Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Sluggish Computer, Long wait times, and Ctrl Alt Del [Closed]


  • This topic is locked This topic is locked

#1
RJ7887

RJ7887

    Member

  • Member
  • PipPip
  • 96 posts

Good Afternoon and thank you for having this medium,

 

Over the past few months, I've noticed the speed of my computer slowing down a bit. Web browsers are having major issues loading or maintaining some webpages. Firefox had so much trouble with Flash I had to use Chrome. But that also seems to have very similar issues.

I get errors when installing programs that previously I had no issue.

I run virus scanners and they sometimes find items, but nothing ever changes with my computers performance.

I was just hoping you could review my log and see if there is anything suspicious or out of place.

The Ctrl-Alt-Del comment is because I have to use that constantly when browsers freeze or some program gets hung up.

Thank you for your time!

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
Ran by OakRaid (administrator) on OAKRAID-PC (27-07-2016 16:51:18)
Running from C:\Users\OakRaid\Desktop
Loaded Profiles: OakRaid & UpdatusUser (Available Profiles: OakRaid & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\ScanToPCActivationApp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\HPNetworkCommunicatorCom.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Windows ® Win 7 DDK provider) C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11075176 2010-07-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392360 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [92968 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe
HKLM-x32\...\Run: [FLxHCIm] => C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe [37888 2010-11-19] (Windows ® Win 7 DDK provider)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2162760 2016-07-22] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6723856 2016-07-22] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-07-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3168688734-29480005-1135947682-1001\...\Run: [HP OfficeJet Pro 8710 (NET)] => C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\ScanToPCActivationApp.exe [3736584 2015-08-31] (HP Inc.)
HKU\S-1-5-21-3168688734-29480005-1135947682-1001\...\MountPoints2: {2077134a-4e24-11e2-b679-806e6f6e6963} - E:\InstAll.exe
HKU\S-1-5-21-3168688734-29480005-1135947682-1001\...\MountPoints2: {4e6d8bc7-74da-11e4-9ede-74f06dcd5b14} - H:\LG_PC_Programs.exe
HKU\S-1-5-21-3168688734-29480005-1135947682-1001\...\MountPoints2: {6986ccf7-509f-11e2-8f3b-74f06dcd5b14} - I:\autorun.exe
HKU\S-1-5-21-3168688734-29480005-1135947682-1001\...\MountPoints2: {710ff596-2ae8-11e4-9ee6-74f06dcd5b14} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3168688734-29480005-1135947682-1001\...\MountPoints2: {d7ab8907-7994-11e2-ab67-bcaec52f7ba4} - "K:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-09-19] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5636242D-EC1B-4D05-9F9A-12CAEC61EB42}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{91B0CD0B-985C-4A3E-A163-A9E62B88865D}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3168688734-29480005-1135947682-1001 -> {7AE39A4F-C1DB-4668-B608-159A661BA52A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-23] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-06-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-23] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.2.18\AVG Web TuneUp.dll [2016-07-22] (AVG)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-06-14] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3168688734-29480005-1135947682-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\OakRaid\AppData\Roaming\Mozilla\Firefox\Profiles\s860ba18.default-1432103946758
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.2\\npsitesafety.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-07] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-05-19] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-05-19] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3168688734-29480005-1135947682-1001: @citrixonline.com/appdetectorplugin -> C:\Users\OakRaid\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-07-15] (Citrix Online)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-07-22]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: No Name - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-01-13] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-02-25] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-04-23] [not signed]
FF HKU\S-1-5-21-3168688734-29480005-1135947682-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-3168688734-29480005-1135947682-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [not signed]

Chrome:
=======
CHR Profile: C:\Users\OakRaid\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\OakRaid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-16]
CHR Extension: (Google Docs) - C:\Users\OakRaid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-16]
CHR Extension: (Google Drive) - C:\Users\OakRaid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-16]
CHR Extension: (YouTube) - C:\Users\OakRaid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-16]
CHR Extension: (Google Sheets) - C:\Users\OakRaid\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-16]
CHR Extension: (Google Docs Offline) - C:\Users\OakRaid\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\OakRaid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\OakRaid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-16]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [637944 2016-07-22] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5251808 2016-07-22] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1097488 2016-07-20] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [712792 2016-07-22] (AVG Technologies CZ, s.r.o.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3189488 2016-07-02] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-12-24] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-12-24] (Creative Labs) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; D:\Programs\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 vToolbarUpdater40.3.2; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe [1309768 2016-07-22] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [976456 2016-07-22] ()
S3 WMZuneComm; F:\Programs\WMZuneComm.exe [X]
S3 ZuneNetworkSvc; F:\Programs\ZuneNss.exe [X]
S3 ZuneWlanCfgSvc; F:\Programs\ZuneWlanCfgSvc.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 AndNetDiag2; C:\Windows\System32\DRIVERS\lgandnetdiag264.sys [29696 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-06-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [261376 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [249088 2016-06-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [280320 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [76544 2016-06-01] (AVG Technologies CZ, s.r.o.)
S3 CMUSBDAC; C:\Windows\System32\DRIVERS\CMUSBDAC.sys [358400 2013-05-09] (C-Media Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-27] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [49664 2010-11-19] (Fresco Logic)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [73552 2012-11-29] (Dataram, Inc.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-03-26] ()
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()
S3 ALSysIO; \??\G:\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-27 16:51 - 2016-07-27 16:51 - 00027008 _____ C:\Users\OakRaid\Desktop\FRST.txt
2016-07-27 16:49 - 2016-07-27 16:50 - 02394112 _____ (Farbar) C:\Users\OakRaid\Desktop\FRST64.exe
2016-07-27 16:47 - 2016-07-27 16:51 - 00000000 ____D C:\FRST
2016-07-27 16:29 - 2016-07-27 16:29 - 00000556 _____ C:\BnetLog.txt
2016-07-27 16:24 - 2016-07-27 16:24 - 00000711 _____ C:\Users\Public\Desktop\StarCraft - Brood War.lnk
2016-07-27 10:20 - 2016-07-27 10:20 - 00000000 ____D C:\Users\OakRaid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2016-07-26 22:29 - 2016-07-26 22:29 - 00000752 _____ C:\Users\Public\Desktop\mca64Launcher 2.0.0.121.lnk
2016-07-25 20:49 - 2016-07-27 16:20 - 00000570 _____ C:\Windows\Tasks\AVG-SSU_0816tb.job
2016-07-25 20:49 - 2016-07-25 20:49 - 00002866 _____ C:\Windows\System32\Tasks\AVG-SSU_0816tb
2016-07-19 13:48 - 2016-07-19 13:48 - 00000000 ____D C:\Windows\EOONotify
2016-07-13 20:36 - 2016-07-13 20:36 - 00000757 _____ C:\Users\OakRaid\Desktop\SimCity.lnk
2016-07-13 20:36 - 2016-07-13 20:36 - 00000000 ____D C:\Users\OakRaid\AppData\Roaming\SimCity
2016-07-13 12:16 - 2016-06-10 23:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-13 12:16 - 2016-06-10 21:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-13 12:16 - 2016-06-10 14:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-13 12:16 - 2016-06-10 14:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-07-13 12:16 - 2016-06-10 14:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-07-13 12:16 - 2016-06-10 14:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-13 12:16 - 2016-06-10 14:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-07-13 12:16 - 2016-06-10 14:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-13 12:16 - 2016-06-10 14:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-07-13 12:16 - 2016-06-10 14:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-13 12:16 - 2016-06-10 14:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-13 12:16 - 2016-06-10 14:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-07-13 12:16 - 2016-06-10 14:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-13 12:16 - 2016-06-10 14:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-13 12:16 - 2016-06-10 14:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-13 12:16 - 2016-06-10 14:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-07-13 12:16 - 2016-06-10 14:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-13 12:16 - 2016-06-10 14:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-07-13 12:16 - 2016-06-10 13:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-13 12:16 - 2016-06-10 13:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-13 12:16 - 2016-06-10 13:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-13 12:16 - 2016-06-10 13:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-13 12:16 - 2016-06-10 13:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-07-13 12:16 - 2016-06-10 13:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-07-13 12:16 - 2016-06-10 13:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-13 12:16 - 2016-06-10 13:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-13 12:16 - 2016-06-10 13:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-07-13 12:16 - 2016-06-10 13:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-13 12:16 - 2016-06-10 13:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-13 12:16 - 2016-06-10 13:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-13 12:16 - 2016-06-10 13:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-07-13 12:16 - 2016-06-10 13:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-13 12:16 - 2016-06-10 12:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-13 12:16 - 2016-06-10 12:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-13 12:16 - 2016-06-10 12:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-13 12:16 - 2016-06-10 12:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-13 12:16 - 2016-06-10 12:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-13 12:16 - 2016-06-10 11:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-07-13 12:16 - 2016-06-10 11:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-13 12:16 - 2016-06-10 11:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-13 12:16 - 2016-06-10 11:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-07-13 12:16 - 2016-06-10 11:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-13 12:16 - 2016-06-10 11:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-13 12:16 - 2016-06-10 11:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-13 12:16 - 2016-06-10 11:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-07-13 12:16 - 2016-06-10 11:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-13 12:16 - 2016-06-10 11:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-13 12:16 - 2016-06-10 11:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-13 12:16 - 2016-06-10 11:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-07-13 12:16 - 2016-06-10 11:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-13 12:16 - 2016-06-10 11:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-13 12:16 - 2016-06-10 11:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-07-13 12:16 - 2016-06-10 11:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-07-13 12:16 - 2016-06-10 11:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-07-13 12:16 - 2016-06-10 11:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-13 12:16 - 2016-06-10 11:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-13 12:16 - 2016-06-10 11:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-07-13 12:16 - 2016-06-10 11:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-13 12:16 - 2016-06-10 11:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-13 12:16 - 2016-06-10 11:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-13 12:16 - 2016-06-10 11:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-13 12:16 - 2016-06-10 11:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-07-13 12:16 - 2016-06-10 10:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-13 12:16 - 2016-06-10 10:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-13 12:16 - 2016-06-10 10:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-13 12:16 - 2016-06-10 10:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-13 12:15 - 2016-06-25 17:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-13 12:15 - 2016-06-25 17:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-13 12:15 - 2016-06-25 17:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-13 12:15 - 2016-06-25 17:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-13 12:15 - 2016-06-25 17:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-13 12:15 - 2016-06-25 17:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-13 12:15 - 2016-06-25 17:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-07-13 12:15 - 2016-06-25 12:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-07-13 12:15 - 2016-06-25 12:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-13 12:15 - 2016-06-25 12:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-13 12:15 - 2016-06-25 12:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-07-13 12:15 - 2016-06-25 12:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-07-13 12:15 - 2016-06-22 06:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-13 12:15 - 2016-06-17 11:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-13 12:15 - 2016-06-17 11:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-13 12:15 - 2016-06-17 11:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-13 12:15 - 2016-06-17 11:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-13 12:15 - 2016-06-17 11:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-13 12:15 - 2016-06-17 11:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-13 12:15 - 2016-06-14 08:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-29 20:27 - 2016-06-29 20:27 - 00269960 _____ (원순철) C:\Users\OakRaid\Downloads\wLauncherSetup2.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-27 16:28 - 2009-07-13 21:45 - 00018928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-27 16:28 - 2009-07-13 21:45 - 00018928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-27 16:25 - 2009-07-13 22:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-27 16:25 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\inf
2016-07-27 16:21 - 2012-12-24 20:01 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2016-07-27 16:20 - 2016-06-11 17:16 - 00000570 _____ C:\Windows\Tasks\AVG-SSU_0616tb.job
2016-07-27 16:20 - 2016-04-24 13:12 - 00000570 _____ C:\Windows\Tasks\AVG-SSU_0516tb.job
2016-07-27 16:20 - 2013-01-09 23:47 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-27 16:20 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-27 16:16 - 2013-01-09 23:47 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-27 15:56 - 2015-04-30 19:08 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-27 00:44 - 2015-12-08 09:03 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2016-07-26 20:15 - 2012-12-24 21:03 - 00000000 ____D C:\Users\OakRaid\AppData\Roaming\vlc
2016-07-25 09:58 - 2015-04-07 19:14 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-07-23 22:40 - 2015-10-04 11:11 - 00000000 ____D C:\Program Files\Java
2016-07-23 22:40 - 2015-08-30 12:02 - 00000000 ____D C:\Users\OakRaid\.oracle_jre_usage
2016-07-23 22:39 - 2015-10-04 11:12 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-07-22 15:52 - 2015-06-11 21:03 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2016-07-20 13:21 - 2014-04-10 16:38 - 00000000 ____D C:\Program Files (x86)\WindowAdvertisement
2016-07-19 13:48 - 2015-04-27 22:53 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-19 13:48 - 2015-04-27 22:53 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-14 19:56 - 2015-04-30 19:08 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 19:56 - 2012-12-24 20:25 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 19:56 - 2012-12-24 20:25 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-14 10:05 - 2015-04-27 22:53 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-14 10:05 - 2009-07-14 00:45 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-14 10:05 - 2009-07-13 21:45 - 05057808 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-14 01:27 - 2015-04-27 21:37 - 00000000 ____D C:\Windows\system32\MRT
2016-07-14 01:22 - 2013-09-17 21:23 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-13 20:28 - 2015-04-05 22:10 - 00000000 ____D C:\Users\OakRaid\AppData\Roaming\qBittorrent
2016-07-13 13:34 - 2014-12-24 14:43 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-12 16:56 - 2012-12-24 20:25 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-12 16:56 - 2012-12-24 19:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-06-29 17:13 - 2015-06-24 23:20 - 00000000 _____ C:\Users\OakRaid\Desktop\BnetLog.txt

==================== Files in the root of some directories =======

2014-03-18 22:56 - 2014-03-21 16:42 - 0008704 _____ () C:\Users\OakRaid\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-18 20:07 - 2016-04-18 20:07 - 0005409 _____ () C:\Users\OakRaid\AppData\Local\recently-used.xbel
2016-06-24 12:06 - 2016-06-24 12:06 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-02-25 16:07 - 2014-03-06 15:55 - 0001155 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-01-09 01:34

==================== End of FRST.txt ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2016
Ran by OakRaid (2016-07-27 16:51:36)
Running from C:\Users\OakRaid\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-12-24 23:51:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3168688734-29480005-1135947682-500 - Administrator - Disabled)
Guest (S-1-5-21-3168688734-29480005-1135947682-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3168688734-29480005-1135947682-1005 - Limited - Enabled)
OakRaid (S-1-5-21-3168688734-29480005-1135947682-1001 - Administrator - Enabled) => C:\Users\OakRaid
UpdatusUser (S-1-5-21-3168688734-29480005-1135947682-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.6 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.42 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.20 - asus)
Asus_G73_Screensaver (HKLM-x32\...\Asus_G73_Screensaver) (Version: 1.0.0001 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0007 - ASUS)
AVG (HKLM\...\AvgZen) (Version: 1.81.2.29057 - AVG Technologies)
AVG (Version: 16.91.7690 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4627 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.91.7690 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.2.18 - AVG Technologies)
AVG Zen (Version: 1.81.13 - AVG Technologies) Hidden
Brother MFL-Pro Suite MFC-7860DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4400 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{3E7E6F1E-7376-475A-8BC9-E3126B20CF5F}) (Version: 1.0.198 - Citrix)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Core Temp 1.0 RC4 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fallout (HKLM-x32\...\1_is1) (Version: 2.1.0.18 - GOG.com)
FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden
Fresco Logic USB3.0 Host Controller (HKLM\...\{45C1C61B-9DA9-4B61-8C89-C76B1746C3AA}) (Version: 3.0.110.12 - Fresco Logic Inc.)
Geeks3D.com FurMark 1.10.3 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D.com)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HellBlazers Teamer Map (HKLM-x32\...\{D510F884-6445-4591-A41A-7C1E7AA0419B}) (Version: 3.0.0 - HellBlazer)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{3E261474-8DF2-463B-984E-0B6396F58D1C}) (Version: 36.0.39.57346 - HP)
HP Google Drive Plugin (HKLM-x32\...\{9469285B-AB76-434A-8533-2EE643318F2E}) (Version: 36.0.39.57346 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP OfficeJet Pro 8710 Basic Device Software (HKLM\...\{FD93EB2A-3768-4B16-BDDF-3E2F5667A0A0}) (Version: 38.1.1881.57490 - HP Inc.)
HP OfficeJet Pro 8710 Help (HKLM-x32\...\{92B8A892-1D92-407A-BF5E-26DCE71B9B12}) (Version: 38.0.0 - HP)
HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{093C645A-294E-41E4-904C-DDF13DC47A27}) (Version: 12.3.6.12 - HP)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.400.4 - Intel)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
mca64Launcher 2.0.0.121 (HKLM-x32\...\mca64Launcher 2.0.0.121) (Version: 2.0.0.121 - mca64)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4841.1002 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3168688734-29480005-1135947682-1001\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Movie Rotator version 2.0.1 (HKLM-x32\...\{1D2DBEF4-FF54-4E64-971E-8EE1E9585BB6}_is1) (Version: 2.0.1 - Chris Pearce)
Mozilla Firefox 47.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MusicBee 2.5 (HKLM-x32\...\MusicBee) (Version: 2.5 - Steven Mayall)
NQ Map v10 (HKLM-x32\...\{0742DE72-4DDA-454F-9203-28EE071CBB62}) (Version: 10.0.0 - HellBlazer)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA 3D Vision Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.6114 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PerformanceTest v7.0 (64-bit) (HKLM\...\PerformanceTest 7_is1) (Version: 7.0 - Passmark Software)
Product Improvement Study for HP OfficeJet Pro 8710 (HKLM\...\{61812F25-2589-498B-AED9-40CBC641247E}) (Version: 38.1.1881.57490 - HP Inc.)
PS_AIO_03_C4400_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
qBittorrent 3.2.3 (HKLM-x32\...\qBittorrent) (Version: 3.2.3 - The qBittorrent project)
RAMDisk (HKLM-x32\...\{51682D1A-7FFF-44B4-960F-447C0F63E90D}) (Version: 4.0.1.9 - Dataram, Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6162 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)
Rise of Nations: Extended Edition (HKLM-x32\...\Rise of Nations: Extended Edition_is1) (Version:  - Microsoft Studios)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scansoft PDF Professional (x32 Version:  - ) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity (HKLM-x32\...\SimCity_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SSD Tweaker version 2.1.4 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 2.1.4 - Elpamsoft.com)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stellarium 0.12.0 (HKLM\...\Stellarium_is1) (Version: 0.12.0 - Stellarium team)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.18.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
THX TruStudio (HKLM-x32\...\{B11AB9C8-18A6-41DC-98B4-4988CC030136}) (Version: 1.0 - Creative Technology Limited)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total Video Converter 3.71 100812 (HKLM-x32\...\Total Video Converter 3.71_is1) (Version:  - EffectMatrix Inc.)
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UltraISO Premium V9.61 (HKLM-x32\...\UltraISO_is1) (Version:  - )
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
War2Combat version 3.15 (HKLM-x32\...\War2Combat_is1) (Version: 3.15 - War2 RU Admins)
Warcraft II BNE (HKLM-x32\...\Warcraft II BNE) (Version:  - )
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.5.600 - Broadcom Corporation)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (02/25/2010 6.2.0.9419) (HKLM\...\85CE3A3657FAE5FD305B143E90E6FC89BA53001C) (Version: 02/25/2010 6.2.0.9419 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (01/19/2010 6.2.0.1417) (HKLM\...\7341A1B43E7FE58942EB1E820A17C18305DFBCE6) (Version: 01/19/2010 6.2.0.1417 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/29/2009 6.1.7100.0) (HKLM\...\2AA10AB519DC7432D599A0E860206A7DDCC27764) (Version: 07/29/2009 6.1.7100.0 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.0 - ASUS)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
zipForm6 (HKLM-x32\...\zipForm6) (Version: 1.0.0.0 - )
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02DD54FD-A0FB-4EBE-BE24-91223F7B8629} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation)
Task: {12CBF4F3-6773-4904-A24F-85A78CF88AAE} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-11-10] (ASUS)
Task: {130A98C4-9046-47AE-AD25-D4AEC02B4F74} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2012-03-09] (ASUSTek Computer Inc.)
Task: {19A6DC6E-91F5-4DAA-BB06-9BF456EAE5FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {1B2233DA-6D56-4816-9356-11CB4E904A28} - System32\Tasks\0915tbUpdateInfo => C:\ProgramData\Avg_Update_0915tb\0915tb_{6C870243-F5F9-4A77-82E2-6ED418DA2A99}.exe
Task: {218D47A8-D1DF-4A99-A3AE-CDEABB2A325C} - System32\Tasks\AVG-SSU_0816tb => C:\ProgramData\Avg_Update_0816tb\AVG-Secure-Search-Update_0816tb.exe [2016-07-26] ()
Task: {2CDF7D5F-F271-4015-A39B-50AAC4C8B978} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14] (Adobe Systems Incorporated)
Task: {361B1DCA-B0CA-41E9-87B2-420E5B965726} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-06-14] (Microsoft Corporation)
Task: {3C29FD8A-AA29-4FDC-A838-97B12FD161BA} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {585B26EF-DF95-4DE3-A0A4-06A53E3C46A7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {5F3C7F65-7514-4994-AF3F-F5BD3C2BAA63} - System32\Tasks\Microsoft\Windows\Setup\EOONotify => C:\Windows\EOONotify\EOONotify.exe [2016-07-08] (Microsoft Corporation)
Task: {801FF32E-222B-4433-9242-7A04C8BD1B9B} - System32\Tasks\AVG-SSU_0516tb => C:\ProgramData\Avg_Update_0516tb\AVG-Secure-Search-Update_0516tb.exe [2016-05-14] ()
Task: {81F7A551-A841-40A8-8DCC-BBA16CF87BF5} - System32\Tasks\AVG-SSU_0616tb => C:\ProgramData\Avg_Update_0616tb\AVG-Secure-Search-Update_0616tb.exe [2016-06-29] ()
Task: {949E9CAE-D04B-46D4-ABDB-B953ADE308A6} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 8710 => C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\HPCustPartic.exe [2015-08-31] (HP Inc.)
Task: {9D02CF96-B06F-4856-A29A-659B4EF8E283} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {B54F755E-AB67-44EC-AD7F-2F37711B9633} - System32\Tasks\HPCustPartic.exe_{A5150CBC-0253-41FF-9B4C-B962C4684308} => C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\HPCustPartic.exe [2015-08-31] (HP Inc.)
Task: {C1F61ABA-7A63-4714-8438-2693C4ED6E5E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation)
Task: {CB731559-D42B-4EF2-BC2E-C2C172942135} - System32\Tasks\WindowAdvertisement => C:\Program Files (x86)\WindowAdvertisement\windowadvertisement.exe
Task: {DCF9F286-B4F1-468E-9795-31DA6941DA7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E31435C2-1F81-42BB-9B56-DFD9862D5E58} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2011-08-31] (ASUSTeK Computer Inc.)
Task: {E960BE6D-A883-4F3E-B9D0-4E3CC3274087} - System32\Tasks\1015tbUpdateInfo => C:\ProgramData\Avg_Update_1015tb\1015tb_{C34594B9-BB62-42F2-A5D6-BC04D9EF1885}.exe
Task: {F07998F9-EC75-438A-9D67-BF9CA172915D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\0915tbUpdateInfo.job => C:\ProgramData\Avg_Update_0915tb\0915tb_{6C870243-F5F9-4A77-82E2-6ED418DA2A99}.exe
Task: C:\Windows\Tasks\1015tbUpdateInfo.job => C:\ProgramData\Avg_Update_1015tb\1015tb_{C34594B9-BB62-42F2-A5D6-BC04D9EF1885}.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-SSU_0516tb.job => C:\ProgramData\Avg_Update_0516tb\AVG-Secure-Search-Update_0516tb.exe
Task: C:\Windows\Tasks\AVG-SSU_0616tb.job => C:\ProgramData\Avg_Update_0616tb\AVG-Secure-Search-Update_0616tb.exe
Task: C:\Windows\Tasks\AVG-SSU_0816tb.job => C:\ProgramData\Avg_Update_0816tb\AVG-Secure-Search-Update_0816tb.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\OakRaid\Desktop\War2Combat.lnk -> D:\Programs\War2Combat\War2Launcher.bat ()
Shortcut: C:\Users\OakRaid\AppData\Local\Microsoft\Windows\GameExplorer\{F1AB869D-89BC-4FC9-B966-FE7B566543D0}\SupportTasks\1\Blizzard Technical Support.lnk -> hxxp://us.starcraft2.com/support/
Shortcut: C:\Users\OakRaid\AppData\Local\Microsoft\Windows\GameExplorer\{F1AB869D-89BC-4FC9-B966-FE7B566543D0}\SupportTasks\0\Battle.net Account Management.lnk -> hxxp://us.battle.net/account
Shortcut: C:\Users\OakRaid\AppData\Local\Microsoft\Windows\GameExplorer\{C02E85E6-0032-4CC4-81AF-C24DCE44BCB6}\SupportTasks\0\Support.lnk -> hxxp://microsoft.com/support//
Shortcut: C:\Users\OakRaid\AppData\Local\Microsoft\Windows\GameExplorer\{BF1A8A2B-A687-42FF-891A-F4BC62ABACC6}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.blizzard.com/star/star.htm/
Shortcut: C:\Users\OakRaid\AppData\Local\Microsoft\Windows\GameExplorer\{AB6736EC-40F3-417B-A531-A22EE75E077A}\SupportTasks\0\Support.lnk -> hxxp://www.take2games.com/support/
Shortcut: C:\Users\OakRaid\AppData\Local\Microsoft\Windows\GameExplorer\{87704350-2491-483C-8FF4-470C1E7306AB}\SupportTasks\1\Support.lnk -> hxxp://support.microsoft.com/games/
Shortcut: C:\Users\OakRaid\AppData\Local\Microsoft\Windows\GameExplorer\{87704350-2491-483C-8FF4-470C1E7306AB}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.ageofempires3.com/

==================== Loaded Modules (Whitelisted) ==============

2015-06-11 21:03 - 2016-07-22 15:52 - 00976456 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-04-07 19:14 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-08-05 12:59 - 2005-04-21 21:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2016-07-25 09:58 - 2016-05-24 09:43 - 08909504 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2010-01-09 21:17 - 2010-01-09 21:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 02:40 - 2010-01-21 02:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-27 13:27 - 2014-05-19 18:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-07-14 17:11 - 2010-07-14 17:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2010-09-23 17:53 - 2010-09-23 17:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2010-04-02 20:21 - 2008-10-01 00:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2015-06-11 21:03 - 2016-07-22 15:52 - 02162760 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2011-08-31 16:33 - 2011-08-31 16:33 - 00208384 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
2016-04-11 23:24 - 2016-04-11 23:24 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2010-01-09 21:18 - 2010-01-09 21:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 02:34 - 2010-01-21 02:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-07-12 16:56 - 2016-07-12 16:56 - 19483328 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3168688734-29480005-1135947682-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\OakRaid\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AVG-Secure-Search-Update_1113a => C:\Users\OakRaid\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=04daa1eadc654765ad363fb16c55cf7b-93825dd3ed1adbc03f91a43606310ae80281c6bf /CMPID=1113a
MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: CPMonitor => "C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe"
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: mca64Launcher 1.8.9.90 => C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.8.9.90\mca64Launcher.exe
MSCONFIG\startupreg: mca64Launcher 2.0.0.109 => C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.109\mca64Launcher.exe
MSCONFIG\startupreg: mca64Launcher 2.0.0.112 => C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.112\mca64Launcher.exe
MSCONFIG\startupreg: mca64Launcher 2.0.0.117 => C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.117\mca64Launcher.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: powersearch => "C:\Users\OakRaid\AppData\Roaming\powersearch\powersearch.exe" update
MSCONFIG\startupreg: PPort12reminder => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
MSCONFIG\startupreg: Search Protection => "C:\Users\OakRaid\AppData\Roaming\Search Protection\SP.EXE" /autostart
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: THX TruStudio NB Settings => "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
MSCONFIG\startupreg: uTorrent => "C:\Users\OakRaid\AppData\Roaming\uTorrent\uTorrent.exe"
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
MSCONFIG\startupreg: Zune Launcher => "F:\Programs\ZuneLauncher.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{65E20367-B931-443F-9FF0-A2A751941189}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC7F3B96-6E90-4CD1-87F6-0959CC48D11D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A029BA34-DFDE-4895-BC0A-615FCD631923}] => (Block) %ProgramFiles%\Sony\Vegas Pro 12.0\vegas120.exe
FirewallRules: [{EDBBC3A4-FF51-435E-8F9D-72668994F03E}] => (Block) %ProgramFiles%\Sony\Vegas Pro 12.0\vegas120.exe
FirewallRules: [{FADC8464-ABFB-4F90-B0C5-853E64FBCC87}] => (Block) %ProgramFiles%\Sony\Vegas Pro 12.0\ErrorReportClient.exe
FirewallRules: [{D7BBFAC4-3C54-4068-959D-3BEAC5FCFCB9}] => (Block) %ProgramFiles%\Sony\Vegas Pro 12.0\ErrorReportClient.exe
FirewallRules: [{A1C71EE1-5A83-49A3-884E-5694797A415B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8E4A6158-BE60-48E7-944D-F8F47ADE7AF6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{B42E6CC1-3489-4D3C-91F1-12EF3599362D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [TCP Query User{8AEABEA7-A557-442D-A5E9-9F8A71FB1771}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{F68D80B4-7C17-46A6-8DD0-45B2C6AE046E}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [TCP Query User{5C9EDE99-088B-4525-A454-806F3B109A6C}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{27ECD018-9C44-4785-85D9-B8C17797E666}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{1C6DB898-D9B7-40DC-B3EE-AF0A62807F0B}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10f\FAXRX.exe
FirewallRules: [{FBD86B92-DDC9-4F28-BAB7-D12870D65A70}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10f\FAXRX.exe
FirewallRules: [{60D8DDD0-5690-44DD-AADF-89AA8A0FB327}] => (Allow) LPort=54925
FirewallRules: [{72C9702B-0C63-4E12-A5CD-1C7537C49699}] => (Allow) C:\Users\OakRaid\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{604EB209-C2F3-4675-AD08-00CA4E0B9E34}] => (Allow) C:\Users\OakRaid\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{597F0263-F722-4AC7-8C6C-940CAA00AAD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{FB65C0CC-E7F0-4F9F-B156-23BA3A58F48A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{0686F261-AB2E-4E4A-B40F-E490C72B8DF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization IV\Civilization4.exe
FirewallRules: [{4D61D96C-26C8-47C6-B845-5BA1ED013B7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization IV\Civilization4.exe
FirewallRules: [{EF84304C-2DDC-4401-9978-C4EA747D2DBB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AA84B434-71D1-4A07-A1C3-4C02BED5A845}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{92E41994-36EE-408A-BC20-7D27C1FFFC0F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BBF45259-A2D9-47E3-9502-5A55E5F2C08C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F34BDC29-4AF9-4898-8B14-63760B1785F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1A4A9EF8-2073-4BB3-8900-91B8ECE2E39C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C45716DD-DF78-4FF5-BC08-DA2B2C281AB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{51D5697D-CF11-403F-858C-D482EFE60E41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{860B86D4-F1CC-4143-9ABE-7BEB78543676}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{A69C6328-DC0A-4043-BCFF-CA3E3A45BE8B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{F031C1F0-13C7-43A3-AA4E-473F25AC28F2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{F8E3FF4A-79AA-4F71-826B-FA9A0F9A7459}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{650326A3-70FC-4BC7-8C74-811A39269CD8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{79C56758-CEF5-4C1B-807A-391D9830C941}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{3140B7BF-307D-4461-BBEE-62409C967A80}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{B2596AAB-7ECF-4788-893F-F96D5613871E}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{0E6F4C6E-576F-444F-86D2-DC0EBC064045}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{5DC22FC0-4238-4728-8904-0CFE0BC00A0F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{28E06D25-E7CB-4888-A86E-7C440791BCFF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{CF68CACD-A182-4953-B9D2-5E729BAAD92C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{781690E7-8364-4C57-BB6D-E5B736E2966A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{86C0B0A6-FD8C-4B00-BE62-F502F2F5827E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{D0534A05-30C4-428A-8593-38F6F119FC25}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{41FC5D0E-DDEF-4733-B1AD-DAC9E9B6E752}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{A6AC9044-3DD2-44D7-AC65-82989C5C990C}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{4C62BB96-2089-42AD-89BE-8498557BE188}F:\programs\warcraft ii bne\warcraft ii bne.exe] => (Block) F:\programs\warcraft ii bne\warcraft ii bne.exe
FirewallRules: [UDP Query User{99196071-D476-4F66-AB52-FC8092448D0B}F:\programs\warcraft ii bne\warcraft ii bne.exe] => (Block) F:\programs\warcraft ii bne\warcraft ii bne.exe
FirewallRules: [{55DB742B-9DA1-4855-9670-CD97B292900C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{B596C171-7C93-4A4C-A0E5-9DD28A664C27}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{2718A6CF-6FE6-48BE-8C2D-84308BB84318}] => (Allow) C:\Users\OakRaid\Desktop\StarCraft II\StarCraft II.exe
FirewallRules: [{2A927E50-BE45-433A-9F68-DBB7BCB40348}] => (Allow) C:\Users\OakRaid\Desktop\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{407B07AE-3E92-4213-A1EB-181472CFB2A5}F:\programs\starcraft\starcraft.exe] => (Allow) F:\programs\starcraft\starcraft.exe
FirewallRules: [UDP Query User{BDE3A9D1-6CEF-4C71-AD54-E9463254853F}F:\programs\starcraft\starcraft.exe] => (Allow) F:\programs\starcraft\starcraft.exe
FirewallRules: [TCP Query User{B0755139-B9B8-4075-8D0A-1A288B9B90D3}C:\users\oakraid\desktop\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\users\oakraid\desktop\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{0C33A1FE-8D27-4904-8A3A-7565274054A9}C:\users\oakraid\desktop\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\users\oakraid\desktop\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{B6D9CAC4-3412-4B4F-9306-4D9574985570}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{F7522A5A-BA14-4C1F-B3EA-6953F2B0DBEB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{9A2A1D74-1787-40A5-AF60-CC4244447D75}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.8.9.10\mca64Launcher.exe
FirewallRules: [{7C7C4CCD-EDF3-487B-89FA-F3C42FD09361}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.8.9.10\mca64Launcher.exe
FirewallRules: [{5A45F6A7-7489-4222-809E-45DF7DCB3B5C}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.8.9.64\mca64Launcher.exe
FirewallRules: [{9D0D4D48-87CF-4B7A-B6BE-45218806ACD1}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.8.9.64\mca64Launcher.exe
FirewallRules: [{EC74B2E4-BAEF-4325-8A66-61F0509CAE64}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.8.9.90\mca64Launcher.exe
FirewallRules: [{A0C2A119-ED7B-4897-B02C-157B7FA0042E}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.8.9.90\mca64Launcher.exe
FirewallRules: [{5BB280A6-F4E5-4FCC-8D11-AE14652F9AE0}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.9.6.4\mca64Launcher.exe
FirewallRules: [{ACE26967-0BA9-4748-BC01-C4402BBDFB7F}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.9.6.4\mca64Launcher.exe
FirewallRules: [{1CD5C37F-8E47-41E8-9C97-71146EC22ACC}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.8.9.90\mca64Launcher.exe
FirewallRules: [{FB77ECD3-6682-4A19-9D8A-0A42AE68959E}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.8.9.90\mca64Launcher.exe
FirewallRules: [{32CB4C5F-7A24-4740-B213-BBB91BDD4733}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.9.6.4\mca64Launcher.exe
FirewallRules: [{D2F2E06F-88D5-4343-9FE9-8ACC78DEB471}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.9.6.4\mca64Launcher.exe
FirewallRules: [{14ED0A32-F012-46DA-A96D-37B79EC96D02}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.8.9.90\mca64Launcher.exe
FirewallRules: [{AE8AD534-E49E-445B-84E3-A7BF0C9B784C}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.8.9.90\mca64Launcher.exe
FirewallRules: [{15303258-0716-41A7-974E-B7B1D6730B6F}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.9.6.4\mca64Launcher.exe
FirewallRules: [{A08D7A4A-1858-47DF-B052-10F5EB155CD6}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.9.6.4\mca64Launcher.exe
FirewallRules: [{CDFDB0BE-A51A-4D0B-BEE2-3639CD59AB18}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.9.9.9\mca64Launcher.exe
FirewallRules: [{599975F6-752D-4F94-94FF-E4DB92466C15}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.9.9.9\mca64Launcher.exe
FirewallRules: [{AE52A7FF-5BD8-45B8-897A-724406BCEA17}] => (Allow) F:\Program Files\avgmfapx.exe
FirewallRules: [{2429C409-D1AD-49F9-9BB0-2157BFC34C55}] => (Allow) F:\Program Files\avgmfapx.exe
FirewallRules: [{E553AFF6-EC11-48C3-80B0-33C11D897846}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.64\mca64Launcher.exe
FirewallRules: [{725BD757-99A1-4F17-B488-A3A2E69EE36E}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.64\mca64Launcher.exe
FirewallRules: [{A3B158F8-657D-4FB3-8BC4-A822EAAD65C4}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.9.9.9\mca64Launcher.exe
FirewallRules: [{A72A0A6F-1B4D-4016-B24C-EEC767572E49}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.9.9.9\mca64Launcher.exe
FirewallRules: [{8EC700FA-58AE-4CAE-96D0-6C85948FF34D}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.64\mca64Launcher.exe
FirewallRules: [{71DF5E23-FE52-435A-9FD5-947BA11EAC9E}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.64\mca64Launcher.exe
FirewallRules: [{2842A1CD-9501-4ADA-8A98-DE41CD4B2182}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.9.9.9\mca64Launcher.exe
FirewallRules: [{49F3DBA4-15A1-46BC-ADE8-227A49C8EDE8}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 1.9.9.9\mca64Launcher.exe
FirewallRules: [{048F792E-8294-4D53-8B45-05CFE4C24254}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.64\mca64Launcher.exe
FirewallRules: [{E3884C79-9B85-45A8-B1B1-D68B31CBE12D}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.64\mca64Launcher.exe
FirewallRules: [{24CFBF54-2F1C-4206-8814-4197EC7B6419}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.94\mca64Launcher.exe
FirewallRules: [{70D05650-C825-4FF8-9CF8-CA2685828573}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.94\mca64Launcher.exe
FirewallRules: [{48DAD084-E554-4784-9B08-7CF59530021B}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.64\mca64Launcher.exe
FirewallRules: [{18DB0C52-9E6C-40A5-8B00-780625556F92}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.64\mca64Launcher.exe
FirewallRules: [{CF0B3CFC-4E0C-40E2-9C1F-3C825C74D3A7}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.94\mca64Launcher.exe
FirewallRules: [{B05F45B6-81E6-48C7-9707-A16A0211ADE5}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.94\mca64Launcher.exe
FirewallRules: [{337E0EEB-E3C1-4658-A91C-1D9C555CDBE5}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.100\mca64Launcher.exe
FirewallRules: [{A13D8645-A6C7-4482-BA82-E52D15D8D003}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.100\mca64Launcher.exe
FirewallRules: [{D8555817-8FF4-4AB7-B794-524A7FD74A9A}] => (Allow) F:\Program Files\avgnsa.exe
FirewallRules: [{1DDA8CCE-FFE9-46B7-88AF-1081D546BBEF}] => (Allow) F:\Program Files\avgnsa.exe
FirewallRules: [{71A830DB-9385-446F-A054-6F973D50522D}] => (Allow) F:\Program Files\avgdiagex.exe
FirewallRules: [{34B2B48C-B1E9-43B7-B5FE-2E5F8CCFC11B}] => (Allow) F:\Program Files\avgdiagex.exe
FirewallRules: [{B9487D97-6179-4A65-9E6E-6036508ECEC7}] => (Allow) F:\Program Files\avgemca.exe
FirewallRules: [{69C4A558-195F-48BD-8E6A-611075AAED44}] => (Allow) F:\Program Files\avgemca.exe
FirewallRules: [{6A3E0931-11EC-4CF0-BA9A-F48E98ECFC30}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.104\mca64Launcher.exe
FirewallRules: [{93CA92D4-A99E-4CF9-801B-B9709ACDCD8D}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.104\mca64Launcher.exe
FirewallRules: [{44506F4D-D86E-4CD4-AC2E-5A7A87FA2E49}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.105\mca64Launcher.exe
FirewallRules: [{49FE8FBE-D644-48FA-966B-BA1587B5E85C}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.105\mca64Launcher.exe
FirewallRules: [{76C7E4FA-95CD-4655-A196-9982325994DC}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.104\mca64Launcher.exe
FirewallRules: [{4802B463-CD27-4682-BDDE-7FAB33185E1D}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.104\mca64Launcher.exe
FirewallRules: [{36486D4C-E5DE-490F-99B7-2C6C55C7B079}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.105\mca64Launcher.exe
FirewallRules: [{898B7D44-1A8B-4125-8D12-8FDE1148738B}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.105\mca64Launcher.exe
FirewallRules: [{3BED0DB0-B25B-4748-9ABA-B6004554B390}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.108\mca64Launcher.exe
FirewallRules: [{94EEE774-5F70-4BD0-87F2-7D5EB4FF59A5}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.108\mca64Launcher.exe
FirewallRules: [{53304540-35A3-4E70-AD0A-F36110060FB5}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.109\mca64Launcher.exe
FirewallRules: [{44FBDDBA-ECE6-4472-906B-A3715588C806}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.109\mca64Launcher.exe
FirewallRules: [TCP Query User{21C96910-0DCC-4A8D-A258-F0F61309795E}D:\programs\war2combat\warcraft ii bne.exe] => (Allow) D:\programs\war2combat\warcraft ii bne.exe
FirewallRules: [UDP Query User{BEEB65A0-CEA4-46EE-8587-81D85313E379}D:\programs\war2combat\warcraft ii bne.exe] => (Allow) D:\programs\war2combat\warcraft ii bne.exe
FirewallRules: [{525CC40D-504A-404F-B830-4CF218B89A4A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{850CDF8B-D12D-4831-B044-5C180C8B8499}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4E46BBFA-3709-4710-AC77-43BD281ABD62}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.112\mca64Launcher.exe
FirewallRules: [{E74C315F-EB01-4C9F-9DC8-F93D6C65F112}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.112\mca64Launcher.exe
FirewallRules: [{E2F5D2B3-1B00-49A1-A64A-456AB719C748}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C767367B-442E-4184-958A-A7FF788D59C2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{2EA0EB5C-78F4-4904-AD52-4A4ED895CF75}C:\users\oakraid\desktop\age of empires 2\aoe2 game\empires2-play.exe] => (Allow) C:\users\oakraid\desktop\age of empires 2\aoe2 game\empires2-play.exe
FirewallRules: [UDP Query User{0A003A46-6D63-400F-A799-38AA205FFABE}C:\users\oakraid\desktop\age of empires 2\aoe2 game\empires2-play.exe] => (Allow) C:\users\oakraid\desktop\age of empires 2\aoe2 game\empires2-play.exe
FirewallRules: [{3F2BE866-1AD7-419C-9B83-DA3707A7D8E3}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{B27B7FB6-B208-4C88-99EE-81760B9FE5D4}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{57843DBB-ABF0-49FE-9278-D2AE3930FC51}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{DF5A187E-7825-4DF1-B50B-98D687EDE947}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [TCP Query User{538A8FBD-0357-47BC-BD7F-F4320D05D8C1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4DF24224-9E94-4405-BDF9-68D8A505318F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{D454088D-4A7A-44CE-B5D1-CA891A0AD3C7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{7DFBF558-955F-488E-A553-6E5BBF05A656}] => (Allow) C:\Users\OakRaid\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{DA5DB8A6-7E5D-4246-8C7D-FC52CD87ECDC}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.112\mca64Launcher.exe
FirewallRules: [{717B6D30-54B4-4CB7-B294-76F64EFEA3B3}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.112\mca64Launcher.exe
FirewallRules: [{1454DE3F-21BE-4127-8268-2E107D31A29A}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.117\mca64Launcher.exe
FirewallRules: [{BA7E367A-18A9-42CC-B58B-34BD7690F5A8}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.117\mca64Launcher.exe
FirewallRules: [{A0690098-3906-4514-97C5-7B8578795D4D}] => (Allow) F:\Programs\qBittorrent\qbittorrent.exe
FirewallRules: [{33A1C260-EA8E-4316-81A5-A128209ECD35}] => (Allow) F:\Programs\qBittorrent\qbittorrent.exe
FirewallRules: [{44044D7C-13BA-4014-A680-17E61A9C1536}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{938EC740-0706-4768-B164-302A177E602D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A15F450D-945B-44DD-BBB3-5F456E52EDE1}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{4AB1B86D-4B61-458F-98B1-44D519BA105D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{3D5145D7-6CB4-40E8-AE8D-082F59C365E9}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{425B7594-7D8A-4680-9696-B3DEC4C6302F}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{E3D5C12A-3437-4D5B-AD35-588A068EE9B9}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{C7E72660-9ACB-4A32-9B45-E9C0D8AC28DE}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{F710A688-1F57-4D66-81DF-E959D272B057}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{AA3DCE2B-D179-422F-B521-AB0CECF80E5B}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{49115EBC-E33B-4E1E-8123-922CFFBA4401}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{6C168B67-D6A2-4335-8A37-FACE77F03339}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{ED161DDB-5FBF-4A0E-8287-BD121219D2F0}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E2A572D5-3201-4DD5-B7A5-72743FD33AB0}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{B1BA5565-E252-4998-8497-FE892DF626A9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{756E6D63-C72F-436E-A8C1-06E54FB6BF4C}] => (Allow) G:\Temp\7zS1AFA\HP.EasyStart.exe
FirewallRules: [{0EEF0C78-5CBB-45B4-ACDF-6AD385CD11CE}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxApplications.exe
FirewallRules: [{4656BC52-A070-49E1-8F54-DCD152A3BF3D}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\DigitalWizards.exe
FirewallRules: [{EAF0B8EA-2142-49B2-901E-05DC59B425AE}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\SendAFax.exe
FirewallRules: [{9BD984FD-E54C-4904-A410-931D724F42B4}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxPrinterUtility.exe
FirewallRules: [{D747E930-F357-4CC3-AE30-4ADA53AE4A0B}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\DeviceSetup.exe
FirewallRules: [{04A8F7EA-EEC0-4931-9381-D41A4CF33EEF}] => (Allow) LPort=5357
FirewallRules: [{97201146-91B6-4177-93C8-CBC4C6C0CFE3}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{FAA4CC36-5438-4164-B426-B9B606BBF2E9}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.121\mca64Launcher.exe
FirewallRules: [{D13391C0-BF1A-451C-960E-D04FBACF7E86}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.121\mca64Launcher.exe
FirewallRules: [{B01C7A23-0398-4CB9-90A4-BB5A03184797}] => (Allow) F:\Programs\SimCity\SimCity\SimCity.exe
FirewallRules: [{5DC4040B-C73A-4E5D-8FCA-8BBF0BDD39C1}] => (Allow) F:\Programs\SimCity\SimCity\SimCity.exe
FirewallRules: [{AE63BD1D-C751-4044-91A4-40EBBC186F92}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.121\mca64Launcher.exe
FirewallRules: [{B7A6B86B-329C-4234-AD6C-AE6D11FF1401}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.121\mca64Launcher.exe
FirewallRules: [{A8B9BD48-EE89-4B7F-9C33-29AB6746EFB2}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.121\mca64Launcher.exe
FirewallRules: [{09AADE83-9474-42C6-ADAF-2D36190472F1}] => (Allow) C:\Program Files (x86)\mca64Launcher\mca64Launcher 2.0.0.121\mca64Launcher.exe
FirewallRules: [{871811D5-5E9D-44DD-9ECA-C51599833A52}] => (Allow) D:\Programs\mca64 Launcher\mca64Launcher2.0.0.121\mca64Launcher.exe
FirewallRules: [{3A6D926B-DF84-45FB-BD9F-DF338E226E85}] => (Allow) D:\Programs\mca64 Launcher\mca64Launcher2.0.0.121\mca64Launcher.exe
FirewallRules: [{8E0CF2B2-21CC-4A7F-94FD-24F90DE6B655}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{0475346B-155B-49C5-8AD9-DCDD8918D378}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{8E9989D5-AFD8-4E0A-A8EC-72CD3A83DF9F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{BE25D92A-593D-4AF1-B3A2-0597D434D03F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{6A71B088-A0C5-4D88-AC2C-4B6CF1C5B930}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{B749683F-D42F-44C6-ADCD-2355FA1B400F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{F2F36C71-AC2F-4D2A-8D6A-53580665698A}] => (Allow) F:\Programs\mca64Launcher2.0.0.121\mca64Launcher.exe
FirewallRules: [{24E5B065-FC5B-481C-B780-875D5AD07529}] => (Allow) F:\Programs\mca64Launcher2.0.0.121\mca64Launcher.exe
FirewallRules: [TCP Query User{64D4A4AB-18EB-4003-A5D6-18572EE2B12B}D:\downloads from web\downloader_starcraft_combo_enus.exe] => (Allow) D:\downloads from web\downloader_starcraft_combo_enus.exe
FirewallRules: [UDP Query User{20D74295-FDE5-4DD8-A570-DECFCC988DD9}D:\downloads from web\downloader_starcraft_combo_enus.exe] => (Allow) D:\downloads from web\downloader_starcraft_combo_enus.exe

==================== Restore Points =========================

23-06-2016 09:32:46 Windows Update
12-07-2016 00:41:37 Windows Update
13-07-2016 20:27:52 Installed DirectX
13-07-2016 20:36:31 Installed DirectX
14-07-2016 01:22:05 Windows Update
19-07-2016 13:48:19 Windows Update

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/26/2016 11:53:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_bthserv, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: bthserv.dll, version: 6.1.7600.16385, time stamp: 0x4a5bde9d
Exception code: 0xc0000005
Fault offset: 0x000000000000f1ef
Faulting process id: 0x9dc
Faulting application start time: 0xsvchost.exe_bthserv0
Faulting application path: svchost.exe_bthserv1
Faulting module path: svchost.exe_bthserv2
Report Id: svchost.exe_bthserv3

Error: (07/26/2016 10:54:28 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2016-07-27T07:48:28Z. Error Code: 0x80070490.

Error: (07/26/2016 08:18:35 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (07/26/2016 08:18:35 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (07/26/2016 08:18:35 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (07/25/2016 10:54:28 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2016-07-26T07:48:28Z. Error Code: 0x80070490.

Error: (07/25/2016 10:09:19 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2016-07-25T19:03:19Z. Error Code: 0x80070490.

Error: (07/25/2016 09:59:20 AM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Plus 2010 - Update '{CE042368-5EBF-465B-AA2C-EA843573DA4A}' could not be installed. Error code 1642. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Error: (07/25/2016 09:59:20 AM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Plus 2010 - Update '{CE042368-5EBF-465B-AA2C-EA843573DA4A}' could not be installed. Error code 1642. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Error: (07/24/2016 10:54:28 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2016-07-25T07:48:28Z. Error Code: 0x80070490.


System errors:
=============
Error: (07/27/2016 04:20:56 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel Security. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.

Error: (07/27/2016 04:20:56 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel Security. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.

Error: (07/27/2016 04:20:55 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel Security. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.

Error: (07/27/2016 04:20:44 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (07/27/2016 03:45:47 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel Security. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.

Error: (07/27/2016 03:45:47 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel Security. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.

Error: (07/27/2016 03:45:46 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel Security. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.

Error: (07/27/2016 03:45:35 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (07/27/2016 10:19:57 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel Security. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.

Error: (07/27/2016 10:19:57 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel Security. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.


==================== Memory info ===========================

Processor: Intel® Core™ i7-2630QM CPU @ 2.00GHz
Percentage of memory in use: 34%
Total physical RAM: 12265.16 MB
Available physical RAM: 7992.93 MB
Total Virtual: 12263.35 MB
Available Virtual: 7652.82 MB

==================== Drives ================================

Drive c: (Robs SSD) (Fixed) (Total:238.47 GB) (Free:138.79 GB) NTFS
Drive d: (SDATA2) (Fixed) (Total:232.89 GB) (Free:148.46 GB) NTFS
Drive f: (SDATA1) (Fixed) (Total:232.87 GB) (Free:3.89 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:0.97 GB) (Free:0.97 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: EB30FB7B)
Partition 1: (Not Active) - (Size=238.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BBC58B91)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1000 MB) (Disk ID: 0CD95C3F)
Partition 1: (Active) - (Size=1000 MB) - (Type=0B)

==================== End of Addition.txt ============================


Edited by RJ7887, 27 July 2016 - 06:00 PM.

  • 0

Advertisements


#2
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Hi. My name is Brian, and I would be happy to look into your issue.
 



- General Instructions -


  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • It is also likely during our cleaning process that your internet browsing history will be removed. Your favorites will be untouched. If you don't want this to happen you need to let me know before running any steps so I can adjust my fixes accordingly.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-


 


All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-


 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

 

 

I need to collect some more info. Please do the following.

1. Click your Start button and type cmd in the search box. Right-click on cmd from the search results and select Run as administrator. Answer Yes if the UAC prompt comes up.
2. Copy/Paste the following in to the command-prompt window and hit enter.
wmic qfe list brief /format:texttablewsys > "%USERPROFILE%\desktop\hotfix.txt"

3. This will create a file on your desktop named hotfix.txt. Please attach this to your next reply.


  • 0

#3
RJ7887

RJ7887

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

Thank you for the quick reply, Brian. Here is the file.


  • 0

#4
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

No problem. I don't see the file.


  • 0

#5
RJ7887

RJ7887

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

Sorry. Attached.

Attached Files


  • 0

#6
RJ7887

RJ7887

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

I apologize Brian, but my info in my profile was off.

I'm running Windows 7 with an Asus G73S laptop. 2.00ghz quad core.


  • 0

#7
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Thanks for the info.

 

Step#1 - Warnings

a) Registry Cleaners
I see that you have CCleaner installed. This is indeed a good product but I wanted to caution you on running the registry cleaning functionality of the tool. Please avoid this as it can do more harm than good.
http://www.bleepingc...s/#entry2853053
http://miekiemoes.bl...weaking_13.html

Please be aware that we do not recommend the usage of registry cleaners/tools due to the following facts:

  • registry tools can cause irreparable damage to your Operating System
  • registry tools can, as a result of the above, render your pc to be inoperable.

For more information about why you should avoid using a such programs, one of the malware experts, miekiemoes, has an excellent write-up here

 

Another from quietman7 here

 

b) Antivirus is disabled

I see that you currently have AVG antivirus disabled. It's critical that you have a reputable antivirus software installed on your machine at all times. Do you intend on keeping AVG? Is there a reason it's currently disabled?

 

c) Low on disk space

Your F:\ drive is low on space. It has about 2% percent free disk space. This can adversely affect the performance of your computer. It's recommended to have at least 15% free disk space so that tools such as the automated defragger can keep your drive optimized.

 

d) P2P Program Detected

The Dangers of P2P Programs
IMPORTANT: I noticed that you have a P2P (Peer to Peer) file sharing program on your computer. I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more than likely infected with trojans, malware, rootkits, etc.
You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.
 
Here are some information sources about the dangers of P2P programs:
FBI - Peer to Peer Scams
USA Today Artticle on P2P Programs
File Sharing Infects 500,000 Computers
 
I very much recommend you uninstall this program from your machine. If not, you will likely be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.
 
It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.
 
Please uninstall the following Peer-to-Peer program(s): qBittorrent 3.2.3

 

e) Pando Media Booster Advice

I see you have Pando Media Booster installed, maybe intentionally and or came with one of your installed games for example. Technically this type of software is based upon peer to

peer technology and you can never really be sure what it is purportedly downloading is always safe. Plus it does not always make that much of a improvement with downloading.

My friendly advice is if you do not really use it, merely uninstall. However this is your choice and I respect whomever I assist with what they wish to have installed on their respective machines.

 

f) Optimization Programs

I see you have RAMDisk and SSD Tweaker installed. I'm not a big fan of optimizers as they have been proven to provide very little if any benefit to a properly running windows system. Especially a system with 12GB or RAM and an SSD like yours. I would recommend not using these but again your choice.

 

Step#2 - Questions

 

1. Do you recognize the following program?

C:\Program Files (x86)\WindowAdvertisement\windowadvertisement.exe

 

2. Do you intend on upgrading to Windows 10 (free for a couple more days)?

 

3. Do you have a Bluetooth device that you are aware of? Your system appears to be having trouble with one.

 

 

Step#3 - Uninstalls

Please uninstall the following programs one at a time. Instructions for doing so are here.
If any of the programs give you an error during the uninstall, notate it and move on to the next one. Just let me know which ones had issues. If you are asked to reboot, answer No until all the programs have been uninstalled and then you can reboot. All of these programs are either outdated, malware/adware, have a bad reputation or are not recommended. If you absolutely must have one of them I suggest that you wait until you are declared clean before reinstalling or at least let me know.

AVG Protection

AVG Web TuneUp

McAfee Security Scan Plus
 


  • 0

#8
RJ7887

RJ7887

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

Thank for the CCleaner info. I may have ran that once in the past (the registry portion). I will not ever make that mistake again.

I am transferring some files to my external to clear the drives up.

I have enabled AVG. I disabled it because I thought it might be slowing my computer down.

qbtorrent is uninstalled.

 

I can't uninstall pando, it is not listed in my programs and features. Should I just delete the folders?

I did a google search, one said that the file is actively running normally as a service. I checked my services in task manager and the file PMB.exe is not running.

I searched my HDD and couldn't find it either.

 

SSDTweaker seems to have been uninstalled. It was on my program list but may have been removed already. So it is now off the list.

I'll get rid of RamDisk soon. A buddy of mine recommended using them to store temporary files instead of on the SSD. I suppose I can accomplish the same thing using a temp folder on my HDD instead of my SSD.

 

 

 

STEP #2

 

1. I do not recognize that advertisement program.

2. I have not updated to windows 10 because I fear it might not work with my 6+ year old laptop. I have a Windows 10 Surface Pro that I like. But I didn't know if my laptop would take to the new operating system. I also know that it is quite difficult to go from Windows 10 back to Windows 7, that concern has prevented me from upgrading.

3. I do have a blutooth device. It was my old mouse, but it was unreliable using the blutooth setting. (would not always connect, sometimes disconnected) I reverted back to usb. Probably because of this issue.

 

 

I've uninstalled all three programs you mentioned.

After I finish with a file transfer (says an hour but it also said 16 hours at one point lol), I will restart and get rid of ramdisk. Won't let me stop program without changing where temp files are stored and restarting.

 

 


  • 0

#9
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Thank you very much. I'll handle removing Pando in my fix. When able, please do the following.

 

Step#1 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop.
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

Step#2 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool. Click I agree if you agree with the terms of use.
4. Click on Scan.
5. After the scan is complete, if you get a message that states "AdwCleaner found no malicious program on your computer!" then you can click OK and then click the Logfile button. Notepad will open with some information. Copy/Paste this into your next reply. No need to continue with the rest of the steps for AdwCleaner.
6. If you don't get that message then click on "Clean"
7. Confirm each time with Ok.
8. Your computer will be rebooted automatically. A text file will open after the restart.
9. Please post the content of that logfile with your next answer.
10. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[C1].txt as well.

 

Items for your next post

1. Fixlog.txt

2. AdwCleaner log

Attached Files


  • 0

#10
RJ7887

RJ7887

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

I performed the steps as you said. It seems that the fixlist.txt file disappears after the restart. Fixlog.txt was not present. I figured I must have done it wrong, so I re-downloaded fixlist.txt and then Fixlog.txt appeared. 

I then deleted fixlist.txt. After I ran AdwCleaner and restarted, fixlog.txt disappeared again. So, I downloaded fixlist.txt and poof, fixlog.txt appeared again.

 

Just thought I would share that.

Here are the logs, one item found by AdwCleaner.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-07-2016
Ran by OakRaid (2016-07-27 19:48:36) Run:1
Running from C:\Users\OakRaid\Desktop
Loaded Profiles: OakRaid & UpdatusUser (Available Profiles: OakRaid & UpdatusUser)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2162760 2016-07-22] ()
HKU\S-1-5-21-3168688734-29480005-1135947682-1001\...\MountPoints2: {2077134a-4e24-11e2-b679-806e6f6e6963} - E:\InstAll.exe
HKU\S-1-5-21-3168688734-29480005-1135947682-1001\...\MountPoints2: {4e6d8bc7-74da-11e4-9ede-74f06dcd5b14} - H:\LG_PC_Programs.exe
HKU\S-1-5-21-3168688734-29480005-1135947682-1001\...\MountPoints2: {6986ccf7-509f-11e2-8f3b-74f06dcd5b14} - I:\autorun.exe
HKU\S-1-5-21-3168688734-29480005-1135947682-1001\...\MountPoints2: {710ff596-2ae8-11e4-9ee6-74f06dcd5b14} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3168688734-29480005-1135947682-1001\...\MountPoints2: {d7ab8907-7994-11e2-ab67-bcaec52f7ba4} - "K:\WD SmartWare.exe" autoplay=true
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.2.18\AVG Web TuneUp.dll [2016-07-22] (AVG)
Toolbar: HKU\S-1-5-21-3168688734-29480005-1135947682-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.2\\npsitesafety.dll [No File]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF HKU\S-1-5-21-3168688734-29480005-1135947682-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [not signed]
C:\Program Files (x86)\Pando Networks
C:\ProgramData\McAfee Security Scan
C:\Program Files (x86)\AVG Web TuneUp
R2 vToolbarUpdater40.3.2; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe [1309768 2016-07-22] (AVG Secure Search)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [976456 2016-07-22] ()
S3 WMZuneComm; F:\Programs\WMZuneComm.exe [X]
S3 ZuneNetworkSvc; F:\Programs\ZuneNss.exe [X]
S3 ZuneWlanCfgSvc; F:\Programs\ZuneWlanCfgSvc.exe [X]
EmptyTemp:
 
 
 
 
*****************
 
Restore point was successfully created.
C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe => No running process found
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe => No running process found
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vProt => value not found.
"HKU\S-1-5-21-3168688734-29480005-1135947682-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2077134a-4e24-11e2-b679-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{2077134a-4e24-11e2-b679-806e6f6e6963} => key not found. 
"HKU\S-1-5-21-3168688734-29480005-1135947682-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4e6d8bc7-74da-11e4-9ede-74f06dcd5b14}" => key removed successfully
HKCR\CLSID\{4e6d8bc7-74da-11e4-9ede-74f06dcd5b14} => key not found. 
"HKU\S-1-5-21-3168688734-29480005-1135947682-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6986ccf7-509f-11e2-8f3b-74f06dcd5b14}" => key removed successfully
HKCR\CLSID\{6986ccf7-509f-11e2-8f3b-74f06dcd5b14} => key not found. 
"HKU\S-1-5-21-3168688734-29480005-1135947682-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{710ff596-2ae8-11e4-9ee6-74f06dcd5b14}" => key removed successfully
HKCR\CLSID\{710ff596-2ae8-11e4-9ee6-74f06dcd5b14} => key not found. 
"HKU\S-1-5-21-3168688734-29480005-1135947682-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7ab8907-7994-11e2-ab67-bcaec52f7ba4}" => key removed successfully
HKCR\CLSID\{d7ab8907-7994-11e2-ab67-bcaec52f7ba4} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => key not found. 
HKCR\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. 
HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. 
HKU\S-1-5-21-3168688734-29480005-1135947682-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value removed successfully
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => key not found. 
HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin => key not found. 
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key removed successfully
HKU\S-1-5-21-3168688734-29480005-1135947682-1001\Software\Mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8} => value not found.
C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found.
"C:\Program Files (x86)\Pando Networks" => not found.
"C:\ProgramData\McAfee Security Scan" => not found.
"C:\Program Files (x86)\AVG Web TuneUp" => not found.
vToolbarUpdater40.3.2 => service not found.
WtuSystemSupport => service not found.
WMZuneComm => service removed successfully
ZuneNetworkSvc => service removed successfully
ZuneWlanCfgSvc => service removed successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 258973850 B
Java, Flash, Steam htmlcache => 396105174 B
Windows/system/drivers => 9787968 B
Edge => 0 B
Chrome => 856115943 B
Firefox => 374843950 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 692 B
Public => 0 B
ProgramData => 0 B
systemprofile => 1612422 B
systemprofile32 => 18399293 B
LocalService => 66228 B
NetworkService => 65960 B
OakRaid => 81783498 B
TEMP => 692 B
UpdatusUser => 692 B
 
RecycleBin => 0 B
EmptyTemp: => 1.9 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 19:48:55 ====
 
 
 
 
# AdwCleaner v5.201 - Logfile created 27/07/2016 at 19:54:54
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-28.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : OakRaid - OAKRAID-PC
# Running from : C:\Users\OakRaid\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
[-] Service Deleted : swdumon
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\Avg_Update_0516tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_0616tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_0816tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_0915tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_1015tb
[-] Folder Deleted : C:\Users\Public\Documents\Downloaded Installers
[-] Folder Deleted : C:\Program Files (x86)\driverupdate
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
[-] Folder Deleted : C:\Users\OakRaid\AppData\LocalLow\HPAppData
 
***** [ Files ] *****
 
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[-] File Deleted : C:\Windows\SysNative\drivers\swdumon.sys
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : 0915tbUpdateInfo
[-] Task Deleted : 1015tbUpdateInfo
[-] Task Deleted : 0915tbUpdateInfo
[-] Task Deleted : 1015tbUpdateInfo
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer
[-] Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\ImInstaller
[-] Key Deleted : HKCU\Software\SlimWare Utilities Inc
[-] Key Deleted : HKCU\Software\YahooPartnerToolbar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\WinToFlash Suggestor
[-] Key Deleted : HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\Search Protection
 
***** [ Web browsers ] *****
 
[-] [C:\Users\OakRaid\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\OakRaid\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [3316 bytes] - [27/07/2016 19:54:54]
C:\AdwCleaner\AdwCleaner[S1].txt - [3541 bytes] - [27/07/2016 19:53:58]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3462 bytes] ##########
 

Edited by RJ7887, 27 July 2016 - 09:01 PM.

  • 0

Advertisements


#11
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

I performed the steps as you said. It seems that the fixlist.txt file disappears after the restart. Fixlog.txt was not present. I figured I must have done it wrong, so I re-downloaded fixlist.txt and then Fixlog.txt appeared. 

I then deleted fixlist.txt. After I ran AdwCleaner and restarted, fixlog.txt disappeared again. So, I downloaded fixlist.txt and poof, fixlog.txt appeared again.

 

Just thought I would share that.

 

Interesting indeed. Thanks for the info.

 

Please do the following.

 

Step#1 - JRT by Malwarebytes
1. Download Junkware Removal Tool to your desktop.
2. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
3. The tool will open. Press any key at the Disclaimer screen and the program will create a restore point and then start scanning your system.
4. Please be patient as this can take a while to complete depending on your system's specifications.
5. On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
6. Close the text file and reboot your machine.
7. Post the contents of JRT.txt into your next message.
 

 


  • 0

#12
RJ7887

RJ7887

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x64 
Ran by OakRaid (Administrator) on Wed 07/27/2016 at 20:24:25.14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 9 
 
Successfully deleted: C:\Users\OakRaid\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\002QC119 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\OakRaid\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MX1SB1Y1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\OakRaid\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XLG24LVL (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\OakRaid\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YJOEB7J6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\002QC119 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MX1SB1Y1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XLG24LVL (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YJOEB7J6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\SysWOW64\REN3607.tmp (File) 
 
 
 
Registry: 1 
 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7AE39A4F-C1DB-4668-B608-159A661BA52A} (Registry Key)
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 07/27/2016 at 20:25:50.85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#13
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Thanks. Let me know how your system is performing now.


  • 0

#14
RJ7887

RJ7887

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

Thank you, Brian. I feel like it is already running better but I will definitely keep an eye on its performance.

I really appreciate your help.

In your opinion, should I upgrade to Windows 10?

 

Also, was there a lot of cleaning up to do with my computer? I'm curious as to how messed up I allowed it to get. I thought I was better at this. haha

 

Thank you again!


  • 0

#15
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Thank you, Brian. I feel like it is already running better but I will definitely keep an eye on its performance.

I really appreciate your help.

 

No problem.

 

In your opinion, should I upgrade to Windows 10?

 

If your machine supports it, absolutely. Windows 8 was crappy. 8.1 was much better and with 10 I believe they got it right.

 

 

Also, was there a lot of cleaning up to do with my computer? I'm curious as to how messed up I allowed it to get. I thought I was better at this. haha

 

It wasn't too bad at all. I do believe that sometimes 3rd party "enhancement/performance" programs actually cause your machine to go slower than when just letting Windows manage it.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP