I think I have a virus. For two weeks My computer has been acting strangely. It has been slow to boot and to shut down. It has failed to load programs and crashes hard. I was able to make a full backup, but I am worried that backup may be contaminated. I have tried lots of antivirus programs, even MB. Nothing was found. I did a scan with FRST.
Something is wrong. Please, Geekstogo; you're my only hope.
As always, if you can help me I will Tweet it and Post it to my Facebook.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.05.2018 01
Ran by Supermatt (administrator) on SUPERMATT-PC (07-05-2018 14:03:30)
Running from C:\Users\Supermatt\Desktop
Loaded Profiles: Supermatt (Available Profiles: Supermatt & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\BBSvc.EXE
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Foolish IT LLC) C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventMonSvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(WordWeb Software) C:\Program Files (x86)\WordWeb\wweb32.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Ruiware) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
() C:\Program Files (x86)\DFX\DFX.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\SeaPort.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2015-01-10] (Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2208448 2018-03-14] (COMODO)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-04-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1328632 2015-12-25] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104128 2016-08-14] (VMware, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1285704 2014-08-08] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2014-07-30] (CANON INC.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [353104 2017-09-16] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
IFEO\adappmgr.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\adobe audition cs6.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\adobe extension manager cs6.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\adobe prelude.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\avidapplicationmanager.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\bridge.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\chromodo.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\cnmnsst.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\cnqmmain.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\dreamweaver.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\extendscript toolkit.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\e_gupa30.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\e_iinsggi.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\fireworks.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\flash.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\flashbuilder.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\flashplayer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\hitmanpro.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\illustrator.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\indesign.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\mbam.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\pdvdlaunchpolicy.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\photoshop.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\puran utilities.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\realconverter.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\realplay.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\realtrimmer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\rpsystray.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\uninstall.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\vmnetcfg.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\vmplayer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\vmware.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Application Manager.lnk [2017-08-25]
ShortcutTarget: Avid Application Manager.lnk -> C:\Windows\Installer\{99E377DB-D2D0-44A5-8533-AA8BE1381644}\NewShortcut1_E1E0FF1FC1474601A40EFEF248F11D43.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-06-19]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2017-09-16]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.3.1 192.168.3.1
Tcpip\..\Interfaces\{4D667F57-0C7B-4433-8185-D6FCF6C28DC4}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{91B9594E-1066-4CA0-B867-D2996DA72B2B}: [DhcpNameServer] 192.168.3.1 192.168.3.1
Tcpip\..\Interfaces\{E7FEDADC-9F33-43B5-A033-D31CF0FC7FBB}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F0A0A4C6-46AF-48B0-962C-F8E4B085E072}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3797239318-1157007529-570800937-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3797239318-1157007529-570800937-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2017-08-17] (RealDownloader)
BHO: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\dgnriaie_x64.dll [2014-07-12] (Nuance Communications, Inc.)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-29] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2013-11-02] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-29] (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2017-08-17] (RealDownloader)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2013-06-13] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll [2014-07-12] (Nuance Communications, Inc.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-29] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2013-11-02] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-29] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - No Name - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - No File
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
FireFox:
========
FF DefaultProfile: 9yuxk64l.default
FF ProfilePath: C:\Users\Supermatt\AppData\Roaming\Mozilla\Firefox\Profiles\9yuxk64l.default [2018-05-07]
FF user.js: detected! => C:\Users\Supermatt\AppData\Roaming\Mozilla\Firefox\Profiles\9yuxk64l.default\user.js [2018-01-30]
FF Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\Supermatt\AppData\Roaming\Mozilla\Firefox\Profiles\9yuxk64l.default\Extensions\[email protected] [2018-03-15]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Supermatt\AppData\Roaming\Mozilla\Firefox\Profiles\9yuxk64l.default\Extensions\[email protected] [2018-03-15]
FF Extension: (AdBlock) - C:\Users\Supermatt\AppData\Roaming\Mozilla\Firefox\Profiles\9yuxk64l.default\Extensions\[email protected] [2018-03-15]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-02-01] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: nuance.com/DgnRia2_x86_64 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\npDgnRia2_x64.dll [2014-07-12] (Nuance Communications, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_207.dll [2015-10-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-06-13] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2016-02-02] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-12-10] (Nero AG)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-11-12] (Nitro PDF)
FF Plugin-x32: @real.com/nppl3260;version=18.1.9.106 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2017-09-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.9.106 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2017-09-16] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-09] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DgnRia2 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\npDgnRia2.dll [2014-07-12] (Nuance Communications, Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/?gws_rd=cr&dcr=0&ei=2sKOWvWJNomi0QT0yb_oDw&fg=1","hxxps://duckduckgo.com/"
CHR Profile: C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default [2018-05-07]
CHR Extension: (Beatlab) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\alnfdikmbdfgkcbdodjcbmedanjinmkk [2018-01-13]
CHR Extension: (Docs) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-13]
CHR Extension: (Google Drive) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-13]
CHR Extension: (MEGA) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2018-05-05]
CHR Extension: (DuckDuckGo) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2018-05-05]
CHR Extension: (Audiotool) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [2018-01-13]
CHR Extension: (YouTube) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-13]
CHR Extension: (Dragon Web Extension) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddaloccgjfibfpkalenodgehlhkgoahe [2018-02-03]
CHR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2018-05-03]
CHR Extension: (Google Docs Offline) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-13]
CHR Extension: (AdBlock) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-04]
CHR Extension: (Tab Cookies) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\iahecghojagkcoehfhfknajofkokndjm [2018-01-13]
CHR Extension: (Omnibox NCR) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohddgnpofoogkkjejnmcgleamcfbhhc [2018-02-22]
CHR Extension: (Flat - Music scores and guitar tabs editor) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgfkpiieempkmppimblkblmlcmbdkbcg [2018-01-13]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2018-05-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-15]
CHR Extension: (Gmail) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-13]
CHR Extension: (Chrome Media Router) - C:\Users\Supermatt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-03]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-10-15] (SUPERAntiSpyware.com)
S4 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428264 2018-04-17] (AVG Technologies CZ, s.r.o.)
S4 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2304184 2016-04-07] (Comodo)
S4 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-07-25] (CyberLink Corp.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11395096 2018-03-14] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2018-03-14] (COMODO)
S3 CryptoPreventEmail; C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventMonSvc.exe [642712 2017-06-04] (Foolish IT LLC)
R3 CryptoPreventFolderWatch; C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventMonSvc.exe [642712 2017-06-04] (Foolish IT LLC)
R2 CryptoPreventMonSvc; C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventMonSvc.exe [642712 2017-06-04] (Foolish IT LLC)
S4 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-07-25] (CyberLink)
S4 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-07-25] (CyberLink)
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [137280 2014-07-12] (Nuance Communications, Inc.)
S4 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2015-01-25] (MAGIX AG) [File not signed]
S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2015-01-25] (MAGIX®) [File not signed]
S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-02-27] (SurfRight B.V.)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-04-16] (Malwarebytes)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-04-16] (Malwarebytes)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-11-12] (Nitro PDF Software)
S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [292736 2013-08-15] (Puran Software) [File not signed]
S3 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation)
S4 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [989912 2017-09-16] (RealNetworks, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5614592 2018-01-22] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [48640 2018-01-22] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [41472 2018-01-22] (AVG Technologies CZ, s.r.o.)
S4 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12471368 2016-08-14] ()
S3 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-09-15] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2016-12-25] ()
S3 ampa; C:\Windows\SysWOW64\ampa.sys [38320 2016-12-25] ()
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2017-04-04] (Google Inc)
S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2015-10-16] (The OpenVPN Project)
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
S3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation)
S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation)
S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation)
S3 CisUtMonitor; C:\Windows\System32\DRIVERS\CisUtMonitor.sys [33360 2015-07-05] (CrystalIdea Software)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [34280 2018-02-01] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [846624 2018-02-01] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [59096 2018-02-01] (COMODO)
S3 cmnxusbser; C:\Windows\System32\DRIVERS\cmnxusbser.sys [146424 2016-03-29] (Wireless Data Device)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2015-05-05] (Windows ® Win 7 DDK provider)
R3 DFX12; C:\Windows\System32\drivers\dfx12x64.sys [29688 2015-12-25] (Windows ® Win 7 DDK provider)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-25] (Etron Technology Inc)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [32768 2017-04-04] (Google Inc)
S3 HtcUsbMdmV64; C:\Windows\System32\DRIVERS\HtcUsbMdmV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2015-01-10] (Intel Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [123544 2018-02-01] (COMODO)
S3 leusbser; C:\Windows\System32\DRIVERS\leusbser.sys [238080 2015-07-01] (QUALCOMM Incorporated)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-04-16] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2018-05-06] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-04-16] (Malwarebytes Corporation)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)
S3 plkusbser; C:\Windows\System32\DRIVERS\plkusbser.sys [113664 2008-01-23] (QUALCOMM Incorporated)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 qcfilter; C:\Windows\System32\DRIVERS\qcusbfilter.sys [49208 2017-03-15] (QUALCOMM Incorporated)
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2015-01-10] (Synaptics Incorporated)
S3 tap0801; C:\Windows\System32\DRIVERS\tap0801.sys [30720 2005-04-14] (The OpenVPN Project) [File not signed]
S3 TosRfSnd; C:\Windows\System32\drivers\tosrfsnd.sys [63488 2015-05-17] (TOSHIBA Corporation) [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-11-15] (AVG Netherlands B.V.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2015-01-29] ()
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [119712 2016-12-17] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [192352 2016-12-17] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-12-17] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2015-04-04] (Windows ® Win 7 DDK provider)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [147704 2012-08-10] (CyberLink Corp.)
S2 memudrv; \??\C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
Error(1) reading file: "C:\Windows\System32\Tasks\RealPlayer (32-bit) "
2018-05-07 14:03 - 2018-05-07 14:05 - 000333943 _____ C:\Users\Supermatt\Desktop\FRST.txt
2018-05-07 13:59 - 2018-05-07 13:59 - 000000000 ____D C:\Users\Supermatt\Desktop\FRST-OlderVersion
2018-05-06 17:41 - 2018-05-06 17:41 - 000003544 ____N C:\bootsqm.dat
2018-05-06 10:26 - 2018-05-06 10:26 - 000000199 _____ C:\Users\Supermatt\Desktop\Windows P keys.txt
2018-05-05 16:42 - 2018-05-05 16:42 - 002125128 _____ C:\Users\Supermatt\Downloads\pxengine4_10_28a.zip
2018-05-05 16:38 - 2018-05-05 16:38 - 001593914 _____ C:\Users\Supermatt\Downloads\pxengine3_00_58a.zip
2018-05-05 16:02 - 2018-05-05 16:04 - 000079200 _____ C:\Users\Supermatt\Downloads\cdrom.inf_amd64_neutral_8363d00ecae4322d.zip
2018-05-05 13:22 - 2018-05-05 13:22 - 000000000 ____D C:\Users\Supermatt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2018-05-05 12:43 - 2018-05-05 17:40 - 000313962 _____ C:\Windows\ntbtlog.txt
2018-05-03 19:53 - 2018-05-03 19:53 - 000003136 _____ C:\Windows\System32\Tasks\{68C7E2F1-CCB1-4233-86C7-DEDEADAC0D88}
2018-05-03 15:26 - 2018-01-22 14:45 - 000036864 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2018-05-03 15:26 - 2018-01-22 14:45 - 000034816 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll
2018-05-03 15:25 - 2018-01-22 14:45 - 000048640 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\uxtuneup.dll
2018-05-03 15:25 - 2018-01-22 14:45 - 000041472 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\uxtuneup.dll
2018-05-01 09:26 - 2018-05-01 09:26 - 000000000 ____D C:\RegBackup
2018-04-30 17:42 - 2018-04-30 17:42 - 000000000 ____D C:\Users\Supermatt\Desktop\revisi k 13 th 2016 dan 2017
2018-04-30 16:52 - 2018-05-03 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2018-04-30 16:50 - 2018-05-03 13:28 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
2018-04-29 17:46 - 2018-04-29 17:46 - 000006460 _____ C:\Users\Supermatt\Documents\Going to the animal park.vpj
2018-04-29 17:46 - 2018-04-29 17:46 - 000000000 ____D C:\Users\Supermatt\Documents\VideoPad Projects
2018-04-29 07:25 - 2018-04-29 07:19 - 000111048 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2018-04-28 14:49 - 2018-04-28 14:50 - 108967184 _____ (Microsoft Corporation) C:\Users\Supermatt\Downloads\OfficeLangPack2013_Indonesian_x86.exe
2018-04-23 13:36 - 2018-04-23 13:36 - 000001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2018-04-23 13:36 - 2018-04-23 13:36 - 000001139 _____ C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2018-04-23 13:36 - 2018-04-23 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
2018-04-23 13:36 - 2018-04-23 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2018-04-22 13:22 - 2018-04-23 16:56 - 000000000 ____D C:\Users\Supermatt\Downloads\MEmu Download
2018-04-22 13:20 - 2018-04-23 19:36 - 000000000 ____D C:\Users\Supermatt\.MemuHyperv
2018-04-20 09:33 - 2018-04-21 11:35 - 000009872 _____ C:\Users\Supermatt\Documents\Elsha's Kitchen.xlsx
2018-04-19 11:04 - 2018-04-19 11:04 - 000002597 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2018-04-19 11:04 - 2018-04-19 11:04 - 000002585 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2018-04-19 11:04 - 2018-04-19 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
2018-04-19 11:00 - 2018-05-06 17:57 - 000003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2018-04-19 10:59 - 2018-04-19 11:01 - 000000000 ____D C:\Users\Supermatt\AppData\Local\AvgSetupLog
2018-04-19 08:13 - 2018-01-22 14:52 - 000045568 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2018-04-17 21:34 - 2018-04-19 10:44 - 000000000 ____D C:\AVG_Remover
2018-04-17 17:15 - 2018-01-06 01:50 - 000749664 _____ (Nitro Software, Inc.) C:\Windows\system32\NxPrinterMonitor11.dll
2018-04-16 18:24 - 2018-05-05 13:42 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-04-15 16:53 - 2018-04-15 16:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-04-15 16:43 - 2018-04-15 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-04-15 15:12 - 2018-04-15 15:12 - 000000000 ____D C:\Users\Supermatt\AppData\Local\ElevatedDiagnostics
2018-04-15 15:01 - 2018-04-15 15:01 - 000092993 _____ C:\Users\Supermatt\Downloads\o15-ctrremove.diagcab
2018-04-15 14:45 - 2018-04-15 17:51 - 000000000 ____D C:\Users\Supermatt\Desktop\temp ms office
2018-04-14 21:35 - 2018-04-15 04:44 - 524288000 _____ C:\Users\Supermatt\Downloads\sanet.cd_MS_Office_2016_Pro_Plus_VL_X64_MULTi-17_APRIL_2018_Gen2.zip.002
2018-04-13 16:35 - 2018-04-13 16:55 - 000000000 ____D C:\Games
2018-04-13 16:34 - 2018-04-15 13:36 - 000000000 ____D C:\Users\Supermatt\AppData\Roaming\.tlauncher
2018-04-11 18:51 - 2018-04-12 10:33 - 000000000 ____D C:\Program Files\Nitro
2018-04-11 18:00 - 2018-04-11 18:19 - 119860441 _____ C:\Users\Supermatt\Downloads\Nitro.Pro.Enterprise.10.5.9.9_x64.softarchive.la.rar
2018-04-08 17:26 - 2018-04-08 17:31 - 012742614 _____ C:\Users\Supermatt\Downloads\[Sinan_Ozdemir]_Principles_of_Data_Science(b-ok.xyz).epub
2018-04-08 08:35 - 2018-04-08 08:35 - 000000000 ____D C:\Users\Supermatt\AppData\Local\mpress
2018-04-07 16:04 - 2018-04-07 16:04 - 018254536 _____ C:\Users\Supermatt\Downloads\[Ip_Chun,_Tse_Michael.]_Wing_Chun_Kung_Fu_Traditi(b-ok.xyz).pdf
2018-04-07 09:13 - 2018-04-07 09:13 - 002595246 _____ C:\Users\Supermatt\Downloads\[Francis_A._Schaeffer]_The_Complete_Works_of_Franc(b-ok.xyz).zip
2018-04-07 07:37 - 2018-04-23 19:38 - 000000000 ____D C:\Windows\System32\Tasks\NCH Software
2018-04-07 07:37 - 2018-04-14 07:48 - 000000000 ____D C:\Users\Supermatt\AppData\Roaming\NCH Software
2018-04-07 07:36 - 2018-04-23 13:36 - 000000000 ____D C:\Program Files (x86)\NCH Software
2018-04-07 07:36 - 2018-04-15 13:36 - 000000000 ____D C:\ProgramData\NCH Software
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-05-07 14:03 - 2017-10-06 13:08 - 000000000 ____D C:\FRST
2018-05-07 14:00 - 2015-04-16 00:59 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat
2018-05-07 13:59 - 2017-10-06 12:57 - 002406912 _____ (Farbar) C:\Users\Supermatt\Desktop\FRST64.exe
2018-05-07 13:59 - 2009-07-14 11:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-05-07 13:59 - 2009-07-14 11:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-05-07 13:53 - 2014-01-08 23:27 - 000000000 ____D C:\Program Files (x86)\Google
2018-05-07 13:51 - 2015-01-24 07:08 - 000000091 _____ C:\HaxLogs.txt
2018-05-07 13:51 - 2014-01-12 19:27 - 000000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2018-05-07 13:51 - 2009-07-14 12:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-05-07 13:27 - 2014-01-10 22:23 - 000000000 ____D C:\Users\Supermatt\AppData\Roaming\tixati
2018-05-07 13:24 - 2015-05-05 23:41 - 000000000 ____D C:\Users\Supermatt\AppData\Roaming\vlc
2018-05-07 07:34 - 2016-05-08 23:34 - 000000518 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 21c10e27-ccfc-4374-ba01-ca0342dad29e.job
2018-05-07 02:00 - 2016-05-08 23:34 - 000000518 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c8d4cec7-3213-4dad-986f-f07cc5b45c2b.job
2018-05-06 18:40 - 2009-07-14 12:13 - 000901690 _____ C:\Windows\system32\PerfStringBackup.INI
2018-05-06 18:40 - 2009-07-14 10:20 - 000000000 ____D C:\Windows\inf
2018-05-06 18:29 - 2015-01-29 16:07 - 000003978 _____ C:\Windows\System32\Tasks\UALU notificatin
2018-05-06 18:01 - 2014-01-08 23:26 - 000000000 ____D C:\Users\Supermatt\AppData\Local\Apps\2.0
2018-05-06 13:23 - 2016-01-29 12:01 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2018-05-06 11:56 - 2015-05-17 02:48 - 000000000 ____D C:\Users\Supermatt\Documents\Bluetooth Exchange Folder
2018-05-06 09:10 - 2017-10-25 21:45 - 000004130 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-05-05 13:54 - 2014-01-08 23:27 - 000003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-05 13:54 - 2014-01-08 23:27 - 000003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-05 13:44 - 2018-02-23 18:38 - 000004492 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-05-05 13:44 - 2015-07-02 08:29 - 000003442 _____ C:\Windows\System32\Tasks\RealDownloader Update Check
2018-05-05 13:44 - 2014-06-23 22:59 - 000003016 _____ C:\Windows\System32\Tasks\{6C4FAF2A-FE02-4337-A7DF-AE99D7B71E73}
2018-05-05 13:44 - 2014-06-23 22:58 - 000003016 _____ C:\Windows\System32\Tasks\{C173130E-3670-44A5-A0A3-8FFD0695BA69}
2018-05-05 13:42 - 2017-12-19 21:07 - 000003238 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3797239318-1157007529-570800937-1000
2018-05-05 13:42 - 2017-12-19 21:06 - 000003364 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3797239318-1157007529-570800937-1000
2018-05-05 13:42 - 2014-12-06 13:06 - 000003696 _____ C:\Windows\System32\Tasks\Adobe online update program
2018-05-05 13:41 - 2014-02-18 00:37 - 000003758 _____ C:\Windows\System32\Tasks\Real Player online update program
2018-05-05 13:12 - 2016-08-14 14:36 - 000000000 ____D C:\ProgramData\VMware
2018-05-03 17:23 - 2018-01-01 11:47 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-03 17:23 - 2018-01-01 11:47 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-03 17:02 - 2015-09-14 17:03 - 000002976 _____ C:\Windows\System32\Tasks\Intel® GPA Monitor 13.3
2018-05-03 15:01 - 2014-01-08 20:52 - 000000000 ____D C:\Users\Supermatt
2018-05-03 15:00 - 2017-10-04 23:10 - 005300384 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-03 14:57 - 2017-11-12 19:08 - 000000000 ____D C:\Windows\System32\Tasks\COMODO
2018-05-03 14:57 - 2016-02-08 14:12 - 000000000 ____D C:\Users\Administrator.Supermatt-PC
2018-05-03 14:57 - 2016-01-31 03:35 - 000000000 ____D C:\Program Files\HitmanPro
2018-05-03 14:57 - 2015-12-14 00:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-05-03 14:57 - 2015-12-14 00:01 - 000000000 ____D C:\Program Files\7-Zip
2018-05-03 14:57 - 2015-06-26 12:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-05-03 14:57 - 2015-01-24 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2018-05-03 14:57 - 2015-01-13 20:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-05-03 14:57 - 2014-01-12 13:55 - 000000000 ____D C:\Program Files\Common Files\Nitro
2018-05-03 14:57 - 2014-01-12 13:55 - 000000000 ____D C:\Program Files (x86)\Nitro
2018-05-03 14:57 - 2014-01-09 18:42 - 000000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2018-05-03 14:53 - 2009-07-14 10:20 - 000000000 ____D C:\Windows\registration
2018-05-03 14:46 - 2014-02-17 10:33 - 000000000 ____D C:\ProgramData\Real
2018-05-03 14:45 - 2018-01-29 22:11 - 000000000 ____D C:\ProgramData\Avg
2018-05-01 08:17 - 2014-02-14 14:30 - 000000000 ____D C:\Users\Supermatt\Downloads\Compressed
2018-04-30 17:56 - 2015-05-05 23:41 - 000000000 ____D C:\Users\HomeGroupUser$
2018-04-30 17:56 - 2015-05-05 23:41 - 000000000 ____D C:\Users\Guest
2018-04-30 17:55 - 2015-05-05 23:41 - 000000000 ____D C:\Users\Administrator
2018-04-30 06:16 - 2014-02-14 14:30 - 000000000 ____D C:\Users\Supermatt\Downloads\Video
2018-04-29 17:33 - 2014-02-21 18:50 - 000000000 ____D C:\ProgramData\Temp
2018-04-29 13:37 - 2014-01-12 14:54 - 000001915 _____ C:\Users\Supermatt\AppData\Roaming\SAS7_000.DAT
2018-04-29 07:42 - 2015-04-27 20:51 - 000085032 _____ C:\Windows\system32\Drivers\fvstore.dat
2018-04-29 07:26 - 2014-01-09 00:42 - 000000000 ____D C:\Program Files (x86)\Java
2018-04-29 07:24 - 2015-01-24 00:59 - 000000000 ____D C:\Program Files\Java
2018-04-29 07:19 - 2015-01-24 01:01 - 000111048 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2018-04-29 07:14 - 2016-04-01 23:52 - 000098760 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-04-28 22:21 - 2014-01-08 20:58 - 000180176 _____ C:\Users\Supermatt\AppData\Local\GDIPFONTCACHEV1.DAT
2018-04-28 15:33 - 2014-01-09 18:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-04-28 15:33 - 2009-07-14 09:34 - 000000478 _____ C:\Windows\win.ini
2018-04-28 15:30 - 2011-04-12 15:28 - 000000000 ____D C:\Windows\ShellNew
2018-04-28 03:46 - 2016-03-10 21:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2018-04-22 13:19 - 2014-01-14 12:59 - 000000000 ____D C:\Users\Supermatt\.android
2018-04-22 00:20 - 2016-04-23 02:46 - 000002760 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2018-04-19 17:47 - 2014-05-31 11:33 - 000000000 ____D C:\Users\Supermatt\Documents\Calibre Library
2018-04-19 11:00 - 2015-03-01 14:27 - 000000000 ____D C:\Program Files (x86)\AVG
2018-04-17 16:55 - 2018-03-25 13:37 - 000001054 _____ C:\Users\Supermatt\Desktop\Puran Utilities.lnk
2018-04-17 16:46 - 2017-10-04 19:15 - 000000000 ____D C:\Users\Supermatt\AppData\Local\CrashDumps
2018-04-17 15:48 - 2017-11-09 17:50 - 000000000 ____D C:\Program Files (x86)\Audacity
2018-04-15 16:35 - 2014-01-09 18:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-04-15 16:25 - 2009-07-14 10:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-04-15 15:11 - 2014-01-09 18:41 - 000000000 ____D C:\Program Files\Microsoft Office
2018-04-15 13:37 - 2018-03-25 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Utilities
2018-04-15 13:37 - 2014-05-31 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2018-04-15 13:37 - 2014-01-09 18:46 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2018-04-15 13:24 - 2017-03-09 06:27 - 000000000 ____D C:\Users\Supermatt\AppData\Roaming\.minecraft
2018-04-15 13:12 - 2014-01-09 18:39 - 000000000 __RHD C:\MSOCache
2018-04-07 15:33 - 2014-05-31 11:37 - 000000000 ____D C:\Users\Supermatt\AppData\Local\calibre-cache
==================== Files in the root of some directories =======
2015-01-03 00:20 - 2015-01-03 00:20 - 005404888 _____ (COMODO) C:\ProgramData\cis28B.exe
2016-02-27 11:20 - 2016-02-27 11:20 - 003429056 _____ (COMODO) C:\ProgramData\cis6DFC.exe
2017-11-12 09:05 - 2017-08-29 11:52 - 004784832 _____ (COMODO) C:\ProgramData\cisCB19.exe
2017-11-12 09:05 - 2017-08-29 11:56 - 000365248 _____ (COMODO) C:\ProgramData\cmdres.dll
2017-08-17 14:59 - 2017-08-17 14:59 - 000000604 ____H () C:\Program Files (x86)\Br1S
2014-04-30 09:03 - 2014-04-30 09:03 - 002174976 ____N (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2017-08-21 23:48 - 2017-08-21 23:48 - 000000605 ____H () C:\Program Files (x86)\Common Files\Br4S
2016-08-02 21:33 - 2016-08-02 21:33 - 000000330 _____ () C:\Program Files (x86)\Common Files\eInstruction.ini
2017-08-17 23:20 - 2010-01-15 10:36 - 000075040 _____ () C:\Program Files (x86)\Common Files\SpeechUninstall.exe
2014-01-19 01:20 - 2014-06-18 00:57 - 004216840 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\vcredist.exe
2017-08-16 18:01 - 2017-08-25 15:07 - 001562498 _____ () C:\Users\Supermatt\AppData\Roaming\AvidApplicationManager_Install.log
2016-08-03 13:58 - 2016-11-27 23:12 - 000001505 _____ () C:\Users\Supermatt\AppData\Roaming\evmanage.prf
2016-08-03 13:54 - 2016-11-27 22:55 - 000000074 _____ () C:\Users\Supermatt\AppData\Roaming\evplay.prf
2016-08-12 13:10 - 2018-03-26 17:47 - 000004086 _____ () C:\Users\Supermatt\AppData\Roaming\evpro32.prf
2014-01-12 14:54 - 2018-04-29 13:37 - 000001915 _____ () C:\Users\Supermatt\AppData\Roaming\SAS7_000.DAT
2015-05-02 23:29 - 2015-05-02 23:31 - 000047104 ___SH () C:\Users\Supermatt\AppData\Roaming\Thumbs.db
2016-02-09 17:39 - 2016-05-10 20:28 - 000000504 _____ () C:\Users\Supermatt\AppData\Roaming\Weather Monitor_Settings.ini
2016-05-29 16:30 - 2016-10-24 19:03 - 000019456 _____ () C:\Users\Supermatt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-17 23:37 - 2015-08-17 23:37 - 000000036 _____ () C:\Users\Supermatt\AppData\Local\housecall.guid.cache
2015-02-18 16:01 - 2015-07-31 10:02 - 000007603 _____ () C:\Users\Supermatt\AppData\Local\Resmon.ResmonCfg
2015-08-18 01:08 - 2015-08-18 01:08 - 000000010 _____ () C:\Users\Supermatt\AppData\Local\sponge.last.runtime.cache
2015-05-11 21:44 - 2015-05-11 21:46 - 000000000 _____ () C:\Users\Supermatt\AppData\Local\TaskMan.cmd.done
2014-07-16 20:27 - 2014-07-16 20:27 - 000000000 _____ () C:\Users\Supermatt\AppData\Local\{B6A17797-1312-4D71-B698-87AF7CAD21F9}
Some files in TEMP:
====================
2018-05-03 16:07 - 2018-05-03 16:07 - 000152576 _____ () C:\Users\Supermatt\AppData\Local\Temp\ext1261804521494961108.dll
2018-05-04 09:22 - 2018-05-04 09:22 - 000152576 _____ () C:\Users\Supermatt\AppData\Local\Temp\ext2199720197495350632.dll
2018-05-03 16:47 - 2018-05-03 16:47 - 000152576 _____ () C:\Users\Supermatt\AppData\Local\Temp\ext3019161824338952284.dll
2018-05-04 14:44 - 2018-05-04 14:44 - 000152576 _____ () C:\Users\Supermatt\AppData\Local\Temp\ext4095260913454169706.dll
2018-05-03 15:12 - 2018-05-03 15:12 - 000152576 _____ () C:\Users\Supermatt\AppData\Local\Temp\ext5316181530305744407.dll
2018-04-20 08:14 - 2018-04-20 08:14 - 000152576 _____ () C:\Users\Supermatt\AppData\Local\Temp\ext5548591749658421109.dll
2018-05-03 20:29 - 2018-05-03 20:29 - 000152576 _____ () C:\Users\Supermatt\AppData\Local\Temp\ext5805253463151181967.dll
2018-05-04 16:15 - 2018-05-04 16:15 - 000152576 _____ () C:\Users\Supermatt\AppData\Local\Temp\ext6533485191856689063.dll
2018-05-03 21:58 - 2018-05-03 21:58 - 000152576 _____ () C:\Users\Supermatt\AppData\Local\Temp\ext7179398710160451432.dll
2018-05-05 13:17 - 2018-05-05 13:17 - 000152576 _____ () C:\Users\Supermatt\AppData\Local\Temp\ext8778474399459458408.dll
2018-04-28 22:41 - 2018-04-28 22:41 - 001884616 _____ (Oracle Corporation) C:\Users\Supermatt\AppData\Local\Temp\jre-8u171-windows-au.exe
2018-04-28 15:27 - 2013-02-21 06:17 - 000150600 _____ (Microsoft Corporation) C:\Users\Supermatt\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION
LastRegBack: 2018-04-28 00:07
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.05.2018 01
Ran by Supermatt (07-05-2018 14:12:41)
Running from C:\Users\Supermatt\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-01-08 13:51:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3797239318-1157007529-570800937-500 - Administrator - Disabled) => C:\Users\Administrator.Supermatt-PC
Guest (S-1-5-21-3797239318-1157007529-570800937-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3797239318-1157007529-570800937-1002 - Limited - Enabled)
Supermatt (S-1-5-21-3797239318-1157007529-570800937-1000 - Administrator - Enabled) => C:\Users\Supermatt
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: COMODO Antivirus (Enabled - Up to date) {08B84BA8-CC77-5A8B-A100-3F522B1B6106}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Advanced Protection (Enabled - Up to date) {B3D9AA4C-EA4D-5505-9BB0-0420509C2BBB}
FW: COMODO Firewall (Enabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Playpanel (HKLM-x32\...\{69967F97-E880-44B9-8383-5278BBC8809B}) (Version: 1.3.0.33 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Alive Video Converter (version 3.1.8.6) (HKLM-x32\...\Alive Video Converter_is1) (Version: - AliveMedia, Inc.)
Android Commander version 0.7.9.11 (HKLM-x32\...\Android Commander_is1) (Version: 0.7.9.11 - )
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Anime Studio Pro 10.1.1 (HKLM\...\ASP1011_is1) (Version: 10.1.1 - Smith Micro Software, Inc.)
Anime Studio Pro 11.0 (HKLM\...\ASP1100_is1) (Version: 11.0 - Smith Micro Software, Inc.)
AOMEI Partition Assistant Unlimited Edition 6.6 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-5498165BF3D0}_is1) (Version: - AOMEI Technology Co., Ltd.)
APK Studio (HKLM-x32\...\APK Studio d49d3de) (Version: d49d3de - Vaibhav Pandey)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.159.0 - Autodesk)
Autodesk Maya LT 2015 (HKLM\...\{2FB97E5C-14A5-47C8-BD85-69CC70471291}) (Version: 15.10.373.0 - Autodesk) Hidden
Autodesk Maya LT 2015 (HKLM\...\Autodesk Maya LT 2015) (Version: 15.10.373.0 - Autodesk)
AVG PC TuneUp (HKLM-x32\...\{9C775BB6-1453-45EB-8C78-A5CC5199113D}) (Version: 16.77.3 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.77.3.23060 - AVG Technologies)
Avid Application Manager (HKLM\...\{99E377DB-D2D0-44A5-8533-AA8BE1381644}) (Version: 2.5.1.115 - Avid Technology, Inc.)
Bing Bar (HKLM-x32\...\{49977584-B20E-46AB-818F-845815378904}) (Version: 7.3.117.0 - Microsoft Corporation)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Blender (HKLM\...\{B1DF3793-1651-4AE5-9CA0-E845DD8B526B}) (Version: 2.79.0 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{7F1AA7AB-E4FB-46F7-AC2F-57D78D63A368}) (Version: 3.19.0 - Kovid Goyal)
calibre 64bit (HKLM\...\{7159D1E5-62F5-42C9-825E-BE613B5DFB0F}) (Version: 2.38.0 - Kovid Goyal)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.3.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.6.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.15.23 - Canon Inc.)
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - Canon Inc.)
Canon MX490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX490_series) (Version: 1.00 - Canon Inc.)
Canon MX490 series On-screen Manual (HKLM-x32\...\Canon MX490 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.1.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.1.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.5.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.6.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
Chromodo (HKLM-x32\...\Chromodo) (Version: 48.12.18.254 - Comodo)
Classware (HKLM-x32\...\{5F945DFC-3BD1-74F7-5090-8885D0F4B1C5}) (Version: 1.2.3 - Cambridge University Press Holdings Limited) Hidden
Classware (HKLM-x32\...\Classware.D18242EEED0228FFB0408CDB0EFA905F46FFD844.1) (Version: v1.2.3.7574 - Cambridge University Press Holdings Limited)
Combined Community Codec Pack 2014-07-13 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
COMODO Internet Security Premium (HKLM\...\{4F6FC44D-AE9F-472B-8F00-B8388BC9AA04}) (Version: 10.0.1.6294 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 10.0.1.6294 - COMODO Security Solutions Inc.)
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: 8.0.4.2 - Foolish IT LLC)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1905.56 - CyberLink Corp.)
DFX (HKLM-x32\...\DFX) (Version: 12.014.0.0 - Power Technology)
Dragon NaturallySpeaking 13 (HKLM-x32\...\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}) (Version: 13.00.000 - Nuance Communications Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON TX121 Series Printer Uninstall (HKLM\...\EPSON TX121 Series) (Version: - SEIKO EPSON Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
e-Sword (HKLM-x32\...\{0BF38804-B6AE-4C32-9564-B0C0E7188D62}) (Version: 11.00.0006 - Rick Meyers)
e-Sword Macros for Word 2013 (HKLM-x32\...\{4A0259D2-7278-4B23-B594-60B4124015A6}) (Version: 10.04.0000 - Rick Meyers)
e-Sword Macros for Word 2013 (HKLM-x32\...\{B9FDCE73-DC39-4671-8F2E-2CA5ACB924B0}) (Version: 10.02.0000 - Rick Meyers)
ExamView Assessment Suite (HKLM-x32\...\{C59DE8FB-B81E-4386-B719-A8C95C16544B}) (Version: 8.1.107.70421 - eInstruction)
ExamView Content (NG Life_Beginner) (HKLM-x32\...\{eebe1d9a-486c-40e7-ae07-1892b3b2b7b4}) (Version: 8.1.107.70421 - eInstruction)
ExamView Content (NG Life_Elementary) (HKLM-x32\...\{ecb8a57a-21dc-4667-95f5-e2eff83733df}) (Version: 8.1.107.70421 - eInstruction)
ExamView Content (NG Life_Pre-intermediate) (HKLM-x32\...\{78d3c66f-5c7d-4da7-96eb-4e405a5406f2}) (Version: 8.1.107.70421 - eInstruction)
ExamView Content (NGL Our World Assess Level 1-3) (HKLM-x32\...\{8da61a8f-877e-443d-b448-3d1e60118184}) (Version: 8.1.107.70421 - eInstruction)
ExamView Content (NGL Our World Assess Level 4-6) (HKLM-x32\...\{4431b83a-1e23-458e-9f6c-a1d8270b6694}) (Version: 8.1.107.70421 - eInstruction)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
FMW 1 (HKLM\...\{DFA0CE4A-C162-40C1-A977-12E60098EB72}) (Version: 1.227.11 - AVG Technologies) Hidden
GameMaker Studio 2 (HKU\S-1-5-21-3797239318-1157007529-570800937-1000\...\GameMakerStudio2) (Version: - )
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.139 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hippo Animator 3.8 (HKLM\...\Hippo Animator 3) (Version: 3.8.5316.24610 - Hippo Studios)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.13.258 - SurfRight B.V.)
HostsMan 4.6.103 (HKLM-x32\...\{1A3DD1A9-7B7B-4ECA-AD2F-98466F49F62C}_is1) (Version: 4.6.103.0 - abelhadigital.com)
IL Autogun (HKLM-x32\...\IL Autogun) (Version: - Image-Line)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Intel Android Device USB driver (HKLM\...\Intel Android Device USB driver) (Version: 1.1.5 - Intel)
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
Intel® Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Intel® Graphics Performance Analyzers 2013 R3 (HKLM\...\{B48DBBEE-2CCB-492E-2571-78ECE93329CB}) (Version: 13.3.0.207307 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.9.5 - PACE Anti-Piracy, Inc.)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java SE Development Kit 7 Update 75 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle)
Kernel for VHD ver 12.06.01 (HKLM-x32\...\Kernel for VHD_is1) (Version: - Lepide Software Pvt.Ltd)
LenovoTool 1.2.2_os (HKLM-x32\...\LenovoTool) (Version: 1.2.2_os - Lenovo)
LenovoUsbDriver 1.0.12 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.0.12 - Lenovo)
LifeBeg (HKLM-x32\...\{BC41E108-ACA5-25E9-039A-09085C1A15F0}) (Version: 1.0 - UNKNOWN) Hidden
LifeBeg (HKLM-x32\...\com.adobe.example.LifeBeg.EE56868B10F1E873F72054D45113DA2EF16FE085.1) (Version: 1.0 - UNKNOWN)
LifeElem (HKLM-x32\...\{926447E2-8B00-F3D3-FA7A-73DE25CE5CF9}) (Version: 1.0 - UNKNOWN) Hidden
LifeElem (HKLM-x32\...\com.adobe.example.LifeElem.EE56868B10F1E873F72054D45113DA2EF16FE085.1) (Version: 1.0 - UNKNOWN)
LifePreInt (HKLM-x32\...\{76B7A5CD-3757-D3A7-7321-86677926B755}) (Version: 1.0 - UNKNOWN) Hidden
LifePreInt (HKLM-x32\...\com.adobe.example.LifePreInt.EE56868B10F1E873F72054D45113DA2EF16FE085.1) (Version: 1.0 - UNKNOWN)
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Independence Libraries Common Files (HKLM\...\{2014CA36-C62B-4E1D-9816-1EDE4845E0F0}) (Version: 3.1.0.0 - MAGIX AG) Hidden
MAGIX Independence Libraries Common Files (HKLM-x32\...\MAGIX_{2014CA36-C62B-4E1D-9816-1EDE4845E0F0}) (Version: 3.1.0.0 - MAGIX AG)
MAGIX Independence Pro 3.1 VST-Plugins (HKLM\...\{74CC038C-E942-42A7-A54A-4CB686050428}) (Version: 3.1.0.0 - MAGIX AG) Hidden
MAGIX Independence Pro 3.1 VST-Plugins (HKLM-x32\...\MAGIX_{74CC038C-E942-42A7-A54A-4CB686050428}) (Version: 3.1.0.0 - MAGIX AG)
MAGIX Independence Pro Software Suite 3.1 (HKLM\...\{12FBE83D-482B-4D82-BAC7-665B7DD79DB2}) (Version: 3.1.1.11 - MAGIX AG) Hidden
MAGIX Independence Pro Software Suite 3.1 (HKLM-x32\...\MAGIX_{12FBE83D-482B-4D82-BAC7-665B7DD79DB2}) (Version: 3.1.1.11 - MAGIX AG)
MAGIX Music Maker 2014 Premium (HKLM\...\{088A4B09-8FB2-48D0-932A-7F90BE050543}) (Version: 20.0.2.35 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Premium (HKLM-x32\...\MX.{088A4B09-8FB2-48D0-932A-7F90BE050543}) (Version: 20.0.2.35 - MAGIX AG)
MAGIX Music Maker 2014 Premium (Introductory videos) (HKLM\...\{4BA5297E-60A6-4F18-9AAC-25A878C4E38C}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Premium (Introductory videos) (HKLM-x32\...\MX.{4BA5297E-60A6-4F18-9AAC-25A878C4E38C}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2014 Premium (Synthesizer and effects) (HKLM\...\{773A4DDC-3B52-42C7-8B7A-52369B9A390B}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Premium (Synthesizer and effects) (HKLM-x32\...\MX.{773A4DDC-3B52-42C7-8B7A-52369B9A390B}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2014 Premium (Visuals) (HKLM\...\{A6A5590A-0FF9-4FD9-AD8D-17B5BCBE06F5}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Premium (Visuals) (HKLM-x32\...\MX.{A6A5590A-0FF9-4FD9-AD8D-17B5BCBE06F5}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2014 Premium Soundpools (HKLM\...\{095A41CD-2500-4783-AE28-87E05653CDE7}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Soundpools (HKLM\...\{6F1F7E62-A579-434C-9610-F6FE2930C02E}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM\...\{5C375A31-ED71-4CA0-91E0-8FA47E72D56D}) (Version: 7.0.1.27 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{5C375A31-ED71-4CA0-91E0-8FA47E72D56D}) (Version: 7.0.1.27 - MAGIX AG)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Manga Studio (HKLM-x32\...\{CFA66508-B19D-4032-AB0A-EBBA2BDF1368}) (Version: 5.0.5 - Smith Micro)
Math Resource Studio 5 (HKLM-x32\...\{946E9741-5FAE-4011-9019-BC1FAF3FE99D}) (Version: 5.0.14.1 - Schoolhouse Technologies)
MCreator 1.7.7 (HKLM-x32\...\MCreator 1.7.7 Installer) (Version: - Pylo)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Toolkit 2.4.0.0 (HKLM-x32\...\Microsoft Toolkit 2.4.0.0) (Version: 2.4.0.0 - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4 (HKLM-x32\...\{C5564379-582D-457A-9E68-A9E7C1F1C4EC}_is1) (Version: 1.4 - Sam Rodberg)
MiniTool Partition Wizard Professional Edition 8.1.1 (HKLM-x32\...\{2991A446-D356-44EC-930A-42E8B02A67C0}_is1) (Version: - MiniTool Solution Ltd.)
MiniTool Power Data Recovery Free Edition 7.0 (HKLM\...\MiniTool Power Data Recovery Free Edition_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 58.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 58.0.2 (x64 en-US)) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MuseScore 2 (HKLM-x32\...\{DC8A2B29-D9A7-4D67-A049-BC0A659A2B57}) (Version: 2.1.0 - Werner Schweer and Others)
Nero 2014 (HKLM-x32\...\{0128492C-AB60-43BE-9D9A-8CA622CAF06E}) (Version: 15.0.07700 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nitro Pro 9 (HKLM\...\{BC8E7DF0-4434-4688-B615-0A3E5FACFC26}) (Version: 9.0.4.5 - Nitro)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OPPO USB Drivers 2.2.6.0 (HKLM\...\{60092746-6A0F-46A9-B9F1-53B62EC0E0A4}_is1) (Version: 2.2.6.0 - OPPO mobile telecommunications Corp., LTD)
Oracle VM VirtualBox 5.0.20 (HKLM\...\{8209969B-9A31-4021-B0D8-E6F719F7F995}) (Version: 5.0.20 - Oracle Corporation)
Our World 1 AE 2.0 (HKLM-x32\...\Our World 1 AE 2.0) (Version: 1.0.0.0 - )
Our World 2 AE 2.0 (HKLM-x32\...\Our World 2 AE 2.0) (Version: 1.0.0.0 - )
Our World 4 AE 2.0 (HKLM-x32\...\Our World 4 AE 2.0) (Version: 1.0.0.0 - )
Our World 6 AE 2.0 (HKLM-x32\...\Our World 6 AE 2.0) (Version: 1.0.0.0 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
Prerequisite installer (HKLM-x32\...\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}) (Version: 15.0.0005 - Nero AG) Hidden
Puran Utilities 3.1 (HKLM\...\Puran Utilities_is1) (Version: - Puran Software)
Qualcomm USB Drivers For Windows (HKLM-x32\...\{D9FB7F91-9687-4B09-894D-072903CADEA4}) (Version: 1.00.25 - QUALCOMM Incorporated)
RealDownloader (HKLM-x32\...\{2275115D-1431-4A62-A98F-2F0393815327}) (Version: 18.1.9.106 - RealNetworks, Inc.) Hidden
RealDownloader (HKLM-x32\...\{45bcec97-14a2-4e10-a129-58d2d0b34398}) (Version: 18.1.9.106 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.9 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Schoolhouse Test 4 (HKLM-x32\...\{F5C9D54B-C338-4EF1-89D4-94F369CFC061}) (Version: 4.0.3.3 - Schoolhouse Technologies)
Sibelius (HKLM\...\{6420DC80-3BCF-4C96-A209-B0C5D26E140D}) (Version: 8.2.0.89 - Avid Technology)
Sibelius 7 OpenType Fonts (HKLM-x32\...\{623C2BD8-1B28-4F98-B578-E9D139827269}) (Version: 7.1.3 - Avid)
Singing Coach 5 Pro (HKLM-x32\...\Singing Coach 5 Pro) (Version: 5.0.5.0 - Electronic Learning Products, Inc. )
Speech Support (HKLM-x32\...\Speech Support) (Version: - LEC)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1212 - SUPERAntiSpyware.com)
SuperBeam (HKLM\...\{1E690789-503A-4733-B224-7FE1DA597F2A}_is1) (Version: 7 - LiveQoS Inc)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.14.0 - Synaptics Incorporated)
Telegram Desktop version 1.0.2 (HKU\S-1-5-21-3797239318-1157007529-570800937-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.0.2 - Telegram Messenger LLP)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Tixati (HKLM-x32\...\tixati) (Version: - )
Turbo Studio 17 (HKLM-x32\...\{80bc26f1-601d-4766-b205-404db5168343}) (Version: 17.0.1.0 - Code Systems)
Uninstall Tool (HKLM\...\Uninstall Tool_is1) (Version: 3.4.3 - CrystalIDEA Software, Inc.)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 6.01 - NCH Software)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vita 2 (HKLM\...\{84CB6E60-E7CB-429F-AF9A-44F035889123}) (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita 2 add-on content (HKLM\...\{77C4AF18-19ED-489E-84D3-203E3862F6BC}) (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Drum Engine (HKLM\...\{5D8D5B24-732C-4AA6-ABFE-9EAFF12064A4}) (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Electric Piano (HKLM\...\{C1109FC5-35DA-403C-AE1D-99295EDB6FA9}) (Version: 1.0.2.0 - MAGIX AG) Hidden
Vita Jazz Drums (HKLM\...\{7A22C523-501D-4FD2-B9AD-BBEE8AFAED44}) (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Pop Brass (HKLM\...\{3CAD92B3-6BA0-44A4-A546-162520A80BB3}) (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Power Guitar (HKLM\...\{96826F72-1E29-4AB8-9312-84E664DCE474}) (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Vintage Organ (HKLM\...\{4F6B2EA9-4598-4653-B13A-E27AA387DC9B}) (Version: 1.0.1.0 - MAGIX AG) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VMware Workstation (HKLM\...\{F4C0A853-FA3B-4404-954B-799299EB5A98}) (Version: 12.1.1 - VMware, Inc.)
Vocabulary Worksheet Factory 5 (HKLM-x32\...\{DCC3A680-485D-4C55-AEDE-A87483B99E54}) (Version: 5.0.20.4 - Schoolhouse Technologies)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
WhatsApp (HKU\S-1-5-21-3797239318-1157007529-570800937-1000\...\WhatsApp) (Version: 0.2.8000 - WhatsApp)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6000 - Broadcom Corporation)
WinDirStat 1.1.2 (HKU\S-1-5-21-3797239318-1157007529-570800937-1000\...\WinDirStat) (Version: - )
Windows Driver Package - MediaTek Inc. (usbser) Ports (01/05/2012 2.0000.0.1) (HKLM\...\49D9ABA9270C5BDFD7AE1BEB607D36B26BB90235) (Version: 01/05/2012 2.0000.0.1 - MediaTek Inc.)
Windows Driver Package - MediaTek Inc. (usbser) Ports (12/24/2011 2.0000.0.0) (HKLM\...\D0E6296D177F42BB31C0200E49412003DB6C4633) (Version: 12/24/2011 2.0000.0.0 - MediaTek Inc.)
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 34.11.2016.27 - Ruiware)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wondershare Data Recovery(Build 5.0.3.13) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 5.0.3.13 - Wondershare Software Co.,Ltd.)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
WordWeb Pro (HKLM-x32\...\WordWeb) (Version: 7 - WordWeb Software)
XiaoMiFlash (HKLM-x32\...\{17027A8C-4379-424D-9236-075003273CE3}) (Version: 1.1.4 - XiaoMi)
XiaoMiTool version 0.4.1 (HKLM-x32\...\{1A2DAE03-6903-4871-A909-237AB764A4B6}_is1) (Version: 0.4.1 - Francesco Tescari)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.8.20150402 - Xilisoft)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKU\S-1-5-21-3797239318-1157007529-570800937-1000\...\ChromeHTML: -> <==== ATTENTION
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-18] ()
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2018-01-22] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [B1ShellEx] -> {76CF52AF-2B2D-4999-8CE8-495187BB11CD} => -> No File
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-14] (COMODO)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-14] (COMODO)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2016-04-14] (VMware, Inc.)
ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2016-04-14] (VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-04-16] (Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcontextmenu.dll [2017-09-16] (RealNetworks, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2018-01-22] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2018-01-22] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-01-10] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems Inc.)
ContextMenuHandlers6: [B1ShellEx] -> {76CF52AF-2B2D-4999-8CE8-495187BB11CD} => -> No File
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-14] (COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-04-16] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02170602-07F0-446E-8EF6-4FCF2D7FCE4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {0FE1F78F-1F58-4105-9BDE-B3C6ED7DD4B2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {1A52B213-DA38-4CB7-BF83-8E1A4458448E} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2018-01-22] (AVG Technologies CZ, s.r.o.)
Task: {217CAB11-5A88-4B6B-8196-A4DB24ADE963} - System32\Tasks\{B81634CD-E33F-477E-BE2A-01BA37F57777} => C:\Windows\system32\pcalua.exe -a C:\Users\SUPERM~1\AppData\Local\Temp\jre-8u77-windows-au.exe -d "C:\Program Files (x86)\Common Files\Java\Java Update" -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {268EAEAA-A07B-4AA6-9162-C427C41DEB1D} - System32\Tasks\Update\ProxyUpdate => C:\Windows\Prefetch\AVG_PCTuneUp.exe <==== ATTENTION
Task: {2A4C739A-E4F7-4C74-AF24-3F7327C1C522} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {2D159C88-B96E-48E4-87F6-84431EADC166} - System32\Tasks\{FDB7A662-A7D5-4A80-88F5-8A1C522277DD} => C:\Windows\system32\pcalua.exe -a C:\Users\SUPERM~1\AppData\Local\Temp\jre-8u65-windows-au.exe -d "C:\Program Files (x86)\Common Files\Java\Java Update" -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {35541BD8-08B8-456E-977E-5ABF73EA6E11} - System32\Tasks\Intel® GPA Monitor 13.3 => C:\Program Files\Intel\GPA\2013 R3\gpamonitor.exe [2015-09-14] (Intel Corporation)
Task: {3704F14D-700A-4BAE-A91E-66B9EA645E52} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-14] (COMODO)
Task: {3AE3FB84-1465-4EBA-B033-D42FECA4FA61} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {3B379C0B-3EAA-438B-BF2B-70A69A3F725C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
Task: {3BD3C4D8-5152-4ABB-ACB9-F60AE7A8216E} - System32\Tasks\{C173130E-3670-44A5-A0A3-8FFD0695BA69} => C:\Program Files (x86)\Smartfren Connex CE81B UI\WirelessModem.exe
Task: {44256EF3-D3FB-4FAB-B907-6740E3065266} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
Task: {47B38BDB-0F7A-4FDB-9956-602A9CCBD69D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {4F68631E-92EC-4599-8299-E5B773FEE018} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-14] (COMODO)
Task: {582212B9-A012-48FD-915E-975D0E0ED486} - System32\Tasks\{276A30E3-DC17-4817-B9CF-7C12127C6DE2} => C:\Windows\system32\pcalua.exe -a C:\Users\Supermatt\Desktop\MiFlashUnlock_1.1.0317.1_en\MiUsbDriver.exe
Task: {58526FD5-F666-4078-B306-47B0D26CB9AA} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3797239318-1157007529-570800937-1000 => C:\program files (x86)\real\RealDownloader\realupgrade.exe [2017-08-17] (RealNetworks, Inc.)
Task: {59BB5577-DD6F-4D2D-A725-2A3A440C2A0F} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-14] (COMODO)
Task: {5C1D53F2-A431-4D09-9788-5288219B42B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {62D1B557-2D88-412B-A8EE-670747BB8D9C} - \RealPlayer (32-bit) -> No File <==== ATTENTION
Task: {7D57EBF5-3183-4D3C-B0D2-EE0509E50F84} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2018-03-14] (COMODO)
Task: {8F4CF6A0-B45B-4E52-9009-C505F9D7A091} - System32\Tasks\COMODO CertSentry Updater => C:\Windows\system32\certsentry.exe [2015-04-17] (COMODO CA Limited)
Task: {906A2DDB-F2B5-443F-A1FF-80906798196F} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2018-03-14] (COMODO)
Task: {9318C4DF-FB4C-4824-9DC9-A68C7E1F1356} - System32\Tasks\{68C7E2F1-CCB1-4233-86C7-DEDEADAC0D88} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Microvirt\MEmu\uninstall\uninstall.exe" -c -u
Task: {9EA43A95-A8CD-4975-B11A-748D6AC8948D} - System32\Tasks\Real Player online update program => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2017-09-16] (RealNetworks, Inc.)
Task: {A207CBFF-F373-4A2B-B8D7-218E07F1F27C} - System32\Tasks\{D7259A02-C46F-4BF8-AFFA-C68E495F17D5} => C:\Windows\system32\pcalua.exe -a C:\Users\SUPERM~1\AppData\Local\Temp\jre-8u91-windows-au.exe -d "C:\Program Files (x86)\Common Files\Java\Java Update" -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {A9EE4656-CBCB-40A3-AD82-BD7D16B21D4D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {AC6746AC-3DDB-4151-A4FD-E07E2AE93159} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-14] (COMODO)
Task: {AFDA95AA-E786-438B-994E-9AF9C9915827} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B0C50936-9A0B-408D-95D3-92E39A4583F2} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3797239318-1157007529-570800937-1000 => C:\program files (x86)\real\RealDownloader\realupgrade.exe [2017-08-17] (RealNetworks, Inc.)
Task: {B24A5D00-4852-4973-BF13-57FE01076CA3} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [2018-02-23] (Adobe Systems Incorporated)
Task: {B9D978BB-B3D5-4B06-9602-D416B970ACE0} - System32\Tasks\SUPERAntiSpyware Scheduled Task c8d4cec7-3213-4dad-986f-f07cc5b45c2b => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)
Task: {C9C4CB60-7785-4BFB-8AB1-7CEE5D431073} - System32\Tasks\{983DFDD9-AB89-45AD-8EFD-BAFE6774E08C} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Security Task Manager\Setup.exe" -d "C:\Program Files (x86)\Security Task Manager"
Task: {D2E424D9-CBBF-40E0-94DB-B3DCE6506001} - System32\Tasks\SUPERAntiSpyware Scheduled Task 21c10e27-ccfc-4374-ba01-ca0342dad29e => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)
Task: {E00DAAA3-C20A-4AAA-B36F-38F78DE05BA1} - System32\Tasks\{8902A5A3-54A0-4BBF-892E-12ED7A2F33E5} => C:\Windows\system32\pcalua.exe -a C:\Users\SUPERM~1\AppData\Local\Temp\jre-8u45-windows-au.exe -d "C:\Program Files (x86)\Common Files\Java\Java Update" -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {E20FE766-DA34-4D12-92B8-EAA36B178DE7} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
Task: {E620F070-9DCA-4003-9542-72629F7DB336} - System32\Tasks\{6C4FAF2A-FE02-4337-A7DF-AE99D7B71E73} => C:\Program Files (x86)\Smartfren Connex CE81B UI\WirelessModem.exe
Task: {F253961A-27C4-473E-BCE3-AC65C4E55B84} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2015-01-29] (Acer Incorporated)
Task: {F9A4D47A-3C11-494D-9AB2-342BFBEAC2BB} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28] (Oracle Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 21c10e27-ccfc-4374-ba01-ca0342dad29e.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c8d4cec7-3213-4dad-986f-f07cc5b45c2b.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Supermatt\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
==================== Loaded Modules (Whitelisted) ==============
2017-08-29 05:56 - 2018-03-14 00:17 - 000107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2017-08-29 05:56 - 2018-03-14 00:17 - 000244416 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2009-09-21 15:04 - 2009-09-21 15:04 - 001501696 ____N () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2017-07-20 16:03 - 2017-09-07 15:39 - 000073920 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2013-10-17 11:23 - 2013-10-17 11:23 - 008866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-05-18 05:42 - 2016-05-18 05:42 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2010-06-25 09:08 - 2010-06-25 09:08 - 000173856 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2015-02-28 09:21 - 2015-12-25 15:28 - 001328632 _____ () C:\Program Files (x86)\DFX\DFX.exe
2015-02-28 09:14 - 2015-12-25 15:28 - 000133624 _____ () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
2015-02-28 09:18 - 2015-12-25 15:28 - 000134648 _____ () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
2015-02-28 09:48 - 2015-12-25 15:28 - 000051192 ____N () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared64.dll
2015-02-28 09:43 - 2015-12-25 15:28 - 000052216 ____N () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared32.dll
2018-04-19 10:59 - 2016-06-24 02:07 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %*
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-3797239318-1157007529-570800937-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3797239318-1157007529-570800937-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3797239318-1157007529-570800937-1000\...\sony.com -> sony.com
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-09-12 23:18 - 2016-12-17 00:32 - 000000697 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 license.superantispyware.com
127.0.0.1 tonec.com
127.0.0.1 http://www.tonec.com
127.0.0.1 internetdownloadmanager.com
0.0.0.0 license.superantispyware.com
0.0.0.0 keystone.mwbsys.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3797239318-1157007529-570800937-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Supermatt\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.3.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: DragonSvc => 3
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: RealPlayerUpdateSvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealTimes.lnk => C:\Windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: RealDownloader => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\StartupFolder: => "RealPlayer Cloud Service UI.lnk"
HKLM\...\StartupApproved\StartupFolder: => "RealTimes.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "PowerDVD12DMREngine"
HKLM\...\StartupApproved\Run32: => "PowerDVD12Agent"
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "MagicPlusHelper"
HKLM\...\StartupApproved\Run32: => "TkBellExe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "RealDownloader"
HKU\S-1-5-21-3797239318-1157007529-570800937-1000\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-3797239318-1157007529-570800937-1000\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-3797239318-1157007529-570800937-1000\...\StartupApproved\Run: => "Messenger (Yahoo!)"
HKU\S-1-5-21-3797239318-1157007529-570800937-1000\...\StartupApproved\Run: => "GoogleDriveSync"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{219A26F1-820B-49F7-B661-6C4E6944FC2E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{AAAA85EC-D718-47C9-879C-CDA8579CEFF6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{705D0812-999F-4EF8-8025-FFA528D0E6D0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{80E07C3D-27C6-47CF-8574-218C777634AA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9848B36B-2273-4286-BF90-C2B5466218E2}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{6F5EA031-9D3E-4CB9-8F7D-9A40E84582ED}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{87BC4FC3-2EB9-476F-9BB0-DE43EC4B3C67}] => (Allow) LPort=26675
FirewallRules: [TCP Query User{9DAF9614-B9CF-4360-BDF7-6B2C919C1F08}C:\program files (x86)\tixati\tixati.exe] => (Allow) C:\program files (x86)\tixati\tixati.exe
FirewallRules: [UDP Query User{5E34C749-0653-4A6F-A3E0-A49DEAA7974D}C:\program files (x86)\tixati\tixati.exe] => (Allow) C:\program files (x86)\tixati\tixati.exe
FirewallRules: [{3754294B-8BC5-409F-B742-3D4DB2D82D78}] => (Allow) LPort=51001
FirewallRules: [{CE38EE3F-28BE-444A-A851-C14A7EEE0DA7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{8A0746D9-2F0D-4D23-A0EB-85FB8C59C068}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{0B2529E6-9DCF-451A-B3F5-1A29AFC0D005}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2968D884-222C-4949-BA1D-5AE2871B37FD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{717759C5-69C3-4E26-B94C-3195D192A090}] => (Allow) LPort=51001
FirewallRules: [TCP Query User{79F7CDED-6AC6-4D56-A3FF-0993692193FC}C:\program files (x86)\tixati\tixati.exe] => (Allow) C:\program files (x86)\tixati\tixati.exe
FirewallRules: [UDP Query User{7C74F8CF-3178-4E87-8461-C3E22F58B130}C:\program files (x86)\tixati\tixati.exe] => (Allow) C:\program files (x86)\tixati\tixati.exe
FirewallRules: [{C5604AA7-992D-4CCB-8CEB-0F774590582D}] => (Block) %ProgramFiles% (x86)\Nero\Nero ControlCenter\NCC.exe
FirewallRules: [{85E81382-982E-4DC7-9488-F0B13DBE20CC}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{0022D6B1-7412-4FA2-B941-CC9CC80AF313}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{AAF0200E-A99F-484B-88DD-31680040AB7C}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{AC0B44C7-FB73-499A-A74A-537201C64AA8}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{FD1E42B2-3866-4BC7-B7CC-2E4EFA78BBAB}] => (Block) %ProgramFiles% (x86)\Nero\Nero ControlCenter\NCC.exe
FirewallRules: [{A8C5307B-204A-4D37-AB9D-B92A42C31853}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{FB183F9E-6CEC-4CBF-B482-D0647D4D7F83}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{9E6A5106-9A61-419D-8BD2-BC947901BB3D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{56C037E2-0A93-42E4-9547-FC027885C4A5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{6C1857C7-8DD9-4830-A921-AB9EFE6799DB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{F20B86A7-CAC9-4BF8-8B0C-FF956FA04AD7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [TCP Query User{1794799F-581F-4D42-A2EA-8107C64E181E}C:\program files (x86)\java\jre7\launch4j-tmp\mucommander.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\mucommander.exe
FirewallRules: [UDP Query User{1D2BD891-2C37-4825-9E90-86328CF4945E}C:\program files (x86)\java\jre7\launch4j-tmp\mucommander.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\mucommander.exe
FirewallRules: [{D582C995-C7C4-45BC-80B6-D9EC290B85D2}] => (Block) C:\program files (x86)\java\jre7\launch4j-tmp\mucommander.exe
FirewallRules: [{5C2A35BE-D115-46D0-81DE-4FDC493A134C}] => (Block) C:\program files (x86)\java\jre7\launch4j-tmp\mucommander.exe
FirewallRules: [{D3A755B2-C040-419E-BB8D-5A0E1A85A434}] => (Allow) LPort=8080
FirewallRules: [{02FFB931-CD4D-4B17-BDA6-D75E1BB10A7E}] => (Allow) C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\vcloader.exe
FirewallRules: [{27D72650-BB1A-456A-B524-C7BEAED4FAF9}] => (Allow) C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\vcloader.exe
FirewallRules: [{286DC3F0-C4B8-419E-9431-C1A34A1B4656}] => (Allow) C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\vcloader.exe
FirewallRules: [{8339AEBF-2F6E-4822-A7D0-9CD7FD90361B}] => (Allow) C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\vcloader.exe
FirewallRules: [{60BC5D15-6BDE-48CE-A1F3-220D15C2DFDD}] => (Allow) C:\Program Files (x86)\PowerISO\PowerISO.exe
FirewallRules: [{6A17B749-DC74-46E5-9372-143DA0658AF0}] => (Allow) C:\Program Files (x86)\PowerISO\PowerISO.exe
FirewallRules: [{D1255087-7376-482A-9997-246634CE9C89}] => (Allow) C:\Program Files (x86)\PowerISO\PowerISO.exe
FirewallRules: [{3288B3B5-C77A-4E44-8B9A-3380D4679FBF}] => (Allow) C:\Program Files (x86)\PowerISO\PowerISO.exe
FirewallRules: [{6E2601F2-02AB-4D75-BE72-ED4D258538E9}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{FEE5923B-4360-48B6-8921-ADF4A4D7FF64}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{22A4CDB9-0712-421B-A4F5-47328E5673E2}] => (Allow) LPort=7935
FirewallRules: [{6FDEC213-17B7-449F-A107-AA36C0B3CB02}] => (Allow) C:\Windows\SysWOW64\router.exe
FirewallRules: [TCP Query User{B0CA7870-EE47-4CD0-AE1D-840F0019323E}C:\program files\java\jdk1.7.0_75\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.7.0_75\bin\jmc.exe
FirewallRules: [UDP Query User{A35E3EB5-8AE3-4C09-A4DB-024B80BCD2A4}C:\program files\java\jdk1.7.0_75\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.7.0_75\bin\jmc.exe
FirewallRules: [TCP Query User{7294E9ED-8FF7-43D3-B62D-640521C54937}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{D1388B3A-DDC7-416E-BAB4-993690A1BF3A}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [{D8368476-864A-4ECA-B099-C05D851CB68D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2621560F-4D18-498B-87A1-57AF8CE63EA6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A8C91258-814D-4C2C-93F4-84E16EFC64ED}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4FFFDBAD-5CAD-4679-B3B0-E93DC90FC6AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BE2522F0-A7BC-429B-A14D-6ADF52657A8E}] => (Allow) C:\Program Files\Smith Micro\Anime Studio Pro 10\Anime Studio Pro x64.exe
FirewallRules: [{CF44B602-D564-4384-B8C6-565D3BD0C9D6}] => (Allow) C:\Program Files\Smith Micro\Anime Studio Pro 10\Anime Studio Pro x64.exe
FirewallRules: [{CC846382-CC29-4046-A8DB-D39D3375CC9D}] => (Allow) C:\Program Files (x86)\Smith Micro\Anime Studio Pro 11\Anime Studio Pro Win32.exe
FirewallRules: [{60CB4EC5-7966-44CA-999C-4E623543290A}] => (Allow) C:\Program Files (x86)\Smith Micro\Anime Studio Pro 11\Anime Studio Pro Win32.exe
FirewallRules: [{48B2E9D5-9083-4DAB-9A59-8CC242D86704}] => (Allow) C:\Program Files (x86)\Smith Micro\Anime Studio Pro 11\Anime Studio Pro Win32.exe
FirewallRules: [{5E3F9622-3508-450F-9C87-5FF416430443}] => (Allow) C:\Program Files (x86)\Smith Micro\Anime Studio Pro 11\Anime Studio Pro Win32.exe
FirewallRules: [{526BD3DF-653B-4ABD-93DA-0A65DCEBC387}] => (Allow) C:\Program Files\Smith Micro\Anime Studio Pro 11\Anime Studio Pro x64.exe
FirewallRules: [{11C51389-8697-4972-83E3-0DA53541B953}] => (Allow) C:\Program Files\Smith Micro\Anime Studio Pro 11\Anime Studio Pro x64.exe
FirewallRules: [{8C089F28-6842-444C-8022-39AC99CAE226}] => (Allow) C:\Program Files\Smith Micro\Anime Studio Pro 11\Anime Studio Pro x64.exe
FirewallRules: [{91A56486-9729-4326-9EFA-432BB85D8F21}] => (Allow) C:\Program Files\Smith Micro\Anime Studio Pro 11\Anime Studio Pro x64.exe
FirewallRules: [{0A90557A-DA7B-477D-B9A2-32ABC7026234}] => (Allow) LPort=17234
FirewallRules: [{F724E459-45E6-4AD0-98CB-50B4B5068122}] => (Allow) C:\Program Files\Intel\GPA\2013 R3\gpamonitor.exe
FirewallRules: [{0EA1ACAC-67E7-4B25-B10C-AB3D7AC8B4FB}] => (Allow) C:\Program Files\Intel\GPA\2013 R3\gpamonitor.exe
FirewallRules: [{291BBA65-4AB4-458E-B33B-0C37F2CF719B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{F791C0A0-D5CE-407D-BD89-D525C9CAEFA1}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{90BA8D38-E7A8-4830-9CDB-DCF48A6894E3}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{BCB8BD7E-2521-4551-96F6-3D99F8A624C5}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{7D8BFB07-6AF2-4380-8E48-FD2B18D910F6}] => (Allow) C:\Program Files\SuperBeam\SuperBeam.exe
FirewallRules: [{6418B01D-8DFA-4722-8942-AF673C661486}] => (Allow) C:\Program Files\SuperBeam\app\ssl-proxy
FirewallRules: [{592A0725-5F25-40EF-9DB3-7C6E823657E0}] => (Allow) C:\Program Files\Avid\Application Manager\jre\bin\java.exe
FirewallRules: [{7109E65B-E4A1-4B09-8A8C-C7A4D7C00EA1}] => (Allow) C:\Program Files\Avid\Application Manager\AvidApplicationManager.exe
FirewallRules: [{02FE2634-D65F-4430-B855-A78C6BAE88FD}] => (Allow) C:\Program Files\Avid\Application Manager\AvidAppManHelper.exe
FirewallRules: [{D8BE8888-629A-4AFA-B6E0-75E40B4E3F23}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{8AE424B6-BFB7-455B-AE17-5D821A455C6A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EC9EB48D-E841-4687-B421-45BCD07D0EC1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8A3BF257-E86D-4A8D-945A-F475DAF09348}] => (Allow) C:\Program Files\SuperBeam\SuperBeam.exe
FirewallRules: [{A519E786-F885-47A0-AC8C-2AA235288156}] => (Allow) C:\Program Files\SuperBeam\app\ssl-proxy
FirewallRules: [{F6C97284-8D40-4FC7-BC40-75B818AA48DA}] => (Allow) LPort=8080
FirewallRules: [{D1D458A2-2D9D-4467-B5AD-6FBE36B636DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
04-05-2018 14:53:23 Buddy safe
04-05-2018 16:34:55 Windows Backup
==================== Faulty Device Manager Devices =============
Name: memudrv
Description: memudrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: memudrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/07/2018 01:52:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/07/2018 01:37:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/06/2018 05:54:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/05/2018 11:51:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/05/2018 05:47:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/05/2018 05:33:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/05/2018 04:24:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/05/2018 03:12:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mmc.exe version 6.1.7600.16385 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: f58
Start Time: 01d3e4482c769914
Termination Time: 13
Application Path: C:\Windows\system32\mmc.exe
Report Id: 9322a4fc-503b-11e8-880e-f07bcbf0f62a
System errors:
=============
Error: (05/07/2018 02:02:47 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
Error: (05/07/2018 01:54:01 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Error: (05/07/2018 01:53:44 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
Error: (05/07/2018 01:51:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WebcamMax, WDM Video Capture service failed to start due to the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (05/07/2018 01:51:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The memudrv service failed to start due to the following error:
The system cannot find the path specified.
Error: (05/07/2018 01:48:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Security Center service terminated with the following error:
The authentication service is unknown.
Error: (05/07/2018 01:47:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (05/07/2018 01:47:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
CodeIntegrity:
===================================
Date: 2017-11-12 23:12:24.098
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-12 23:12:23.973
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-12 23:04:32.628
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-12 23:04:32.581
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-05 22:49:57.890
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-05 22:49:57.827
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-05 15:02:37.109
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-11-05 15:02:36.953
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5 CPU M 450 @ 2.40GHz
Percentage of memory in use: 34%
Total physical RAM: 5812.5 MB
Available physical RAM: 3834.38 MB
Total Virtual: 11952.71 MB
Available Virtual: 9650.7 MB
==================== Drives ================================
Drive c: (Disk4) (Fixed) (Total:529.09 GB) (Free:234.32 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Disk2) (Fixed) (Total:402.32 GB) (Free:168.33 GB) NTFS
Drive m: (Seagate Expansion Drive) (Fixed) (Total:931.51 GB) (Free:357.14 GB) NTFS
\\?\Volume{05205e46-78e8-11e3-9a7e-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 01C54DC0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=402.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=529.1 GB) - (Type=0F Extended)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C03BCFB4)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================