 9.0.2000.10 - TuneUp Software)
TuneUp Utilities (x32 Version: 9.0.2000.10 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (x32 Version: 9.0.2000.10 - TuneUp Software) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Unlocker 1.8.1 (HKLM-x32\...\Unlocker) (Version: 1.8.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Winamp (HKLM-x32\...\Winamp) (Version: 5.58  - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XSplit Gamecaster (HKLM-x32\...\{7CBDC2CD-F5C7-4DD3-91C8-1E4D68924955}) (Version: 1.9.1409.2308 - SplitmediaLabs)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.3.2011.4 - URSoft, Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {092AC416-60C1-4302-B94E-35E30D9CD9B5} - System32\Tasks\{6E1C9664-2D3E-4E53-84CB-73F73CFF30D9} => C:\Users\Admin\Desktop\Xpadder.exe
Task: {0CF9A672-51E1-440B-A543-C7FF61E10AA4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
Task: {1DA412C2-DA14-403F-886A-107B91D9DAEF} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {29C5456A-CFEC-40F4-98EC-9964D931CE7F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2055958020-1542119278-3283414598-1000Core => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {4196CFE9-1654-4E38-951A-9F9505485511} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {46675A60-6E1A-488D-A1B4-AC58217A48B2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {4FA1034C-FA26-4A7A-99DB-8CEFC5A82DAE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2055958020-1542119278-3283414598-1000UA => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {5D1A3F45-3850-44BF-84F3-73540881A80C} - System32\Tasks\{22B6E922-FEE5-4F81-A5F8-CB9A48FA5DB9} => Chrome.exe hxxp://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?page=tsMain
Task: {5E18894B-949F-4E5F-8453-74913870A81F} - System32\Tasks\{92E29D9D-B329-469C-9475-CCDB5377CB43} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/en/abandoninstall?page=tsProgressBar
Task: {60AADF37-C52D-4B84-8FE7-2E143F39B057} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe [2009-10-29] (TuneUp Software)
Task: {660C16B9-C157-461D-8C33-C71AFA70C6E1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {675D4E70-5DF9-405C-84B1-AF43161B4DF6} - System32\Tasks\EPSON XP-225 Series Update {080F73AB-460F-450F-9325-C292070A702C} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNFE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {6C7BF9D0-F7A9-41C7-B2A7-9C3665A81E6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
Task: {72B36F36-68A4-4801-8483-9765CAE566D0} - System32\Tasks\AmiUpdXp => C:\Users\Admin\AppData\Local\23242\a15823.exe [2014-09-22] () <==== ATTENTION
Task: {74AA6449-AFEF-4127-BECC-98D55D5D953C} - System32\Tasks\{4F1A48D3-5339-415F-AB31-D2B871189129} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/en/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {846E8E9D-CE28-4218-B7B1-51A3E7887066} - System32\Tasks\AdobeAAMUpdater-1.0-Admin-PC-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {8658AF22-D6F2-4E5E-936A-79283C6E8EB1} - System32\Tasks\{9CD49C6B-E855-4521-A800-89D15F96E971} => Chrome.exe hxxp://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?page=tsMain
Task: {A68B49D4-0D66-405C-9560-560671210776} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-24] (Adobe Systems Incorporated)
Task: {AEE36EE3-13BA-456E-BC4C-094333A9C3E9} - System32\Tasks\{E0F502F2-9D8E-4FE3-948C-19433AD0C467} => pcalua.exe -a D:\Downloads\HSB4b-full.exe -d d:\Downloads
Task: {B8AE3D83-A7EC-4F90-80A6-35651F32B3D8} - System32\Tasks\Automatic troubleshooting => C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-10-29] (TuneUp Software)
Task: {BD8AECF9-B99B-46F5-B4E9-45C1AA62F1C9} - System32\Tasks\{067939EB-D757-45CA-89C9-8770495C9243} => C:\Users\Admin\Desktop\Xpadder.exe
Task: {CA24A446-6D47-46FB-B89D-21B936125BF6} - System32\Tasks\{CB250FAB-69F2-4655-9232-88B422FEF709} => pcalua.exe -a "C:\Program Files (x86)\Tongbu\PkgInstaller.exe" -d D:\Documents\Tongbu\Backup -c /open "D:\Documents\Tongbu\Backup\同步推正版_v2.3.3(os4.3with record).ipa"
Task: {D2C35099-D013-482B-8B5A-BFA84B9398FA} - System32\Tasks\{A3F87D7E-69F5-40B5-BFEF-B3D422CFDC5A} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {DA08CFD4-695C-4ED5-BEE9-E50C8A88DE59} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {DAB2BEE1-2051-40AE-9F82-A3939B27F974} - System32\Tasks\EPSON XP-225 Series Update {5BF11956-C7BD-477A-BA44-9CF28160D1CA} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNFE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {EE29033A-FAA3-438C-A263-676E865B701A} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\WatTask => C:\Windows Activation Technologies\wat.exe [2006-04-21] ()
Task: {EF262F04-9FEA-4BCA-9831-C048B9F76DFB} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {F1127F97-AAFC-42F0-AAEF-91F8E53EBEF2} - System32\Tasks\{586FE7C2-2ED7-42E6-B0D4-071CD47E52D9} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/212480
Task: {F2E043F7-6B49-4793-BD61-65E6D8642711} - System32\Tasks\update-S-1-5-21-2055958020-1542119278-3283414598-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Admin\AppData\Local\23242\a15823.exe <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2055958020-1542119278-3283414598-1000Core.job => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2055958020-1542119278-3283414598-1000UA.job => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\EPSON XP-225 Series Update {080F73AB-460F-450F-9325-C292070A702C}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNFE.EXE:/EXE:{080F73AB-460F-450F-9325-C292070A702C} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-225 Series Update {5BF11956-C7BD-477A-BA44-9CF28160D1CA}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNFE.EXE:/EXE:{5BF11956-C7BD-477A-BA44-9CF28160D1CA} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2055958020-1542119278-3283414598-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-05-31 21:38 - 2016-02-23 21:45 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-08-10 17:01 - 2009-08-10 17:01 - 00626208 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2009-08-10 17:00 - 2009-08-10 17:00 - 00070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2009-08-10 17:01 - 2009-08-10 17:01 - 00578592 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2015-07-03 23:15 - 2015-04-23 14:47 - 00456176 _____ () C:\Users\Admin\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
2016-03-27 20:26 - 2016-02-17 07:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-27 20:26 - 2016-02-17 07:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-12-23 20:44 - 2016-02-17 07:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-04-12 20:45 - 2014-04-12 20:45 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2009-08-10 17:01 - 2009-08-10 17:01 - 00206880 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2014-07-02 15:37 - 2016-03-18 22:29 - 00103424 _____ () D:\Steam2\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
2014-02-28 10:14 - 2015-10-24 15:09 - 00175080 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-06-20 08:48 - 2015-10-24 15:09 - 00103400 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-06-20 08:49 - 2015-10-24 15:09 - 00108008 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2015-09-07 19:52 - 2015-09-07 19:54 - 00262656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\ClownfishForTeamspeak_win64.dll
2014-06-20 08:54 - 2015-10-24 15:09 - 00312296 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-06-20 08:55 - 2015-10-24 15:09 - 00483816 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-06-05 14:48 - 2015-09-26 14:20 - 00317440 _____ () C:\Program Files\TeamSpeak 3 Client\ssleay32.dll
2014-06-05 14:48 - 2015-09-26 14:20 - 01709056 _____ () C:\Program Files\TeamSpeak 3 Client\LIBEAY32.dll
2015-05-31 21:25 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2015-05-31 21:28 - 2016-02-17 08:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-03-30 21:41 - 2016-03-27 08:58 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\libglesv2.dll
2016-03-30 21:41 - 2016-03-27 08:58 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\libegl.dll
2014-03-31 20:29 - 2016-03-11 01:56 - 00783360 _____ () D:\Steam2\Steam\SDL2.dll
2014-12-04 16:51 - 2015-07-03 17:12 - 04962816 _____ () D:\Steam2\Steam\v8.dll
2014-12-04 16:51 - 2015-07-03 17:12 - 01556992 _____ () D:\Steam2\Steam\icui18n.dll
2014-12-04 16:51 - 2015-07-03 17:12 - 01187840 _____ () D:\Steam2\Steam\icuuc.dll
2014-05-22 15:33 - 2016-04-02 01:51 - 02549840 _____ () D:\Steam2\Steam\video.dll
2014-08-22 10:28 - 2016-02-09 00:14 - 02549760 _____ () D:\Steam2\Steam\libavcodec-56.dll
2014-08-22 10:28 - 2016-02-09 00:14 - 00442880 _____ () D:\Steam2\Steam\libavutil-54.dll
2014-08-22 10:28 - 2016-02-09 00:14 - 00491008 _____ () D:\Steam2\Steam\libavformat-56.dll
2014-08-22 10:28 - 2016-02-09 00:14 - 00332800 _____ () D:\Steam2\Steam\libavresample-2.dll
2014-08-22 10:28 - 2016-02-09 00:14 - 00485888 _____ () D:\Steam2\Steam\libswscale-3.dll
2014-03-31 20:29 - 2016-04-02 01:51 - 00829008 _____ () D:\Steam2\Steam\bin\chromehtml.DLL
2016-02-19 14:14 - 2016-02-17 23:25 - 00281088 _____ () D:\Steam2\Steam\openvr_api.dll
2016-04-03 17:00 - 2016-04-03 17:00 - 00155232 ___HT () C:\Users\Admin\AppData\Local\Temp\~D0A6.tmp
2014-03-31 20:29 - 2016-04-02 01:51 - 00139856 _____ () D:\Steam2\Steam\bin\audio.dll
2014-03-31 20:29 - 2014-11-11 19:48 - 00071680 _____ () D:\Steam2\Steam\bin\mssmp3.asi
2014-03-31 20:29 - 2014-11-11 19:48 - 00153088 _____ () D:\Steam2\Steam\bin\mssvoice.asi
2014-03-31 20:29 - 2016-02-09 02:33 - 48400672 _____ () D:\Steam2\Steam\bin\libcef.dll
2014-12-16 17:00 - 2015-09-25 00:56 - 00119208 _____ () D:\Steam2\Steam\winh264.dll
2014-07-02 15:37 - 2016-03-18 22:30 - 00198144 _____ () D:\Steam2\Steam\steamapps\common\Counter-Strike Global Offensive\bin\launcher.dll
2014-07-02 15:33 - 2016-03-18 22:30 - 00317952 _____ () D:\Steam2\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
2014-07-02 15:37 - 2016-03-18 22:30 - 00203776 _____ () D:\Steam2\Steam\steamapps\common\Counter-Strike Global Offensive\bin\vstdlib.dll
2014-07-02 15:33 - 2016-03-18 22:29 - 00390656 _____ () D:\Steam2\Steam\steamapps\common\Counter-Strike Global Offensive\bin\filesystem_stdio.dll
2014-07-02 15:33 - 2016-03-26 12:44 - 06971392 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\engine.dll
2014-07-02 15:37 - 2016-03-18 22:30 - 00166912 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\inputsystem.dll
2014-07-02 15:33 - 2016-03-18 22:30 - 01174016 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\vphysics.dll
2014-07-02 15:33 - 2016-03-24 21:19 - 01242112 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
2014-07-02 15:33 - 2016-03-18 22:29 - 00355840 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\datacache.dll
2014-07-02 15:33 - 2016-03-18 22:29 - 00610816 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\studiorender.dll
2014-07-02 15:37 - 2016-03-18 22:29 - 00164864 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\soundemittersystem.dll
2014-07-02 15:33 - 2016-03-18 22:29 - 00708096 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\vscript.dll
2014-07-02 15:37 - 2016-03-18 22:30 - 00134656 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\valve_avi.dll
2014-07-02 15:33 - 2016-03-18 22:30 - 01336320 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\vguimatsurface.dll
2014-07-02 15:33 - 2016-03-18 22:30 - 00395264 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\vgui2.dll
2014-07-02 15:33 - 2016-03-24 21:19 - 03276288 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\scaleformui.dll
2014-07-02 15:33 - 2016-03-18 22:30 - 01769984 _____ () D:\Steam2\Steam\steamapps\common\Counter-Strike Global Offensive\bin\shaderapidx9.dll
2014-07-02 15:37 - 2016-03-18 22:30 - 00143360 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\localize.dll
2014-07-02 15:37 - 2016-03-18 22:30 - 00230912 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dbg.dll
2014-07-02 15:33 - 2016-03-18 22:30 - 01016832 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dx9.dll
2014-07-02 15:33 - 2016-03-30 13:15 - 00584192 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\csgo\bin\matchmaking.dll
2014-07-03 15:51 - 2016-04-01 14:15 - 12693504 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\csgo\bin\client.dll
2014-07-03 15:51 - 2016-03-26 12:44 - 10247168 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\csgo\bin\server.dll
2014-07-02 15:37 - 2016-03-18 22:30 - 00094208 _____ () D:\Steam2\Steam\steamapps\common\Counter-Strike Global Offensive\bin\scenefilecache.dll
2014-03-31 20:41 - 2016-03-18 22:30 - 00084992 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\vaudio_miles.dll
2014-03-31 20:41 - 2014-09-11 15:35 - 00071680 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\mssmp3.asi
2014-03-31 20:41 - 2014-09-11 15:35 - 00012800 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\mssds3d.flt
2014-03-31 20:41 - 2014-09-11 15:35 - 00055808 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\msseax.flt
2014-07-02 15:33 - 2016-03-24 21:19 - 00974336 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\serverbrowser.dll
2014-11-21 16:49 - 2016-03-18 22:30 - 00173568 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\vaudio_celt.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences [0]
AlternateDataStreams: C:\Windows\Temp:$DATA [16]
AlternateDataStreams: C:\Users\Admin\Desktop\aaa.png:com.dropbox.attributes [1044]
AlternateDataStreams: C:\Users\Admin\Desktop\Camera Uploads:com.dropbox.attributes [168]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [152]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\sony.com -> sony.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Ralink Wireless Utility.lnk => C:\Windows\pss\Ralink Wireless Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Java™ Platform SE 7 U45 => C:\Users\Admin\AppData\Local\Temp\Vbc.exe.exe
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Live Update => C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MediaFire Tray => "C:\Users\Admin\AppData\Local\MediaFire Desktop\mf_watch.exe"
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: puush => C:\Program Files (x86)\puush\puush.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SoundMAX => C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe /tray
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{55288BE1-E785-4043-9375-566EF97F9218}] => (Allow) D:\Games\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{9AF042C8-16D3-4D3F-A2FC-EDFC7A7797E6}] => (Allow) D:\Games\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{B6507CEF-B904-46E9-903D-18158284EEC9}] => (Allow) D:\Games\Far Cry 2\bin\FC2Launcher.exe
FirewallRules: [{B851260D-037F-438D-80C9-5BA6672053D4}] => (Allow) D:\Games\Far Cry 2\bin\FC2Launcher.exe
FirewallRules: [{A666AA0A-572B-4F58-AD22-350316AE4ED5}] => (Allow) D:\Games\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{19FDBA10-0317-4467-8ACB-82DF40ED6617}] => (Allow) D:\Games\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [TCP Query User{32948E35-7DD7-4E84-B02D-050A8CDB36D6}D:\games\brothers in arms hells highway\brothers in arms - [bleep]'s highway\binaries\biahh.exe] => (Block) D:\games\brothers in arms hells highway\brothers in arms - [bleep]'s highway\binaries\biahh.exe
FirewallRules: [UDP Query User{B1C884CC-DB90-499F-A8E5-CFF7BA6908B3}D:\games\brothers in arms hells highway\brothers in arms - [bleep]'s highway\binaries\biahh.exe] => (Block) D:\games\brothers in arms hells highway\brothers in arms - [bleep]'s highway\binaries\biahh.exe
FirewallRules: [TCP Query User{475F04B8-D301-4834-8739-DDA0440B3E59}D:\games\call of duty waw\codwaw.exe] => (Block) D:\games\call of duty waw\codwaw.exe
FirewallRules: [UDP Query User{62E96D97-FFBC-4954-99EF-45A3824A2084}D:\games\call of duty waw\codwaw.exe] => (Block) D:\games\call of duty waw\codwaw.exe
FirewallRules: [{331045E8-9309-4670-9BF3-6B66B05651B8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{194627BA-3AFC-4E16-9FE9-5D15F52EE31F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{04D51C94-ADA4-45AE-A650-2DFB2CF7E2B1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D520A6BA-EC4F-483E-996E-FFC2BEC4A051}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DF3846CD-A673-4431-BDA7-611FCB8B47D3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AEA19611-DB83-4620-B672-481C13841D3F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{046859B3-990F-45C3-9B2E-894F6BE9848D}] => (Allow) D:\Documents\ACBSP.exe
FirewallRules: [{E13575FE-1BB8-411F-A26A-59005A4CB8C8}] => (Allow) D:\Documents\ACBSP.exe
FirewallRules: [{82C22762-8C3F-4E6F-8F60-E60C4C974E52}] => (Allow) D:\Documents\ACBMP.exe
FirewallRules: [{29D35218-AA5D-4B17-9EDA-7E397943679F}] => (Allow) D:\Documents\ACBMP.exe
FirewallRules: [{0C2CF684-7532-4A9D-A48E-518615A78818}] => (Allow) D:\Documents\AssassinsCreedBrotherhood.exe
FirewallRules: [{72BA57EC-2A44-4C80-B268-6AF63A771263}] => (Allow) D:\Documents\AssassinsCreedBrotherhood.exe
FirewallRules: [{A621EF6F-43D0-4739-A2AD-EB6C8F3DEF41}] => (Allow) D:\Documents\UPlayBrowser.exe
FirewallRules: [{FA70CAF4-9133-408C-810D-14AA565A342C}] => (Allow) D:\Documents\UPlayBrowser.exe
FirewallRules: [TCP Query User{BEF25507-7D9E-40D7-B4F0-5D552B8F65EA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D5660B53-C9B7-4920-B72A-E1727A0C1198}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{45EACA27-07E1-45F8-8616-B84716B70F01}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{CD8C6D47-B7F6-4C22-890B-3C0831F85CAE}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{BFF08CCA-1C7C-47E7-8BCE-F75466759428}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F8545E46-8E7A-447A-B4BB-72A8897B37F7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{8399B61E-6C78-40F9-A4D6-9956FBAE3D40}C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{DA48A223-BBFD-437F-B3CA-7CB2F42243E6}C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{F8C8D864-48B7-41C4-A741-6AC4F064EB78}D:\games\call of duty waw\codwaw.exe] => (Block) D:\games\call of duty waw\codwaw.exe
FirewallRules: [UDP Query User{4B8E62D5-021A-4A5B-B0B7-0A9248E5D4A6}D:\games\call of duty waw\codwaw.exe] => (Block) D:\games\call of duty waw\codwaw.exe
FirewallRules: [TCP Query User{2F9C0E26-23CA-48D5-A9F7-DAFC8B54C791}D:\games\call of duty waw\codwawmp.exe] => (Block) D:\games\call of duty waw\codwawmp.exe
FirewallRules: [UDP Query User{17EEE9CB-CD99-443D-8D3E-91CF6C8BC1CD}D:\games\call of duty waw\codwawmp.exe] => (Block) D:\games\call of duty waw\codwawmp.exe
FirewallRules: [TCP Query User{C3D051D0-3C35-4800-BF53-07A65BD5D00F}C:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe] => (Block) C:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe
FirewallRules: [UDP Query User{2F0380AD-15F6-4335-A92B-44A552B15650}C:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe] => (Block) C:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe
FirewallRules: [TCP Query User{2664E841-64B1-4405-A475-19CE8F874C25}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{139D8F01-73A7-4970-903A-380899775ED5}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{B8EEAB8C-D48D-4B35-B4EE-7337FAA0D35F}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe] => (Block) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe
FirewallRules: [UDP Query User{A8F95BB7-9130-4060-A347-EF789881240C}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe] => (Block) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe
FirewallRules: [TCP Query User{7A997655-0DD2-4AF8-AAA1-D7DCFCBCE624}C:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{8814F03B-8815-4A60-A724-85A452F1D0F6}C:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{A8C11EAC-1118-405C-A960-D8AD53C23B0D}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{749E5B63-0B65-4152-B662-878851B883EE}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{C8F8E190-D711-48B7-911C-21B15F88CCB1}] => (Allow) LPort=80
FirewallRules: [{A10A0EA4-9316-488E-BFAB-C142D0E98B73}] => (Allow) LPort=443
FirewallRules: [{A33F024F-90CD-4191-8382-38E3C3FE7B49}] => (Allow) LPort=20010
FirewallRules: [{B9B5A954-F4E1-40FB-8E6B-D00410407BFD}] => (Allow) LPort=3478
FirewallRules: [{6D8FF2FB-6637-45D1-B940-2BD30CB54994}] => (Allow) LPort=7850
FirewallRules: [{EBB1FB3F-1AEE-48D2-A0BD-C41851A47034}] => (Allow) LPort=27022
FirewallRules: [{6CD1BDAF-B6E7-45CA-8526-D62102934DAE}] => (Allow) LPort=6881
FirewallRules: [{AB5438AC-1F80-46B6-83BC-DB1E0E8710A9}] => (Allow) LPort=33333
FirewallRules: [{EF64B9E2-A337-4F79-BA9B-ED53E130E4DE}] => (Allow) LPort=20443
FirewallRules: [{85D6F364-A395-497F-BCB6-7BB6C2855D76}] => (Allow) LPort=8090
FirewallRules: [{6AD8B2A7-EB99-4B3B-B1CC-FDF4E57DC828}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{688079A3-04DF-4965-94E8-2699EDC8FC06}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{50A2E10A-E79A-4FE1-A856-753775850962}] => (Allow) LPort=4481
FirewallRules: [{92E678A2-3349-4454-A66F-409428B973DD}] => (Allow) LPort=4481
FirewallRules: [{8E81CC05-ABE0-48F3-945F-1B1DD2B830BD}] => (Allow) LPort=4482
FirewallRules: [{A3177FA7-6678-478C-8331-290539BBD96E}] => (Allow) LPort=4482
FirewallRules: [{12B6C0BC-92EC-457E-AE1E-11C1471C2D72}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{794756E2-DAE0-4FB9-90F1-842C960DC2C3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8CAC577B-6208-4620-9A5B-D59F011AC021}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{88AABBDA-B4B6-4BE6-B308-01128A5563B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{318502A1-7680-49C4-81FE-801EE0E45F2B}D:\steam2\steamapps\common\left 4 dead 2\left4dead2.exe] => (Block) D:\steam2\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{DF9A6A48-273B-4801-B064-7473AD32C00B}D:\steam2\steamapps\common\left 4 dead 2\left4dead2.exe] => (Block) D:\steam2\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{5724EE23-CA36-4D63-A095-CE5A768F8AC5}] => (Allow) D:\Steam2\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{D8D0BD66-3799-44A7-9A08-31B1A6F782B9}] => (Allow) D:\Steam2\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{DD698123-B35A-40A2-BE86-110C59F54A60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3D7BDD4E-3629-4A09-82D7-CC7ED3AD5DAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0AE6882D-6F8F-447A-AB52-DB2C0C872419}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{30A72062-4FD1-4784-891B-5A4B653CF348}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0BD5D1D0-8575-4B56-AC87-B1AD54A01ABB}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{84521F64-57BF-4C49-A4EA-665A317D587B}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{81B17FA8-5384-46B6-B5F8-0AFEE632A871}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D004800C-6175-4DD9-A1E8-9356793F4682}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{46D92196-F944-450C-BE90-15C7F124BB37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D4DC36DF-B556-4F81-9B12-5565E98A210E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{90E77640-0A97-4B97-8D8F-436D1F2F48C9}] => (Block) D:\downloads\dayz standalone steam early access cracked 3dm\dayz\dayz.exe
FirewallRules: [{503C4062-427D-43A8-9D24-43FDDB64ABA8}] => (Block) D:\downloads\dayz standalone steam early access cracked 3dm\dayz\dayz.exe
FirewallRules: [{919F9C8E-8CFE-4862-B900-6B397A4CC2AC}] => (Allow) D:\Steam2\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{F421ECEB-C04D-48DA-8B0C-54BC54379192}] => (Allow) D:\Steam2\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{CF56E6A2-A88D-47CD-9C0B-BA01C52B65C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{0D3AFBCC-998E-4734-87D4-9278A297ED21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{657E0DE4-669B-4731-B447-89DCB890B8CB}] => (Allow) D:\Steam2\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{B89F085B-E9E4-4DB6-8B71-E8E8EF83E46D}] => (Allow) D:\Steam2\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{A742B462-0B7F-46AD-91D9-93E5D34136CA}] => (Allow) D:\Steam2\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9D191EB5-8868-4F23-93C4-57B85DA6685D}] => (Allow) D:\Steam2\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9937F884-E143-44DC-8516-CD0C253F2B0C}] => (Allow) D:\Steam2\SteamApps\common\Gotham City Impostors F2P\Impostors.exe
FirewallRules: [{A92ADBD4-959E-48CB-BAF0-8C8A28E13C88}] => (Allow) D:\Steam2\SteamApps\common\Gotham City Impostors F2P\Impostors.exe
FirewallRules: [{1CD57A0A-CBE3-4F9C-A6BB-3630400C1DAE}] => (Allow) D:\Steam2\SteamApps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [{650D0530-67A9-450D-AA0D-9F14C2476848}] => (Allow) D:\Steam2\SteamApps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [{48DE94DA-79C1-414B-A972-F2126EE7B78E}] => (Allow) D:\Steam2\Steam\Steam.exe
FirewallRules: [{915F9305-73F6-47BB-9D53-1C01563F7377}] => (Allow) D:\Steam2\Steam\Steam.exe
FirewallRules: [{685DF530-D94C-4BA8-8628-818EF24E5269}] => (Allow) D:\Steam2\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6FDF0597-C709-430D-B7EC-C2E7C0C5DC46}] => (Allow) D:\Steam2\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C108F9D2-E04C-4616-A954-D70D9F90962B}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AF253F58-969D-4374-AD09-B37C0C0FE614}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CDD8DD40-7035-48EB-9148-8496230A0674}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{251E8A35-B2E3-4CCC-983D-533B67D88A83}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A7772B48-6EAB-49D0-AA5C-07B6848A3F83}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8F840BF1-9F58-4506-AF89-25D65ED62A7B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{41F00837-7A0A-432B-946A-FE77F3A09D11}] => (Allow) D:\Steam2\Steam\bin\steamwebhelper.exe
FirewallRules: [{5F4F7F94-D503-47DF-BB22-0146E44B5FCC}] => (Allow) D:\Steam2\Steam\bin\steamwebhelper.exe
FirewallRules: [{2FDE2D91-9948-4B48-806D-3F1F38B0AA9F}] => (Allow) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5E84DE6C-59B8-4B3A-84BA-E09B266CBBEF}] => (Allow) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{39F4F9ED-01A6-4F91-A598-D4CF7A1B04BB}] => (Allow) D:\Steam2\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{DBBFA142-2DD9-45AD-ADA3-70067F69B8C7}] => (Allow) D:\Steam2\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{5594A889-1A87-4EEA-A4D3-3B63DA8D2A3F}C:\users\admin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\admin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{8A148AD7-71D5-4961-AB10-F80D33D8626B}C:\users\admin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\admin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{78E94B0F-53EE-442B-8A6F-EE6EC69A94AF}] => (Allow) D:\Steam2\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{D3E906CE-93E7-4B2F-9823-5A088782782F}] => (Allow) D:\Steam2\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{1FC21FF6-EADF-4D12-8EB0-96DCF702B180}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{0BD03831-8132-4868-AB71-85939F2166F6}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{344BDF24-BB72-4CE9-9B36-8EEF8C9D7039}] => (Allow) D:\Steam2\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{9FC447FF-CEAA-4A3D-822F-6FB1A62E061C}] => (Allow) D:\Steam2\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [TCP Query User{DD4C7F04-8AF6-4C3E-A939-F1F8325720E0}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{9B9F1522-7349-4B8F-A3DA-4BD903EE63EF}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{46C79ACB-F0F7-43A6-9C99-AD2A90C318F5}] => (Allow) D:\Steam2\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{91052E0C-6266-452C-8770-0D93E895491B}] => (Allow) D:\Steam2\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [TCP Query User{A6B705E7-3C98-461F-9BD4-503403D831D2}D:\steam2\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Block) D:\steam2\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [UDP Query User{21B8C2E6-1DD0-46FD-8A02-51904DDD8149}D:\steam2\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Block) D:\steam2\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{569489B5-8D9B-4409-A57D-6CE0DA0BEA5B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AA687208-51C9-464E-B95A-D371C8A4CC6E}] => (Allow) D:\Steam2\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{5111666B-A3E2-497C-8B87-5548C7EF8C42}] => (Allow) D:\Steam2\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{9EACCA48-2DA3-4CC6-9110-44B8E691DC8A}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{41B076ED-F38B-4923-B604-93F384D03906}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{3B77E6CC-B852-41AE-8378-D109AD317FDB}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{4AC568C7-EDC8-43F1-BF29-F61152CB639C}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{31ED8194-37D8-48CF-B603-95F7DD90092A}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{8755D747-5626-47E2-A51B-313D2BC4F3CC}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{79011089-D04B-4CB6-B6B1-D1B98C26ED02}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{504D474B-8CB8-4D2D-9B50-E522CE5F665F}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{86C4206E-1043-4BB5-A642-2326B6E0FDC4}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{590705ED-BBE0-46A9-B51F-F86B3489B66C}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{0F3B89CC-5FB1-47DE-AE2D-05BDB9CB7F72}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{E59E0393-9D91-4090-A232-D08FB3E81B84}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{386F67AA-7C3C-4524-9B0B-8C11C7452FC8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{3B2D9D9A-36E9-404C-913A-86F61E6EC2FD}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{15E63405-72E9-405D-BA79-FCB2E1E63C36}] => (Allow) D:\Steam2\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{97FA0A4D-E4D4-4CB3-B80B-6B29AE6DE8AE}] => (Allow) D:\Steam2\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{0DCB0E68-24ED-454E-8ED0-791883986AAB}] => (Allow) D:\Steam2\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{776389A4-FC95-4623-83A6-BA4B17B30B08}] => (Allow) D:\Steam2\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [TCP Query User{5A5A4FE1-A8A3-41F4-AE7B-C04C0ABF5D83}D:\steam2\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steam2\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{98BFCEE3-3205-4E91-9F96-79BC960EF9A2}D:\steam2\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steam2\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{39861F71-7258-458B-B934-A7643920187F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{52C0D635-3D86-41D7-BA03-37AF4229EC4A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A80F9BA1-C59F-4945-9B4C-BF50B1753E33}] => (Allow) D:\Steam2\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{458B9C19-E5F0-4076-9649-0B9151AC626A}] => (Allow) D:\Steam2\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{EC5EA284-9EE4-492B-9ED7-C9061E0662B7}] => (Allow) D:\Steam2\Steam\SteamApps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{ABF159A5-70DF-4C97-A331-1ABE5FE75A7B}] => (Allow) D:\Steam2\Steam\SteamApps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{8D0C5387-BF66-4174-9ED8-B3C2A80149DC}] => (Allow) D:\Steam2\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{1E161645-B8D1-4C56-85A6-F1676432D458}] => (Allow) D:\Steam2\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{6DDE4B4E-4BC2-436C-8618-330D04803C3D}] => (Allow) D:\Steam2\Steam\SteamApps\common\Depth\Binaries\Win64\DepthGame.exe
FirewallRules: [{22C0CBBD-F2C4-4471-BBFE-E7EC08B81D30}] => (Allow) D:\Steam2\Steam\SteamApps\common\Depth\Binaries\Win64\DepthGame.exe
FirewallRules: [{4E80F6D2-F5DB-4740-BD89-F7A2310FF4AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B7801BA5-A0BF-45DE-BF67-689065C97664}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{21821CA6-C1B1-4CEE-8D4E-04C35C060DB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{671DE35E-194C-4CF5-9E2E-07E51200F025}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{836E4EA3-847F-46E3-A87D-068DC73B933E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{452C6726-7510-4122-9A00-1CBFDA44D847}] => (Allow) D:\Steam2\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{3C88A6D9-4941-4E11-8C97-CD7E699256C8}] => (Allow) D:\Steam2\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{BECC6CB6-AAF2-46D8-91FA-457AD3B185BB}] => (Allow) D:\Steam2\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{D75ECA0A-BCB1-4C35-9804-43A3ECC09D08}] => (Allow) D:\Steam2\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{5991B975-E483-46D1-BF60-1F7DB6185662}] => (Allow) D:\Steam2\Steam\SteamApps\common\diriptide\DeadIslandGame_x86_rwdi.exe
FirewallRules: [{823FCF61-CC12-482B-8153-2915A914626B}] => (Allow) D:\Steam2\Steam\SteamApps\common\diriptide\DeadIslandGame_x86_rwdi.exe
FirewallRules: [{33E61B26-2880-47E2-9234-82D9A7BBA477}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{39FB5C2C-66F2-4CAD-A213-022BAA19C886}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{40E0FCA9-0D2A-457A-AE11-6CD4E7D72030}] => (Allow) D:\Steam2\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{15A9EC39-DC35-4323-9C80-1AEC5C32BDD1}] => (Allow) D:\Steam2\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{A8981C25-FE56-4518-B2D6-85288C22A4C0}] => (Allow) D:\Steam2\Steam\SteamApps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{C5BCF24D-8784-48EA-B164-49A27C9A7DD5}] => (Allow) D:\Steam2\Steam\SteamApps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{27FF0122-C885-4402-AFA7-4BE09C0481CF}] => (Allow) D:\Steam2\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{2ECF21BA-EED1-48F9-91B2-8EA50343BCA1}] => (Allow) D:\Steam2\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{6CD35076-DFC6-4934-8524-46B7228ED012}] => (Allow) D:\Steam2\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{3D095755-1A42-44FF-AA82-CEE7505CCBD4}] => (Allow) D:\Steam2\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{A834626C-F426-4416-9E31-8FBDF9070000}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{096CB03B-E796-4E68-90ED-FBB2F5D7B311}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7E7BC395-38F0-4417-9A53-78A4DFB2B69C}D:\qbittorrent\qbittorrent.exe] => (Allow) D:\qbittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{47FC76AB-6A75-4C62-B966-55491E61AB2C}D:\qbittorrent\qbittorrent.exe] => (Allow) D:\qbittorrent\qbittorrent.exe
FirewallRules: [{889C8BF7-F420-48A4-B9CB-A05E23153339}] => (Allow) D:\Steam2\Steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{81838B9A-FAE4-4110-A434-761380C00136}] => (Allow) D:\Steam2\Steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{775CD3B7-C42F-4546-BFE7-A736E6EC2D2E}] => (Allow) D:\Steam2\Steam\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{9BC65C0F-5CF3-48AB-92FF-4B69894A7761}] => (Allow) D:\Steam2\Steam\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [TCP Query User{69CA8AC2-3F94-4A01-A39C-2DE08C238F16}D:\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) D:\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [UDP Query User{640FE9E9-BF8C-453B-817D-F5A6FF2F2FCA}D:\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) D:\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [TCP Query User{57C46652-0EB5-40AC-B92A-27590DE29990}D:\desktop\call of duty black ops\blackops.exe] => (Allow) D:\desktop\call of duty black ops\blackops.exe
FirewallRules: [UDP Query User{5717E3E0-57C2-4BCE-A798-80B722A80539}D:\desktop\call of duty black ops\blackops.exe] => (Allow) D:\desktop\call of duty black ops\blackops.exe
FirewallRules: [TCP Query User{6B578936-B66F-4A01-91EA-C6EC1CF3AD63}D:\desktop\call of duty black ops\blackopsmp.exe] => (Block) D:\desktop\call of duty black ops\blackopsmp.exe
FirewallRules: [UDP Query User{BFB9F24C-C0E0-4AF1-A2C0-8BF013F64043}D:\desktop\call of duty black ops\blackopsmp.exe] => (Block) D:\desktop\call of duty black ops\blackopsmp.exe
FirewallRules: [{49EEE417-2B48-42B8-A873-B779631BD08F}] => (Allow) D:\Steam2\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{49793601-C25C-4315-B03D-1D5F34A9AEA3}] => (Allow) D:\Steam2\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{153785A9-87C3-47F7-943B-9F1907540A9C}] => (Allow) D:\Steam2\Steam\SteamApps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{8D3EDD28-7304-479E-802D-016B89FE2943}] => (Allow) D:\Steam2\Steam\SteamApps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{6D444DB0-7F9A-48E8-9727-4657F2B024B9}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{5EA176B7-2835-4F9E-8F68-661E9B497E1D}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [TCP Query User{5A80C7B4-B89A-4850-83ED-5989B6E65C55}D:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{0CECDF39-B596-4CAE-B678-1F069DC089AD}D:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{279BED9E-81C9-438B-9264-CC3B899BAE16}D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{24A7549C-0FEB-477F-9160-6034D09BFD1F}D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{6584BA63-3F26-4978-827D-A20B162418AB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{358D2D50-2F5F-43D9-9AE2-7F8016EDC691}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CDED4F07-99A8-406C-8D22-11E7D7FA388A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7D939B95-3B9C-4AFE-9F17-F8A0E92CEFB1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A9BAD6B8-2DA1-4179-AE4E-4C2DAB4777B2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{945CC728-19D1-4BC6-8CDC-95AA5DD8CCE3}] => (Allow) D:\Steam2\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{01F7AB93-19B8-4990-9380-DCEBB4879B99}] => (Allow) D:\Steam2\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{2B0D3F65-7859-466C-855A-14CD0E7E1B78}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
03-04-2016 13:45:46 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/03/2016 04:55:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Steam.exe, version: 3.38.6.76, time stamp: 0x56fee3fa
Faulting module name: tier0_s.dll, version: 3.38.6.76, time stamp: 0x56fee3b1
Exception code: 0x40000015
Fault offset: 0x0001edee
Faulting process id: 0xf2c
Faulting application start time: 0xSteam.exe0
Faulting application path: Steam.exe1
Faulting module path: Steam.exe2
Report Id: Steam.exe3
 
Error: (04/03/2016 04:48:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/03/2016 04:48:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvBackend.exe, version: 20.14.20.0, time stamp: 0x56af2e28
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7ef6658a
Faulting process id: 0xef8
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3
 
Error: (04/03/2016 04:48:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cmd.exe, version: 6.1.7601.17514, time stamp: 0x33c4ac70
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7efa658a
Faulting process id: 0x10e4
Faulting application start time: 0xcmd.exe0
Faulting application path: cmd.exe1
Faulting module path: cmd.exe2
Report Id: cmd.exe3
 
Error: (04/03/2016 04:44:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Steam.exe, version: 3.38.6.76, time stamp: 0x56fee3fa
Faulting module name: tier0_s.dll, version: 3.38.6.76, time stamp: 0x56fee3b1
Exception code: 0x40000015
Fault offset: 0x0001edee
Faulting process id: 0x1c10
Faulting application start time: 0xSteam.exe0
Faulting application path: Steam.exe1
Faulting module path: Steam.exe2
Report Id: Steam.exe3
 
Error: (04/03/2016 04:41:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Steam.exe, version: 3.38.6.76, time stamp: 0x56fee3fa
Faulting module name: tier0_s.dll, version: 3.38.6.76, time stamp: 0x56fee3b1
Exception code: 0x40000015
Fault offset: 0x0001edee
Faulting process id: 0xc68
Faulting application start time: 0xSteam.exe0
Faulting application path: Steam.exe1
Faulting module path: Steam.exe2
Report Id: Steam.exe3
 
Error: (04/03/2016 04:41:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: steamwebhelper.exe, version: 3.38.6.76, time stamp: 0x56fee3bf
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7ef3658a
Faulting process id: 0x16d4
Faulting application start time: 0xsteamwebhelper.exe0
Faulting application path: steamwebhelper.exe1
Faulting module path: steamwebhelper.exe2
Report Id: steamwebhelper.exe3
 
Error: (04/03/2016 04:41:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvBackend.exe, version: 20.14.20.0, time stamp: 0x56af2e28
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7ef5658a
Faulting process id: 0x17f0
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3
 
Error: (04/03/2016 04:41:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OAWrapper.exe, version: 27.0.0.0, time stamp: 0x56fbc793
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7efa658a
Faulting process id: 0x1c40
Faulting application start time: 0xOAWrapper.exe0
Faulting application path: OAWrapper.exe1
Faulting module path: OAWrapper.exe2
Report Id: OAWrapper.exe3
 
Error: (04/03/2016 04:41:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvOAWrapperCache.exe, version: 27.0.0.0, time stamp: 0x56fbc7a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7efa65d3
Faulting process id: 0x1c24
Faulting application start time: 0xNvOAWrapperCache.exe0
Faulting application path: NvOAWrapperCache.exe1
Faulting module path: NvOAWrapperCache.exe2
Report Id: NvOAWrapperCache.exe3
 
 
System errors:
=============
Error: (04/03/2016 04:58:28 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer HOME
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{388AE378-0085-4B27-AE23-D9066CA92C32}.
The master browser is stopping or an election is being forced.
 
Error: (04/03/2016 01:53:45 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
 
Error: (04/03/2016 01:49:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {682159D9-C321-47CA-B3F1-30E36B2EC8B9}
 
Error: (04/02/2016 12:39:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
 
Error: (04/02/2016 12:24:21 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (04/01/2016 03:22:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Razer Game Scanner service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (04/01/2016 03:18:58 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {682159D9-C321-47CA-B3F1-30E36B2EC8B9}
 
Error: (04/01/2016 03:15:40 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
AFD
CSC
DfsC
discache
NetBIOS
NetBT
nsiproxy
Psched
rdbss
SASDIFSV
SASKUTIL
SCDEmu
spldr
tdx
Wanarpv6
WfpLwf
 
Error: (04/01/2016 03:15:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: 
%%1068
 
Error: (04/01/2016 03:15:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: 
%%1068
 
 
CodeIntegrity:
===================================
  Date: 2016-04-03 16:52:56.062
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-03 16:47:17.222
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-03 14:16:24.093
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-03 13:57:09.687
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-03 13:46:50.054
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-03 13:41:05.222
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-02 14:47:27.761
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-02 12:27:20.832
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-01 15:30:56.577
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-01 15:21:14.823
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 51%
Total physical RAM: 8190.55 MB
Available physical RAM: 3988.15 MB
Total Virtual: 16379.32 MB
Available Virtual: 11602.41 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:97.72 GB) (Free:7.23 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Storage) (Fixed) (Total:800 GB) (Free:238.22 GB) NTFS
Drive e: (G71-VNW1021) (CDROM) (Total:2.55 GB) (Free:0 GB) CDFS
Drive f: (Filip Storage) (Fixed) (Total:298.06 GB) (Free:239.94 GB) NTFS
Drive h: (FARCRY2) (CDROM) (Total:3.67 GB) (Free:0 GB) UDF
Drive i: (BIAHH_PC_EFIS) (CDROM) (Total:6.22 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 00028ACA)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

Edited by filipfilip, 03 April 2016 - 11:26 AM.

  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Did you update Nvidia drivers prior to this ?

I would recommend that you uninstall Hola http://adios-hola.org/

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Run: [**eK**<*>] => C:\Program Files (x86)\Tongbu\tbMobileService.exe /start <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://websearch.swellsearch.info/?pid=3500&r=2015/03/14&hid=7649762504677559751&lg=EN&cc=GB&unqvl=84
URLSearchHook: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000 - (No Name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No File
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=3500&r=2015/03/14&hid=7649762504677559751&lg=EN&cc=GB&unqvl=84
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=3500&r=2015/03/14&hid=7649762504677559751&lg=EN&cc=GB&unqvl=84
SearchScopes: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=M0CB1C089-73A1-41F2-A296-88E520549C3A&SearchSource=58&CUI=&UM=5&UP=SPC820C670-3FA5-454E-BA85-4900C051ECF4&q=UCM_SEARCH_TERM&SSPV=
SearchScopes: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=3500&r=2015/03/14&hid=7649762504677559751&lg=EN&cc=GB&unqvl=84
BHO: TrustMediaViewerV1alpha4147 -> {0a4c5b85-7f94-4e69-9eb1-7c3a7da837ef} -> No File
BHO-x32: Trust Media Viewer -> {0a4c5b85-7f94-4e69-9eb1-7c3a7da837ef} -> No File
BHO-x32: Applon -> {1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} -> No File
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4147\ff => not found
2016-04-03 17:21 - 2015-03-15 21:58 - 00000388 _____ C:\Windows\Tasks\update-sys.job
2016-04-03 16:47 - 2014-01-30 19:06 - 00000362 _____ C:\Windows\Tasks\AmiUpdXp.job
2016-04-03 00:47 - 2015-03-15 21:58 - 00000388 _____ C:\Windows\Tasks\update-S-1-5-21-2055958020-1542119278-3283414598-1000.job
2016-03-16 22:11 - 2014-10-15 21:17 - 00000000 ____D C:\Program Files (x86)\Tongbu
2016-03-16 22:09 - 2014-10-15 21:17 - 00001899 _____ C:\Users\Public\Desktop\Tongbu Assistant.lnk
2015-05-05 17:11 - 2015-05-05 17:11 - 0000000 _____ () C:\Users\Admin\AppData\Local\{B9B500B6-0B82-45F6-8B09-C2BEE666F918}
Task: {72B36F36-68A4-4801-8483-9765CAE566D0} - System32\Tasks\AmiUpdXp => C:\Users\Admin\AppData\Local\23242\a15823.exe [2014-09-22] () <==== ATTENTION
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Admin\AppData\Local\23242\a15823.exe <==== ATTENTION
C:\Users\Admin\AppData\Roaming\newnext.me
C:\Users\Admin\AppData\Local\23242
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#7
filipfilip

filipfilip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

So i successfully downloaded AdwCleaner. After the checking of boxes it began to progress further until it said it was no longer responding. I tried it 3 more times and each time the list of items which were available to be checked went down until there were no more and by that point it said that it wasn't responding straight after.

I am currently trying the "fixlist.txt" process again as it didnt work the first time. 

Thanks for being patient


  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What errors was FRST giving ?

Let me know if you can boot normally after this
  • 0

#9
filipfilip

filipfilip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Sorry for the trouble however my computer is now unresponsive to CTRL+ ALT + DELETE in order to access the start task manager to go onto the internet. I can boot normally but now I am met with a black screen as usual

I have tried to restore my computer to a earlier point where CTRL + ALT + DELETE still worked however it said that there is no restore point found.


Edited by filipfilip, 04 April 2016 - 06:32 AM.

  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you reboot to safe mode please and do the following

In the search box type Msconfig and select the programme that appears at the top

1.In the System Configuration Utility dialog box, click Selective Startup on the General tab.
Cleanboot1.JPG
2.Click to clear the Load Startup Items check box.
NoteThe Use Original Boot.ini check box is unavailable.
3.Click the Services tab.
4.Click to select the Hide All Microsoft Services check box.
cleanboot2.JPG
5.Click Disable All, and then click OK.
6.When you are prompted, click Restart.
7.Go to normal windows
  • 0

Advertisements


#11
filipfilip

filipfilip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

In the search box type Msconfig and select the programme that appears at the top

I apologize however I am slightly confused as I do not have a task bar or any option to go into a search box. All i currently have available is a black screen


  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Is this in safe mode as well ?
  • 0

#13
filipfilip

filipfilip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Yes, no noticeable differences between Safe mode and normal


Edited by filipfilip, 04 April 2016 - 07:59 AM.

  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Download the following three programmes to the desktop of another computer :


1. Rufus

For 64bit systems
2. Windows 7 64bit RC I will PM download link
3. Farbar Recovery Scan Tool x64

Insert the USB stick Then run Rufus
RufusISO.JPG

Select the ISO file on the desktop via the ISO icon.

Press Start Burn

Then copy FRST to the same USB

frstwintoboot.JPG



Insert the USB into the sick computer and start the computer. First ensuring that the system is set to boot from USB
Note: If you are not sure how to do that follow the instructions Here

Windows 7 and Vista screenshots

When you reboot you will see this.
Click repair my computer
RepairVista_7275.jpg

Select your operating system
RepairVista_7277202.jpg

Select Command prompt
RepairVista_7277.jpg

At the command prompt type the following :

notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\frst64.exe or e:\frst.exe dependant on system
and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.
frst.JPG
Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
  • 0

#15
filipfilip

filipfilip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by SYSTEM on MININT-OSKQ7TU (04-04-2016 16:25:24)
Running from f:\
Platform: Windows 7 Ultimate (X64) Language: English (United States)
Internet Explorer Version 10
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NVRaidService] => C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe [291944 2010-04-08] (NVIDIA Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [SoundMax] => C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [3895296 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe --silent
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-03-22] (LogMeIn Inc.)
HKLM\...\RunOnce: [*EmptyTemp] => cmd /c rd /q/s C:\FRST\Temp
HKLM\...26dfa299cadb\InprocServer32: [Authentication UI Logon UI] authuitu.dll <==== ATTENTION
HKU\Admin\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINFE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\Admin\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINFE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\Admin\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23260000 2016-02-24] (Google)
HKU\Admin\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [455168 2009-07-13] (Microsoft Corporation)
HKU\Admin\...\Run: [GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136 2016-03-26] (Google Inc.)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-19]
ShortcutTarget: Dropbox.lnk ->  (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
S2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [139264 2009-06-05] (Andrea Electronics Corporation)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1141248 2015-06-10] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-01-05] (BitRaider, LLC)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.)
S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
S2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-14] (SEIKO EPSON CORPORATION)
S2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-10] ()
S3 GalaxyClientService; D:\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-31] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6952504 2015-10-31] (GOG.com)
S2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [23504 2014-12-25] (Micro-Star Int'l Co., Ltd.)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-29] (NVIDIA Corporation)
S2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios)
S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-03-22] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
S2 MF NTFS Monitor; C:\Users\Admin\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe [456176 2015-04-23] ()
S2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1736872 2015-04-29] (Micro-Star INT'L CO., LTD.)
S2 NitroDriverReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [324928 2010-02-02] (Nitro PDF Software)
S2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] ()
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-29] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-29] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-29] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2104840 2016-01-18] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-12] ()
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607048 2012-11-09] (TuneUp Software)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1353544 2009-10-29] (TuneUp Software)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 celavimushost; "C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows ® Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S2 mfmonitor; C:\Windows\System32\DRIVERS\mfmonitor_x64.sys [20696 2015-04-23] (Windows ® Win 7 DDK provider)
S3 MSICDSetup; E:\CDriver64.sys [28984 2009-08-10] (Your Corporation)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-28] ()
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_C; E:\NTIOLib_X64.sys [11888 2011-06-28] (MSI)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc)
S2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
S2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2009-10-13] (TuneUp Software)
S5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 SUNSTREAKER; system32\DRIVERS\Sunstreaker.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-03 11:37 - 2016-04-03 11:54 - 00000000 ____D C:\AdwCleaner
2016-04-03 11:16 - 2016-03-21 12:01 - 00109632 _____ (NVIDIA Corporation) C:\Windows\System32\nvaudcap64v.dll
2016-04-03 11:16 - 2016-03-21 12:01 - 00100416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-04-03 11:16 - 2016-03-21 12:01 - 00056384 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys
2016-04-03 09:04 - 2016-04-04 16:25 - 00000000 ____D C:\FRST
2016-04-03 04:49 - 2016-04-03 04:50 - 00000000 ____D C:\Users\Admin\AppData\Local\AvgSetupLog
2016-04-03 04:49 - 2016-04-03 04:49 - 00000000 ____D C:\Users\Admin\AppData\Local\Avg
2016-04-03 04:49 - 2016-04-03 04:49 - 00000000 ____D C:\ProgramData\Avg
2016-04-03 04:49 - 2016-04-03 04:49 - 00000000 ____D C:\Program Files (x86)\AVG
2016-03-30 04:21 - 2016-03-30 04:21 - 00000209 _____ C:\Users\Admin\Desktop\Orcs Must Die! Unchained.url
2016-03-23 09:41 - 2016-03-23 09:41 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-03-09 11:39 - 2016-02-12 10:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2016-03-09 11:39 - 2016-02-12 10:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2016-03-09 11:39 - 2016-02-12 10:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2016-03-09 11:39 - 2016-02-12 10:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2016-03-09 11:39 - 2016-02-12 10:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 11:39 - 2016-02-12 10:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2016-03-09 11:39 - 2016-02-12 10:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2016-03-09 11:39 - 2016-02-12 10:18 - 00167936 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2016-03-09 11:39 - 2016-02-12 10:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2016-03-09 11:39 - 2016-02-12 10:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2016-03-09 11:39 - 2016-02-12 10:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2016-03-09 11:39 - 2016-02-12 10:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\wu.upgrade.ps.dll
2016-03-09 11:39 - 2016-02-12 10:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 11:39 - 2016-02-12 10:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 11:39 - 2016-02-12 10:05 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 11:39 - 2016-02-12 10:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 11:39 - 2016-02-11 10:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2016-03-09 11:39 - 2016-02-11 10:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2016-03-09 11:39 - 2016-02-11 10:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2016-03-09 11:39 - 2016-02-11 10:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2016-03-09 11:39 - 2016-02-11 10:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2016-03-09 11:39 - 2016-02-11 10:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2016-03-09 11:39 - 2016-02-11 10:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2016-03-09 11:39 - 2016-02-11 10:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2016-03-09 11:39 - 2016-02-11 10:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2016-03-09 11:39 - 2016-02-11 10:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2016-03-09 11:39 - 2016-02-11 10:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2016-03-09 11:39 - 2016-02-11 10:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2016-03-09 11:39 - 2016-02-11 10:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2016-03-09 11:39 - 2016-02-11 10:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2016-03-09 11:39 - 2016-02-11 10:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2016-03-09 11:39 - 2016-02-11 10:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2016-03-09 11:39 - 2016-02-11 10:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2016-03-09 11:39 - 2016-02-11 10:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2016-03-09 11:39 - 2016-02-11 10:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2016-03-09 11:39 - 2016-02-11 10:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2016-03-09 11:39 - 2016-02-11 10:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2016-03-09 11:39 - 2016-02-11 10:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2016-03-09 11:39 - 2016-02-11 10:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 11:39 - 2016-02-11 10:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 11:39 - 2016-02-11 10:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2016-03-09 11:39 - 2016-02-11 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2016-03-09 11:39 - 2016-02-11 10:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2016-03-09 11:39 - 2016-02-11 10:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2016-03-09 11:39 - 2016-02-11 10:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2016-03-09 11:39 - 2016-02-11 10:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll
2016-03-09 11:39 - 2016-02-11 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 11:39 - 2016-02-11 10:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 11:39 - 2016-02-11 10:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 11:39 - 2016-02-11 10:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 11:39 - 2016-02-11 10:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 11:39 - 2016-02-11 10:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 11:39 - 2016-02-11 10:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 11:39 - 2016-02-11 10:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 11:39 - 2016-02-11 10:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 11:39 - 2016-02-11 10:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 11:39 - 2016-02-11 10:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 11:39 - 2016-02-11 10:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 11:39 - 2016-02-11 10:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 11:39 - 2016-02-11 10:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 11:39 - 2016-02-11 10:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 11:39 - 2016-02-11 10:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 09:48 - 00091648 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2016-03-09 11:39 - 2016-02-11 09:43 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 11:39 - 2016-02-11 09:41 - 00366080 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2016-03-09 11:39 - 2016-02-11 09:40 - 00324608 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2016-03-09 11:39 - 2016-02-11 09:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2016-03-09 11:39 - 2016-02-11 09:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2016-03-09 11:39 - 2016-02-11 09:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2016-03-09 11:39 - 2016-02-11 09:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2016-03-09 11:39 - 2016-02-11 09:32 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 11:39 - 2016-02-11 09:32 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 11:39 - 2016-02-11 09:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2016-03-09 11:39 - 2016-02-11 09:32 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 11:39 - 2016-02-11 09:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 11:39 - 2016-02-11 09:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 11:39 - 2016-02-11 09:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 09:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 09:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 11:39 - 2016-02-11 09:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 11:39 - 2016-02-09 01:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2016-03-09 11:39 - 2016-02-09 01:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2016-03-09 11:39 - 2016-02-09 01:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
2016-03-09 11:39 - 2016-02-09 01:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
2016-03-09 11:39 - 2016-02-09 01:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\seclogon.dll
2016-03-09 11:39 - 2016-02-09 01:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\System32\spwmp.dll
2016-03-09 11:39 - 2016-02-09 01:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 11:39 - 2016-02-09 01:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 11:39 - 2016-02-09 01:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 11:39 - 2016-02-09 01:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 11:39 - 2016-02-09 01:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 11:39 - 2016-02-05 10:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2016-03-09 11:39 - 2016-02-05 10:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2016-03-09 11:39 - 2016-02-05 10:53 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2016-03-09 11:39 - 2016-02-05 10:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2016-03-09 11:39 - 2016-02-05 10:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 11:39 - 2016-02-05 10:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 11:39 - 2016-02-05 10:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 11:39 - 2016-02-05 09:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2016-03-09 11:39 - 2016-02-05 09:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 11:39 - 2016-02-05 09:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 11:39 - 2016-02-04 17:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\System32\mfds.dll
2016-03-09 11:39 - 2016-02-04 10:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 11:39 - 2016-02-04 09:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2016-03-09 11:39 - 2016-02-03 10:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2016-03-09 11:39 - 2016-02-03 10:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\asycfilt.dll
2016-03-09 11:39 - 2016-02-03 10:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 11:39 - 2016-02-03 10:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 11:39 - 2016-02-03 10:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-04 07:10 - 2016-01-04 04:26 - 03451086 _____ C:\Windows\ntbtlog.txt
2016-04-04 07:10 - 2015-05-31 12:38 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-04 03:33 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-03 15:00 - 2012-12-12 10:30 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-03 14:56 - 2015-05-20 10:55 - 00000911 _____ C:\Windows\Tasks\EPSON XP-225 Series Update {5BF11956-C7BD-477A-BA44-9CF28160D1CA}.job
2016-04-03 14:53 - 2015-06-17 06:41 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2055958020-1542119278-3283414598-1000UA.job
2016-04-03 14:49 - 2015-05-20 08:48 - 00000911 _____ C:\Windows\Tasks\EPSON XP-225 Series Update {080F73AB-460F-450F-9325-C292070A702C}.job
2016-04-03 11:54 - 2015-12-25 05:48 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-04-03 11:45 - 2012-11-08 10:33 - 00000000 ____D C:\users\Admin
2016-04-03 11:45 - 2009-07-13 20:45 - 00016640 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-03 11:45 - 2009-07-13 20:45 - 00016640 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-03 11:40 - 2015-02-04 07:47 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-03 11:32 - 2015-02-04 07:47 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-03 11:29 - 2014-05-30 14:12 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2016-04-03 11:28 - 2013-01-26 12:03 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Temp
2016-04-03 11:17 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2016-04-03 11:16 - 2015-05-31 12:19 - 00001383 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-04-03 06:53 - 2015-06-17 06:41 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2055958020-1542119278-3283414598-1000Core.job
2016-04-01 15:25 - 2012-11-11 10:51 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2016-03-30 15:53 - 2012-11-10 04:09 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-30 15:53 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2016-03-30 12:41 - 2015-11-29 07:37 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-29 17:06 - 2015-05-31 12:18 - 01373680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-03-29 17:06 - 2015-05-31 12:18 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-03-29 17:05 - 2015-12-23 11:45 - 00112216 _____ C:\Windows\System32\NvRtmpStreamer64.dll
2016-03-29 17:05 - 2015-05-31 12:18 - 01767248 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll
2016-03-29 17:05 - 2015-05-31 12:18 - 01756424 _____ (NVIDIA Corporation) C:\Windows\System32\nvspbridge64.dll
2016-03-29 16:13 - 2015-05-31 12:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-29 07:43 - 2015-11-13 14:22 - 00000000 ____D C:\Users\Admin\AppData\Roaming\qBittorrent
2016-03-29 07:18 - 2012-12-25 06:47 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2016-03-29 05:07 - 2009-07-13 21:13 - 00786474 _____ C:\Windows\System32\PerfStringBackup.INI
2016-03-29 05:04 - 2014-09-02 13:17 - 00000000 ___RD C:\Users\Admin\Dropbox
2016-03-29 05:04 - 2014-09-02 13:13 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Dropbox
2016-03-28 15:22 - 2015-11-28 12:25 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2016-03-27 11:26 - 2015-05-31 12:23 - 00000000 ____D C:\Users\Admin\AppData\Local\NVIDIA Corporation
2016-03-27 11:26 - 2015-05-31 12:22 - 00000000 ____D C:\Users\Admin\AppData\Local\NVIDIA
2016-03-27 11:26 - 2012-12-11 12:18 - 00000000 ____D C:\Users\Admin\AppData\Local\Deployment
2016-03-24 12:59 - 2012-12-12 10:30 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-24 12:59 - 2012-12-12 10:30 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-24 12:59 - 2012-12-12 10:30 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-23 09:41 - 2015-01-16 10:04 - 00000928 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-03-22 08:20 - 2013-05-22 08:27 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\System32\hamachi.sys
2016-03-18 15:59 - 2015-01-24 03:47 - 10610600 ____H C:\Users\Admin\AppData\Local\IconCache.db.backup
2016-03-12 07:42 - 2015-11-29 05:44 - 00002044 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-03-12 07:42 - 2015-11-29 05:44 - 00002042 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-03-12 07:42 - 2015-11-29 05:44 - 00002032 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-03-10 07:43 - 2009-07-13 21:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-03-10 07:42 - 2009-07-13 20:45 - 00412864 _____ C:\Windows\System32\FNTCACHE.DAT
2016-03-05 13:19 - 2016-01-10 05:32 - 00002164 _____ C:\Users\Admin\Desktop\Discord.lnk
2016-03-05 13:19 - 2016-01-10 05:31 - 00000000 ____D C:\Users\Admin\AppData\Local\Discord
2016-03-05 13:18 - 2016-01-10 05:31 - 00000000 ____D C:\Users\Admin\AppData\Local\SquirrelTemp
 
Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\libeay32.dll
C:\Users\Admin\AppData\Local\Temp\msvcr120.dll
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
 
 
==================== Known DLLs (Whitelisted) =========================
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe
[2015-07-07 08:04] - [2011-01-15 16:01] - 0389632 ____A (Microsoft Corporation) 81257415084B84F3C0D95C381A8D4C8F
 
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe
[2009-07-13 15:36] - [2009-07-13 17:14] - 0123904 ____A (Microsoft Corporation) 59B5741BCAA262B6C1D5D80650DC22A8
 
C:\Windows\explorer.exe
[2012-06-15 12:27] - [2012-06-15 12:27] - 2899456 ____A (Microsoft Corporation) 8453CA1A6EDD468A5E421D0D829B574F
 
C:\Windows\SysWOW64\explorer.exe
[2012-06-15 12:27] - [2012-06-15 12:27] - 2643968 ____A (Microsoft Corporation) 962AA36EE2D3B9C2106AEFE342345736
 
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe
[2009-07-13 15:19] - [2009-07-13 17:14] - 0048640 ____A (Microsoft Corporation) 76E8396E7E467033A70A07D642B51EC4
 
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2015-12-09 08:25] - [2011-01-15 16:01] - 1008640 ____A (Microsoft Corporation) 0B864E15A0BADFF0E7BB8B59009FDDCF
 
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe
[2010-11-20 19:24] - [2010-11-20 19:24] - 0058368 ____A (Microsoft Corporation) 26F9F8507BBA7DBBE5002B50167BF4FF
 
C:\Windows\SysWOW64\userinit.exe
[2010-11-20 19:23] - [2010-11-20 19:23] - 0054272 ____A (Microsoft Corporation) C48AD6953C06D9F0F8FD1ADFC1B36C95
 
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE Association (Whitelisted) =============
 
 
==================== Restore Points =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 10%
Total physical RAM: 8190.55 MB
Available physical RAM: 7350.06 MB
Total Virtual: 8188.7 MB
Available Virtual: 7341.67 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:97.72 GB) (Free:13.86 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Storage) (Fixed) (Total:800 GB) (Free:248.21 GB) NTFS
Drive e: (G71-VNW1021) (CDROM) (Total:2.55 GB) (Free:0 GB) CDFS
Drive f: (Repair disc Windows 7 64-bit) (Removable) (Total:28.92 GB) (Free:28.63 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 89F089F0)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=833.8 GB) - (Type=05)
 
========================================================
Disk: 1 (Size: 28.9 GB) (Disk ID: 00B21DB0)
Partition 1: (Active) - (Size=28.9 GB) - (Type=07 NTFS)
 
 
LastRegBack: 2016-03-19 05:27
 
==================== End of FRST.txt ============================

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP