FIRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Admin (administrator) on ADMIN-PC (03-04-2016 18:04:22)
Running from D:\Downloads
Loaded Profiles: Admin (Available Profiles: Admin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_svc.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
() C:\Users\Admin\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Steam2\Steam\Steam.exe
(Valve Corporation) D:\Steam2\Steam\bin\steamwebhelper.exe
(Valve Corporation) D:\Steam2\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() D:\Steam2\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Valve Corporation) D:\Steam2\Steam\GameOverlayUI.exe
(Valve Corporation) D:\Steam2\Steam\bin\steamwebhelper.exe
(Valve Corporation) D:\Steam2\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NVRaidService] => C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe [291944 2010-04-09] (NVIDIA Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [SoundMax] => C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [3895296 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2036864 2016-03-21] (Hola Networks Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-03-22] (LogMeIn Inc.)
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINFE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINFE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23260000 2016-02-24] (Google)
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Run: [**eK**<*>] => C:\Program Files (x86)\Tongbu\tbMobileService.exe /start <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Run: [GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136 2016-03-27] (Google Inc.)
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\MountPoints2: {ab077309-29d1-11e2-907a-806e6f6e6963} - E:\DVDSetup.exe
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [1MediaFireIconError] -> {5EE8C634-CDC0-453D-9731-DF0B19F4E807} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon3_4eb5e.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconReadOnly] -> {7995D0FC-769B-4197-AEC0-991921CB99E1} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon5_4eb5e.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSynched] -> {9A3B79CB-D899-40B5-8DBC-20447F1ADC8F} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon_4eb5e.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSyncing] -> {C4D81971-6B13-4173-AB21-F83AD20CCC04} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon2_4eb5e.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [MediaFireIconLock] -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon4_4eb5e.dll [2015-04-23] (TODO: <Company name>)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog9 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 17 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 18 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 17 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 18 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{5AA81275-6143-4A59-957C-E64C0433711E}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7EE26703-8635-4D2E-B8F4-5685C65A656A}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{8F64559A-494E-4A7C-B269-D145DC1D0D98}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://websearch.swellsearch.info/?pid=3500&r=2015/03/14&hid=7649762504677559751&lg=EN&cc=GB&unqvl=84
URLSearchHook: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000 - (No Name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No File
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=3500&r=2015/03/14&hid=7649762504677559751&lg=EN&cc=GB&unqvl=84
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=3500&r=2015/03/14&hid=7649762504677559751&lg=EN&cc=GB&unqvl=84
SearchScopes: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000 -> DefaultScope {F5E60108-BA73-4D4D-BBF7-F528A3282D84} URL = hxxps://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=M0CB1C089-73A1-41F2-A296-88E520549C3A&SearchSource=58&CUI=&UM=5&UP=SPC820C670-3FA5-454E-BA85-4900C051ECF4&q=UCM_SEARCH_TERM&SSPV=
SearchScopes: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000 -> {5F4F12C0-BFBD-4912-A288-5771E3BA50C0} URL = hxxp://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=293224&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=3500&r=2015/03/14&hid=7649762504677559751&lg=EN&cc=GB&unqvl=84
SearchScopes: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000 -> {F5E60108-BA73-4D4D-BBF7-F528A3282D84} URL = hxxps://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
BHO: TrustMediaViewerV1alpha4147 -> {0a4c5b85-7f94-4e69-9eb1-7c3a7da837ef} -> No File
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2015-01-06] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-06] (Oracle Corporation)
BHO-x32: Trust Media Viewer -> {0a4c5b85-7f94-4e69-9eb1-7c3a7da837ef} -> No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
BHO-x32: Applon -> {1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-03-29] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-03-29] (Oracle Corporation)
BHO-x32: ͬ²½Ò»¼ü°²×°Ö§³Ö -> {F72C8153-7140-4FEE-8F69-CA4579D71195} -> C:\Program Files (x86)\Tongbu\Addin\tbIEAddin.dll [2016-01-31] (同步网络平台)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\tzl9ri9s.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-24] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @tongbu.com/tongbu,version=0.1 -> C:\Program Files (x86)\Tongbu\Addin\npTongbuAddin.dll [2016-01-31] (同步网络平台)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-24] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-03-29] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-23] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2006-10-07] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2006-10-07] (RealNetworks, Inc.)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] ()
FF Plugin-x32: @tongbu.com/tongbu,version=0.1 -> C:\Program Files (x86)\Tongbu\Addin\npTongbuAddin.dll [2016-01-31] (同步网络平台)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Admin\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-03-21] ()
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Admin\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-03-21] (Hola)
FF Plugin HKU\S-1-5-21-2055958020-1542119278-3283414598-1000: @coreonline.com/run3d,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Square Enix\nprun3d.dll [2012-09-14] (Square Enix)
FF Plugin HKU\S-1-5-21-2055958020-1542119278-3283414598-1000: @hola.org/FlashPlayer -> C:\Users\Admin\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-03-21] ()
FF Plugin HKU\S-1-5-21-2055958020-1542119278-3283414598-1000: @hola.org/vlc -> C:\Users\Admin\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-03-21] (Hola)
FF Plugin HKU\S-1-5-21-2055958020-1542119278-3283414598-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll [No File]
FF Plugin HKU\S-1-5-21-2055958020-1542119278-3283414598-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2055958020-1542119278-3283414598-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-02-17] ()
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4147\ff => not found
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.co.uk/
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (BetterTTV) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-01-10]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-01]
CHR Extension: (Steam inventory helper) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2016-03-20]
CHR Extension: (LoungeDestroyer) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2016-03-29]
CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-18]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-03-17]
CHR Extension: (Google Play) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-02-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-11-30]
CHR Extension: (Plants vs Zombies) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2014-10-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Admin\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-11-29]
CHR HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Admin\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx <not found>
CHR HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bdiebckmgicbiemeadkbioloodpnlhng] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4147\ch\TrustMediaViewerV1alpha4147.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Admin\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com) [File not signed]
R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2009-06-05] (Andrea Electronics Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1141248 2015-06-10] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-01-05] (BitRaider, LLC)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.)
S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-10] ()
S3 GalaxyClientService; D:\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-31] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6952504 2015-10-31] (GOG.com)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [23504 2014-12-25] (Micro-Star Int'l Co., Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [File not signed]
R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [8127616 2016-03-21] (Hola Networks Ltd.)
R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [8127616 2016-03-20] (Hola Networks Ltd.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-03-22] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MF NTFS Monitor; C:\Users\Admin\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe [456176 2015-04-23] ()
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [100864 2015-06-15] (Microsoft Corporation) [File not signed]
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1736872 2015-04-29] (Micro-Star INT'L CO., LTD.)
R2 NitroDriverReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [324928 2010-02-02] (Nitro PDF Software)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2104840 2016-01-19] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-12] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607048 2012-11-09] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1353544 2009-10-29] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 celavimushost; "C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows ® Win 7 DDK provider)
S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-05-24] (Phoenix Technologies) [File not signed]
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 mfmonitor; C:\Windows\System32\DRIVERS\mfmonitor_x64.sys [20696 2015-04-23] (Windows ® Win 7 DDK provider)
S3 MSICDSetup; E:\CDriver64.sys [28984 2009-08-10] (Your Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_C; E:\NTIOLib_X64.sys [11888 2011-06-29] (MSI) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2009-10-14] (TuneUp Software)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 SUNSTREAKER; system32\DRIVERS\Sunstreaker.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-03 18:04 - 2016-04-03 18:04 - 00000000 ____D C:\FRST
2016-04-03 13:49 - 2016-04-03 13:50 - 00000000 ____D C:\Users\Admin\AppData\Local\AvgSetupLog
2016-04-03 13:49 - 2016-04-03 13:49 - 00000000 ____D C:\Users\Admin\AppData\Local\Avg
2016-04-03 13:49 - 2016-04-03 13:49 - 00000000 ____D C:\ProgramData\Avg
2016-04-03 13:49 - 2016-04-03 13:49 - 00000000 ____D C:\Program Files (x86)\AVG
2016-03-30 13:21 - 2016-03-30 13:21 - 00000209 _____ C:\Users\Admin\Desktop\Orcs Must Die! Unchained.url
2016-03-23 18:41 - 2016-03-23 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-03-23 18:41 - 2016-03-23 18:41 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-03-20 18:42 - 2016-03-21 16:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Hola
2016-03-20 18:42 - 2016-03-20 18:42 - 00001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk
2016-03-20 18:42 - 2016-03-20 18:42 - 00000000 ____D C:\Users\Admin\AppData\Local\Hola
2016-03-19 16:15 - 2016-03-19 16:15 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-09 20:39 - 2016-02-12 19:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 20:39 - 2016-02-12 19:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 20:39 - 2016-02-12 19:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 20:39 - 2016-02-12 19:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 20:39 - 2016-02-12 19:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 20:39 - 2016-02-12 19:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 20:39 - 2016-02-12 19:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 20:39 - 2016-02-12 19:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 20:39 - 2016-02-12 19:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 20:39 - 2016-02-12 19:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 20:39 - 2016-02-12 19:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 20:39 - 2016-02-12 19:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 20:39 - 2016-02-12 19:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 20:39 - 2016-02-12 19:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 20:39 - 2016-02-12 19:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 20:39 - 2016-02-12 19:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 20:39 - 2016-02-11 19:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 20:39 - 2016-02-11 19:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 20:39 - 2016-02-11 19:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 20:39 - 2016-02-11 19:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 20:39 - 2016-02-11 19:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 20:39 - 2016-02-11 19:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 20:39 - 2016-02-11 19:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 20:39 - 2016-02-11 19:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 20:39 - 2016-02-11 19:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 20:39 - 2016-02-11 19:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 20:39 - 2016-02-11 19:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 20:39 - 2016-02-11 19:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 20:39 - 2016-02-11 19:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 20:39 - 2016-02-11 19:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 20:39 - 2016-02-11 19:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 20:39 - 2016-02-11 19:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 20:39 - 2016-02-11 19:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 20:39 - 2016-02-11 19:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 20:39 - 2016-02-11 19:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 20:39 - 2016-02-11 19:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 20:39 - 2016-02-11 19:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 20:39 - 2016-02-11 19:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 20:39 - 2016-02-11 19:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 20:39 - 2016-02-11 19:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 20:39 - 2016-02-11 19:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 20:39 - 2016-02-11 19:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 20:39 - 2016-02-11 19:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 20:39 - 2016-02-11 19:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 20:39 - 2016-02-11 19:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 20:39 - 2016-02-11 19:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 20:39 - 2016-02-11 19:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 20:39 - 2016-02-11 19:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 20:39 - 2016-02-11 19:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 20:39 - 2016-02-11 19:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 20:39 - 2016-02-11 19:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 20:39 - 2016-02-11 19:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 20:39 - 2016-02-11 19:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 20:39 - 2016-02-11 19:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 20:39 - 2016-02-11 19:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 20:39 - 2016-02-11 19:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 20:39 - 2016-02-11 19:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 20:39 - 2016-02-11 19:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 20:39 - 2016-02-11 19:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 20:39 - 2016-02-11 19:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 20:39 - 2016-02-11 19:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 20:39 - 2016-02-11 19:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 18:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 20:39 - 2016-02-11 18:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 20:39 - 2016-02-11 18:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 20:39 - 2016-02-11 18:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 20:39 - 2016-02-11 18:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 20:39 - 2016-02-11 18:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 20:39 - 2016-02-11 18:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 20:39 - 2016-02-11 18:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 20:39 - 2016-02-11 18:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 20:39 - 2016-02-11 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 20:39 - 2016-02-11 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 20:39 - 2016-02-11 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 20:39 - 2016-02-11 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 20:39 - 2016-02-11 18:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 20:39 - 2016-02-11 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 20:39 - 2016-02-11 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 20:39 - 2016-02-09 10:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 20:39 - 2016-02-09 10:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 20:39 - 2016-02-09 10:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 20:39 - 2016-02-09 10:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 20:39 - 2016-02-09 10:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 20:39 - 2016-02-09 10:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 20:39 - 2016-02-09 10:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 20:39 - 2016-02-09 10:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 20:39 - 2016-02-09 10:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 20:39 - 2016-02-09 10:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 20:39 - 2016-02-09 10:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 20:39 - 2016-02-05 19:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 20:39 - 2016-02-05 19:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 20:39 - 2016-02-05 19:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 20:39 - 2016-02-05 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 20:39 - 2016-02-05 19:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 20:39 - 2016-02-05 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 20:39 - 2016-02-05 19:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 20:39 - 2016-02-05 18:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 20:39 - 2016-02-05 18:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 20:39 - 2016-02-05 18:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 20:39 - 2016-02-05 02:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 20:39 - 2016-02-04 19:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 20:39 - 2016-02-04 18:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 20:39 - 2016-02-03 19:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 20:39 - 2016-02-03 19:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 20:39 - 2016-02-03 19:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 20:39 - 2016-02-03 19:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 20:39 - 2016-02-03 19:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-03 18:04 - 2014-05-30 23:12 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2016-04-03 17:59 - 2012-12-12 19:30 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-03 17:55 - 2015-05-20 19:55 - 00000911 _____ C:\Windows\Tasks\EPSON XP-225 Series Update {5BF11956-C7BD-477A-BA44-9CF28160D1CA}.job
2016-04-03 17:53 - 2015-06-17 15:41 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2055958020-1542119278-3283414598-1000UA.job
2016-04-03 17:48 - 2015-05-20 17:48 - 00000911 _____ C:\Windows\Tasks\EPSON XP-225 Series Update {080F73AB-460F-450F-9325-C292070A702C}.job
2016-04-03 17:40 - 2015-02-04 16:47 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-03 17:21 - 2015-03-15 21:58 - 00000388 _____ C:\Windows\Tasks\update-sys.job
2016-04-03 16:55 - 2015-12-25 14:48 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-04-03 16:48 - 2016-01-04 13:26 - 02371128 _____ C:\Windows\ntbtlog.txt
2016-04-03 16:47 - 2015-05-31 21:38 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-03 16:47 - 2015-02-04 16:47 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-03 16:47 - 2014-01-30 19:06 - 00000362 _____ C:\Windows\Tasks\AmiUpdXp.job
2016-04-03 16:47 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-03 16:45 - 2009-07-14 05:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-03 16:45 - 2009-07-14 05:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-03 15:53 - 2015-06-17 15:41 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2055958020-1542119278-3283414598-1000Core.job
2016-04-03 00:47 - 2015-03-15 21:58 - 00000388 _____ C:\Windows\Tasks\update-S-1-5-21-2055958020-1542119278-3283414598-1000.job
2016-04-02 00:25 - 2012-11-11 19:51 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2016-03-31 00:53 - 2012-11-10 13:09 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-31 00:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-03-31 00:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-30 21:41 - 2015-11-29 16:37 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-30 21:41 - 2012-11-10 14:19 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-30 15:55 - 2012-11-08 19:33 - 00000000 ____D C:\Users\Admin
2016-03-30 01:13 - 2015-05-31 21:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-29 16:43 - 2015-11-13 23:22 - 00000000 ____D C:\Users\Admin\AppData\Roaming\qBittorrent
2016-03-29 16:18 - 2012-12-25 15:47 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2016-03-29 14:07 - 2009-07-14 06:13 - 00786474 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-29 14:04 - 2014-09-02 22:17 - 00000000 ___RD C:\Users\Admin\Dropbox
2016-03-29 14:04 - 2014-09-02 22:13 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Dropbox
2016-03-29 00:22 - 2015-11-28 21:25 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2016-03-27 20:26 - 2015-05-31 21:23 - 00000000 ____D C:\Users\Admin\AppData\Local\NVIDIA Corporation
2016-03-27 20:26 - 2015-05-31 21:22 - 00000000 ____D C:\Users\Admin\AppData\Local\NVIDIA
2016-03-27 20:26 - 2015-05-31 21:19 - 00001383 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-03-27 20:26 - 2012-12-11 21:18 - 00000000 ____D C:\Users\Admin\AppData\Local\Deployment
2016-03-24 21:59 - 2012-12-12 19:30 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-24 21:59 - 2012-12-12 19:30 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-24 21:59 - 2012-12-12 19:30 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-23 18:41 - 2015-01-16 19:04 - 00000928 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-03-22 17:20 - 2013-05-22 17:27 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-03-20 18:42 - 2014-12-22 00:50 - 00000000 ____D C:\Program Files\Hola
2016-03-19 00:59 - 2015-01-24 12:47 - 10610600 ____H C:\Users\Admin\AppData\Local\IconCache.db.backup
2016-03-16 22:11 - 2014-10-15 21:17 - 00000000 ____D C:\Program Files (x86)\Tongbu
2016-03-16 22:09 - 2014-10-15 21:17 - 00001899 _____ C:\Users\Public\Desktop\Tongbu Assistant.lnk
2016-03-12 16:42 - 2015-11-29 14:44 - 00002044 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-03-12 16:42 - 2015-11-29 14:44 - 00002042 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-03-12 16:42 - 2015-11-29 14:44 - 00002032 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-03-12 16:42 - 2015-11-29 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-03-10 16:43 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-03-10 16:43 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-10 16:42 - 2009-07-14 05:45 - 00412864 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-08 16:41 - 2016-01-11 21:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-05 22:19 - 2016-01-10 14:32 - 00002164 _____ C:\Users\Admin\Desktop\Discord.lnk
2016-03-05 22:19 - 2016-01-10 14:32 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-03-05 22:19 - 2016-01-10 14:31 - 00000000 ____D C:\Users\Admin\AppData\Local\Discord
2016-03-05 22:18 - 2016-01-10 14:31 - 00000000 ____D C:\Users\Admin\AppData\Local\SquirrelTemp
==================== Files in the root of some directories =======
2013-12-01 17:58 - 2013-12-01 17:58 - 49940480 _____ () C:\Program Files (x86)\GUTA421.tmp
2016-01-19 08:23 - 2016-01-19 08:23 - 15290222 _____ () C:\Program Files (x86)\NCWest.zip
2013-07-06 18:29 - 2013-07-06 18:29 - 0000132 _____ () C:\Users\Admin\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-03-16 22:12 - 2013-03-17 19:27 - 0000154 _____ () C:\Users\Admin\AppData\Roaming\Rim.Desktop.Exception.log
2013-03-16 22:11 - 2013-03-16 22:11 - 0001153 _____ () C:\Users\Admin\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-03-16 22:12 - 2013-03-17 19:27 - 0000154 _____ () C:\Users\Admin\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-11-24 15:34 - 2013-02-08 21:36 - 0703117 _____ () C:\Users\Admin\AppData\Roaming\technic-launcher.jar
2012-11-24 15:34 - 2013-01-16 14:14 - 0703007 _____ () C:\Users\Admin\AppData\Roaming\technic-launcher.jar.bak
2013-09-01 16:05 - 2013-09-01 16:05 - 0000000 _____ () C:\Users\Admin\AppData\Roaming\TS3Patch.lck
2014-01-03 14:02 - 2014-01-03 14:02 - 0000000 ___SH () C:\Users\Admin\AppData\Local\LumaEmu
2015-03-15 21:58 - 2015-03-15 21:58 - 0000003 _____ () C:\Users\Admin\AppData\Local\updater.log
2015-03-15 21:58 - 2015-10-02 20:31 - 0000424 _____ () C:\Users\Admin\AppData\Local\UserProducts.xml
2015-05-05 17:11 - 2015-05-05 17:11 - 0000000 _____ () C:\Users\Admin\AppData\Local\{B9B500B6-0B82-45F6-8B09-C2BEE666F918}
Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\164416.exe
C:\Users\Admin\AppData\Local\Temp\Hola-Setup-x64-1.12.239.exe
C:\Users\Admin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Admin\AppData\Local\Temp\nvStInst.exe
C:\Users\Admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Admin\AppData\Local\Temp\tbIEAddin.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe
[2015-07-07 17:04] - [2011-01-16 01:01] - 0389632 ____A (Microsoft Corporation) 81257415084B84F3C0D95C381A8D4C8F
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2012-06-15 21:27] - [2012-06-15 21:27] - 2899456 ____A (Microsoft Corporation) 8453CA1A6EDD468A5E421D0D829B574F
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2015-12-09 17:25] - [2011-01-16 01:01] - 1008640 ____A (Microsoft Corporation) 0B864E15A0BADFF0E7BB8B59009FDDCF
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-19 14:27
==================== End of FRST.txt ============================
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Admin (2016-04-03 18:05:23)
Running from D:\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2012-11-08 18:33:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Admin (S-1-5-21-2055958020-1542119278-3283414598-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2055958020-1542119278-3283414598-500 - Administrator - Disabled)
Guest (S-1-5-21-2055958020-1542119278-3283414598-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2055958020-1542119278-3283414598-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version: - Ubisoft)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.0.708 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.37 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.37 - Research In Motion Ltd.) Hidden
BlueStacks App Player (HKLM-x32\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.51.1022 - Webteh, d.o.o.)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version: - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version: - Treyarch)
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version: - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version: - Techland)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®)
Discord (HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Discord) (Version: 0.0.286 - Hammer & Chisel, Inc.)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
DriverAgent by eSupport.com (HKLM-x32\...\DriverAgent_is1) (Version: - Copyright © 2015 eSupport.com, Inc • All Rights Reserved)
Dropbox (HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dxtory version 2.0.119 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.119 - Dxtory Software)
Easy Auto Clicker (HKLM-x32\...\Easy Auto Clicker_is1) (Version: V2.0 - easyautoclicker.com)
Epic Games Launcher (HKLM-x32\...\{16969EF2-23EA-4BD9-B085-4952D95E8A7D}) (Version: 1.1.48.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Printer Connection Checker (HKLM-x32\...\{7BE20D33-EAE9-4E85-870F-204F65E04F89}) (Version: 1.0.1.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-225 Series Printer Uninstall (HKLM\...\EPSON XP-225 Series) (Version: - SEIKO EPSON Corporation)
FastStone Capture 6.3 (HKLM-x32\...\FastStone Capture) (Version: 6.3 - FastStone Soft)
FastStone Image Viewer 4.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.5 - FastStone Soft)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.)
Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Hola™ 1.12.459 - Better Internet (HKLM\...\Hola) (Version: 1.12.459 - Hola Networks Ltd.)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version: - Dennaton Games)
Image Resizer Powertoy Clone for Windows (64 bit) (HKLM\...\{80A620C1-B22C-4781-A351-B14B8A37BFE3}) (Version: 2.1 - Brice Lambson)
InstallShieldHiRezCurrent (HKLM-x32\...\{9433FC1C-7405-433C-A26D-81076293BBCE}) (Version: 3.0.0.0 - Hi-Rez Studios)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.420 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.420 - LogMeIn, Inc.) Hidden
Magic ISO Maker v5.5 (build 0268) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0268)) (Version: - )
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
MediaFire Desktop (HKLM-x32\...\MediaFire Desktop 1.4.29.10845) (Version: 1.4.29.10845 - MediaFire)
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Converter Pack (HKLM-x32\...\{6EECB283-E65F-40EF-86D3-D51BF02A8D43}) (Version: 11.0.0.0 - Microsoft Corporation - Office Resource Kit Group)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MIT App Inventor Tools 2.3.0 (HKLM-x32\...\MIT App Inventor Tools) (Version: 2.3.0 - Massachusetts Institute of Technology)
Mozilla Firefox 41.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-GB)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 4.0.0.05 - MSI)
MSI Kombustor 2.5.9 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.017 - MSI)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
Nero 8 Micro (HKLM-x32\...\Nero8Lite_is1) (Version: 8.3.13.0 - UpdatePack.nl)
NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.2.0 - Nexon)
Nitro PDF Professional (HKLM\...\{9FB4D083-69AB-4BA4-A534-A97232EEFF01}) (Version: 6.0.3.1 - Nitro PDF Software)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 362.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 362.00 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7316 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Graphics Driver 362.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 362.00 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA MediaShield (HKLM-x32\...\{CC452A50-5C87-4A1F-B295-445C3C69BF7D}) (Version: 11.1.0.43 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{9573e8a8-632f-4841-8398-db9abe8fb013}) (Version: latest - ppy Pty Ltd)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version: - Running With Scissors)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.9 - Power Software Ltd)
qBittorrent 3.2.5 (HKLM-x32\...\qBittorrent) (Version: 3.2.5 - The qBittorrent project)
QuickTime Alternative 2.8.0 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 2.8.0 - )
Ralink Wireless LAN Card (HKLM-x32\...\{FAB1F336-1B7C-4057-A7BC-2922CD82A781}) (Version: 1.00.01 - RALINK)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.23944 - Razer Inc.)
Real Alternative 1.52 (HKLM-x32\...\RealAlt_is1) (Version: 1.52 - )
RepZ Launcher (HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\e5eb66b1ac30da66) (Version: 1.0.0.82 - RepZIW4)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.9 - ) <==== ATTENTION
SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.6585 - Analog Devices)
Source SDK (HKLM-x32\...\Steam App 211) (Version: - Valve)
SpinTires Tech Demo (June 060613) (HKLM-x32\...\{9AF7D6F5-50A5-432C-9F7B-83BCE03B11A0}) (Version: 1.3 - Oovee)
Square Enix Secure Launcher (HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\Square Enix Secure Launcher) (Version: 1.0.0.108 - Square Enix)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1012 - SUPERAntiSpyware.com)
System Requirements Lab Detection (HKLM-x32\...\{93116137-51CA-4C09-97EA-9CADEF9BFF45}) (Version: 6.1.4.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
Tongbu Assistant 2.2.0 (HKLM-x32\...\Tongbu2) (Version: 2.2.0 - Xiamen Tongbu Network Ltd.)
TuneUp Utilities (HKLM-x32\...\TuneUp Utilities) (Version: 9.0.2000.10 - TuneUp Software)
TuneUp Utilities (x32 Version: 9.0.2000.10 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (x32 Version: 9.0.2000.10 - TuneUp Software) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Unlocker 1.8.1 (HKLM-x32\...\Unlocker) (Version: 1.8.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Winamp (HKLM-x32\...\Winamp) (Version: 5.58 - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XSplit Gamecaster (HKLM-x32\...\{7CBDC2CD-F5C7-4DD3-91C8-1E4D68924955}) (Version: 1.9.1409.2308 - SplitmediaLabs)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.3.2011.4 - URSoft, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {092AC416-60C1-4302-B94E-35E30D9CD9B5} - System32\Tasks\{6E1C9664-2D3E-4E53-84CB-73F73CFF30D9} => C:\Users\Admin\Desktop\Xpadder.exe
Task: {0CF9A672-51E1-440B-A543-C7FF61E10AA4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
Task: {1DA412C2-DA14-403F-886A-107B91D9DAEF} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {29C5456A-CFEC-40F4-98EC-9964D931CE7F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2055958020-1542119278-3283414598-1000Core => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {4196CFE9-1654-4E38-951A-9F9505485511} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {46675A60-6E1A-488D-A1B4-AC58217A48B2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {4FA1034C-FA26-4A7A-99DB-8CEFC5A82DAE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2055958020-1542119278-3283414598-1000UA => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {5D1A3F45-3850-44BF-84F3-73540881A80C} - System32\Tasks\{22B6E922-FEE5-4F81-A5F8-CB9A48FA5DB9} => Chrome.exe hxxp://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?page=tsMain
Task: {5E18894B-949F-4E5F-8453-74913870A81F} - System32\Tasks\{92E29D9D-B329-469C-9475-CCDB5377CB43} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/en/abandoninstall?page=tsProgressBar
Task: {60AADF37-C52D-4B84-8FE7-2E143F39B057} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe [2009-10-29] (TuneUp Software)
Task: {660C16B9-C157-461D-8C33-C71AFA70C6E1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {675D4E70-5DF9-405C-84B1-AF43161B4DF6} - System32\Tasks\EPSON XP-225 Series Update {080F73AB-460F-450F-9325-C292070A702C} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNFE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {6C7BF9D0-F7A9-41C7-B2A7-9C3665A81E6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
Task: {72B36F36-68A4-4801-8483-9765CAE566D0} - System32\Tasks\AmiUpdXp => C:\Users\Admin\AppData\Local\23242\a15823.exe [2014-09-22] () <==== ATTENTION
Task: {74AA6449-AFEF-4127-BECC-98D55D5D953C} - System32\Tasks\{4F1A48D3-5339-415F-AB31-D2B871189129} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/en/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {846E8E9D-CE28-4218-B7B1-51A3E7887066} - System32\Tasks\AdobeAAMUpdater-1.0-Admin-PC-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {8658AF22-D6F2-4E5E-936A-79283C6E8EB1} - System32\Tasks\{9CD49C6B-E855-4521-A800-89D15F96E971} => Chrome.exe hxxp://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?page=tsMain
Task: {A68B49D4-0D66-405C-9560-560671210776} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-24] (Adobe Systems Incorporated)
Task: {AEE36EE3-13BA-456E-BC4C-094333A9C3E9} - System32\Tasks\{E0F502F2-9D8E-4FE3-948C-19433AD0C467} => pcalua.exe -a D:\Downloads\HSB4b-full.exe -d d:\Downloads
Task: {B8AE3D83-A7EC-4F90-80A6-35651F32B3D8} - System32\Tasks\Automatic troubleshooting => C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-10-29] (TuneUp Software)
Task: {BD8AECF9-B99B-46F5-B4E9-45C1AA62F1C9} - System32\Tasks\{067939EB-D757-45CA-89C9-8770495C9243} => C:\Users\Admin\Desktop\Xpadder.exe
Task: {CA24A446-6D47-46FB-B89D-21B936125BF6} - System32\Tasks\{CB250FAB-69F2-4655-9232-88B422FEF709} => pcalua.exe -a "C:\Program Files (x86)\Tongbu\PkgInstaller.exe" -d D:\Documents\Tongbu\Backup -c /open "D:\Documents\Tongbu\Backup\同步推正版_v2.3.3(os4.3with record).ipa"
Task: {D2C35099-D013-482B-8B5A-BFA84B9398FA} - System32\Tasks\{A3F87D7E-69F5-40B5-BFEF-B3D422CFDC5A} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {DA08CFD4-695C-4ED5-BEE9-E50C8A88DE59} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {DAB2BEE1-2051-40AE-9F82-A3939B27F974} - System32\Tasks\EPSON XP-225 Series Update {5BF11956-C7BD-477A-BA44-9CF28160D1CA} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNFE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {EE29033A-FAA3-438C-A263-676E865B701A} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\WatTask => C:\Windows Activation Technologies\wat.exe [2006-04-21] ()
Task: {EF262F04-9FEA-4BCA-9831-C048B9F76DFB} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {F1127F97-AAFC-42F0-AAEF-91F8E53EBEF2} - System32\Tasks\{586FE7C2-2ED7-42E6-B0D4-071CD47E52D9} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/212480
Task: {F2E043F7-6B49-4793-BD61-65E6D8642711} - System32\Tasks\update-S-1-5-21-2055958020-1542119278-3283414598-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Admin\AppData\Local\23242\a15823.exe <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2055958020-1542119278-3283414598-1000Core.job => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2055958020-1542119278-3283414598-1000UA.job => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\EPSON XP-225 Series Update {080F73AB-460F-450F-9325-C292070A702C}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNFE.EXE:/EXE:{080F73AB-460F-450F-9325-C292070A702C} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-225 Series Update {5BF11956-C7BD-477A-BA44-9CF28160D1CA}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNFE.EXE:/EXE:{5BF11956-C7BD-477A-BA44-9CF28160D1CA} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2055958020-1542119278-3283414598-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-05-31 21:38 - 2016-02-23 21:45 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-08-10 17:01 - 2009-08-10 17:01 - 00626208 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2009-08-10 17:00 - 2009-08-10 17:00 - 00070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2009-08-10 17:01 - 2009-08-10 17:01 - 00578592 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2015-07-03 23:15 - 2015-04-23 14:47 - 00456176 _____ () C:\Users\Admin\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
2016-03-27 20:26 - 2016-02-17 07:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-27 20:26 - 2016-02-17 07:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-12-23 20:44 - 2016-02-17 07:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-04-12 20:45 - 2014-04-12 20:45 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2009-08-10 17:01 - 2009-08-10 17:01 - 00206880 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2014-07-02 15:37 - 2016-03-18 22:29 - 00103424 _____ () D:\Steam2\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
2014-02-28 10:14 - 2015-10-24 15:09 - 00175080 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-06-20 08:48 - 2015-10-24 15:09 - 00103400 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-06-20 08:49 - 2015-10-24 15:09 - 00108008 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2015-09-07 19:52 - 2015-09-07 19:54 - 00262656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\ClownfishForTeamspeak_win64.dll
2014-06-20 08:54 - 2015-10-24 15:09 - 00312296 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-06-20 08:55 - 2015-10-24 15:09 - 00483816 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-06-05 14:48 - 2015-09-26 14:20 - 00317440 _____ () C:\Program Files\TeamSpeak 3 Client\ssleay32.dll
2014-06-05 14:48 - 2015-09-26 14:20 - 01709056 _____ () C:\Program Files\TeamSpeak 3 Client\LIBEAY32.dll
2015-05-31 21:25 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2015-05-31 21:28 - 2016-02-17 08:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-03-30 21:41 - 2016-03-27 08:58 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\libglesv2.dll
2016-03-30 21:41 - 2016-03-27 08:58 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\libegl.dll
2014-03-31 20:29 - 2016-03-11 01:56 - 00783360 _____ () D:\Steam2\Steam\SDL2.dll
2014-12-04 16:51 - 2015-07-03 17:12 - 04962816 _____ () D:\Steam2\Steam\v8.dll
2014-12-04 16:51 - 2015-07-03 17:12 - 01556992 _____ () D:\Steam2\Steam\icui18n.dll
2014-12-04 16:51 - 2015-07-03 17:12 - 01187840 _____ () D:\Steam2\Steam\icuuc.dll
2014-05-22 15:33 - 2016-04-02 01:51 - 02549840 _____ () D:\Steam2\Steam\video.dll
2014-08-22 10:28 - 2016-02-09 00:14 - 02549760 _____ () D:\Steam2\Steam\libavcodec-56.dll
2014-08-22 10:28 - 2016-02-09 00:14 - 00442880 _____ () D:\Steam2\Steam\libavutil-54.dll
2014-08-22 10:28 - 2016-02-09 00:14 - 00491008 _____ () D:\Steam2\Steam\libavformat-56.dll
2014-08-22 10:28 - 2016-02-09 00:14 - 00332800 _____ () D:\Steam2\Steam\libavresample-2.dll
2014-08-22 10:28 - 2016-02-09 00:14 - 00485888 _____ () D:\Steam2\Steam\libswscale-3.dll
2014-03-31 20:29 - 2016-04-02 01:51 - 00829008 _____ () D:\Steam2\Steam\bin\chromehtml.DLL
2016-02-19 14:14 - 2016-02-17 23:25 - 00281088 _____ () D:\Steam2\Steam\openvr_api.dll
2016-04-03 17:00 - 2016-04-03 17:00 - 00155232 ___HT () C:\Users\Admin\AppData\Local\Temp\~D0A6.tmp
2014-03-31 20:29 - 2016-04-02 01:51 - 00139856 _____ () D:\Steam2\Steam\bin\audio.dll
2014-03-31 20:29 - 2014-11-11 19:48 - 00071680 _____ () D:\Steam2\Steam\bin\mssmp3.asi
2014-03-31 20:29 - 2014-11-11 19:48 - 00153088 _____ () D:\Steam2\Steam\bin\mssvoice.asi
2014-03-31 20:29 - 2016-02-09 02:33 - 48400672 _____ () D:\Steam2\Steam\bin\libcef.dll
2014-12-16 17:00 - 2015-09-25 00:56 - 00119208 _____ () D:\Steam2\Steam\winh264.dll
2014-07-02 15:37 - 2016-03-18 22:30 - 00198144 _____ () D:\Steam2\Steam\steamapps\common\Counter-Strike Global Offensive\bin\launcher.dll
2014-07-02 15:33 - 2016-03-18 22:30 - 00317952 _____ () D:\Steam2\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
2014-07-02 15:37 - 2016-03-18 22:30 - 00203776 _____ () D:\Steam2\Steam\steamapps\common\Counter-Strike Global Offensive\bin\vstdlib.dll
2014-07-02 15:33 - 2016-03-18 22:29 - 00390656 _____ () D:\Steam2\Steam\steamapps\common\Counter-Strike Global Offensive\bin\filesystem_stdio.dll
2014-07-02 15:33 - 2016-03-26 12:44 - 06971392 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\engine.dll
2014-07-02 15:37 - 2016-03-18 22:30 - 00166912 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\inputsystem.dll
2014-07-02 15:33 - 2016-03-18 22:30 - 01174016 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\vphysics.dll
2014-07-02 15:33 - 2016-03-24 21:19 - 01242112 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
2014-07-02 15:33 - 2016-03-18 22:29 - 00355840 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\datacache.dll
2014-07-02 15:33 - 2016-03-18 22:29 - 00610816 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\studiorender.dll
2014-07-02 15:37 - 2016-03-18 22:29 - 00164864 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\soundemittersystem.dll
2014-07-02 15:33 - 2016-03-18 22:29 - 00708096 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\vscript.dll
2014-07-02 15:37 - 2016-03-18 22:30 - 00134656 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\valve_avi.dll
2014-07-02 15:33 - 2016-03-18 22:30 - 01336320 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\vguimatsurface.dll
2014-07-02 15:33 - 2016-03-18 22:30 - 00395264 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\vgui2.dll
2014-07-02 15:33 - 2016-03-24 21:19 - 03276288 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\scaleformui.dll
2014-07-02 15:33 - 2016-03-18 22:30 - 01769984 _____ () D:\Steam2\Steam\steamapps\common\Counter-Strike Global Offensive\bin\shaderapidx9.dll
2014-07-02 15:37 - 2016-03-18 22:30 - 00143360 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\localize.dll
2014-07-02 15:37 - 2016-03-18 22:30 - 00230912 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dbg.dll
2014-07-02 15:33 - 2016-03-18 22:30 - 01016832 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dx9.dll
2014-07-02 15:33 - 2016-03-30 13:15 - 00584192 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\csgo\bin\matchmaking.dll
2014-07-03 15:51 - 2016-04-01 14:15 - 12693504 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\csgo\bin\client.dll
2014-07-03 15:51 - 2016-03-26 12:44 - 10247168 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\csgo\bin\server.dll
2014-07-02 15:37 - 2016-03-18 22:30 - 00094208 _____ () D:\Steam2\Steam\steamapps\common\Counter-Strike Global Offensive\bin\scenefilecache.dll
2014-03-31 20:41 - 2016-03-18 22:30 - 00084992 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\vaudio_miles.dll
2014-03-31 20:41 - 2014-09-11 15:35 - 00071680 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\mssmp3.asi
2014-03-31 20:41 - 2014-09-11 15:35 - 00012800 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\mssds3d.flt
2014-03-31 20:41 - 2014-09-11 15:35 - 00055808 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\msseax.flt
2014-07-02 15:33 - 2016-03-24 21:19 - 00974336 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\serverbrowser.dll
2014-11-21 16:49 - 2016-03-18 22:30 - 00173568 _____ () d:\steam2\steam\steamapps\common\counter-strike global offensive\bin\vaudio_celt.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences [0]
AlternateDataStreams: C:\Windows\Temp:$DATA [16]
AlternateDataStreams: C:\Users\Admin\Desktop\aaa.png:com.dropbox.attributes [1044]
AlternateDataStreams: C:\Users\Admin\Desktop\Camera Uploads:com.dropbox.attributes [168]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [152]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\...\sony.com -> sony.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2055958020-1542119278-3283414598-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Ralink Wireless Utility.lnk => C:\Windows\pss\Ralink Wireless Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Java Platform SE 7 U45 => C:\Users\Admin\AppData\Local\Temp\Vbc.exe.exe
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Live Update => C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MediaFire Tray => "C:\Users\Admin\AppData\Local\MediaFire Desktop\mf_watch.exe"
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: puush => C:\Program Files (x86)\puush\puush.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SoundMAX => C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe /tray
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{55288BE1-E785-4043-9375-566EF97F9218}] => (Allow) D:\Games\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{9AF042C8-16D3-4D3F-A2FC-EDFC7A7797E6}] => (Allow) D:\Games\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{B6507CEF-B904-46E9-903D-18158284EEC9}] => (Allow) D:\Games\Far Cry 2\bin\FC2Launcher.exe
FirewallRules: [{B851260D-037F-438D-80C9-5BA6672053D4}] => (Allow) D:\Games\Far Cry 2\bin\FC2Launcher.exe
FirewallRules: [{A666AA0A-572B-4F58-AD22-350316AE4ED5}] => (Allow) D:\Games\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{19FDBA10-0317-4467-8ACB-82DF40ED6617}] => (Allow) D:\Games\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [TCP Query User{32948E35-7DD7-4E84-B02D-050A8CDB36D6}D:\games\brothers in arms hells highway\brothers in arms - [bleep]'s highway\binaries\biahh.exe] => (Block) D:\games\brothers in arms hells highway\brothers in arms - [bleep]'s highway\binaries\biahh.exe
FirewallRules: [UDP Query User{B1C884CC-DB90-499F-A8E5-CFF7BA6908B3}D:\games\brothers in arms hells highway\brothers in arms - [bleep]'s highway\binaries\biahh.exe] => (Block) D:\games\brothers in arms hells highway\brothers in arms - [bleep]'s highway\binaries\biahh.exe
FirewallRules: [TCP Query User{475F04B8-D301-4834-8739-DDA0440B3E59}D:\games\call of duty waw\codwaw.exe] => (Block) D:\games\call of duty waw\codwaw.exe
FirewallRules: [UDP Query User{62E96D97-FFBC-4954-99EF-45A3824A2084}D:\games\call of duty waw\codwaw.exe] => (Block) D:\games\call of duty waw\codwaw.exe
FirewallRules: [{331045E8-9309-4670-9BF3-6B66B05651B8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{194627BA-3AFC-4E16-9FE9-5D15F52EE31F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{04D51C94-ADA4-45AE-A650-2DFB2CF7E2B1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D520A6BA-EC4F-483E-996E-FFC2BEC4A051}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DF3846CD-A673-4431-BDA7-611FCB8B47D3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AEA19611-DB83-4620-B672-481C13841D3F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{046859B3-990F-45C3-9B2E-894F6BE9848D}] => (Allow) D:\Documents\ACBSP.exe
FirewallRules: [{E13575FE-1BB8-411F-A26A-59005A4CB8C8}] => (Allow) D:\Documents\ACBSP.exe
FirewallRules: [{82C22762-8C3F-4E6F-8F60-E60C4C974E52}] => (Allow) D:\Documents\ACBMP.exe
FirewallRules: [{29D35218-AA5D-4B17-9EDA-7E397943679F}] => (Allow) D:\Documents\ACBMP.exe
FirewallRules: [{0C2CF684-7532-4A9D-A48E-518615A78818}] => (Allow) D:\Documents\AssassinsCreedBrotherhood.exe
FirewallRules: [{72BA57EC-2A44-4C80-B268-6AF63A771263}] => (Allow) D:\Documents\AssassinsCreedBrotherhood.exe
FirewallRules: [{A621EF6F-43D0-4739-A2AD-EB6C8F3DEF41}] => (Allow) D:\Documents\UPlayBrowser.exe
FirewallRules: [{FA70CAF4-9133-408C-810D-14AA565A342C}] => (Allow) D:\Documents\UPlayBrowser.exe
FirewallRules: [TCP Query User{BEF25507-7D9E-40D7-B4F0-5D552B8F65EA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D5660B53-C9B7-4920-B72A-E1727A0C1198}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{45EACA27-07E1-45F8-8616-B84716B70F01}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{CD8C6D47-B7F6-4C22-890B-3C0831F85CAE}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{BFF08CCA-1C7C-47E7-8BCE-F75466759428}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F8545E46-8E7A-447A-B4BB-72A8897B37F7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{8399B61E-6C78-40F9-A4D6-9956FBAE3D40}C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{DA48A223-BBFD-437F-B3CA-7CB2F42243E6}C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{F8C8D864-48B7-41C4-A741-6AC4F064EB78}D:\games\call of duty waw\codwaw.exe] => (Block) D:\games\call of duty waw\codwaw.exe
FirewallRules: [UDP Query User{4B8E62D5-021A-4A5B-B0B7-0A9248E5D4A6}D:\games\call of duty waw\codwaw.exe] => (Block) D:\games\call of duty waw\codwaw.exe
FirewallRules: [TCP Query User{2F9C0E26-23CA-48D5-A9F7-DAFC8B54C791}D:\games\call of duty waw\codwawmp.exe] => (Block) D:\games\call of duty waw\codwawmp.exe
FirewallRules: [UDP Query User{17EEE9CB-CD99-443D-8D3E-91CF6C8BC1CD}D:\games\call of duty waw\codwawmp.exe] => (Block) D:\games\call of duty waw\codwawmp.exe
FirewallRules: [TCP Query User{C3D051D0-3C35-4800-BF53-07A65BD5D00F}C:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe] => (Block) C:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe
FirewallRules: [UDP Query User{2F0380AD-15F6-4335-A92B-44A552B15650}C:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe] => (Block) C:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe
FirewallRules: [TCP Query User{2664E841-64B1-4405-A475-19CE8F874C25}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{139D8F01-73A7-4970-903A-380899775ED5}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{B8EEAB8C-D48D-4B35-B4EE-7337FAA0D35F}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe] => (Block) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe
FirewallRules: [UDP Query User{A8F95BB7-9130-4060-A347-EF789881240C}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe] => (Block) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe
FirewallRules: [TCP Query User{7A997655-0DD2-4AF8-AAA1-D7DCFCBCE624}C:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{8814F03B-8815-4A60-A724-85A452F1D0F6}C:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{A8C11EAC-1118-405C-A960-D8AD53C23B0D}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{749E5B63-0B65-4152-B662-878851B883EE}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{C8F8E190-D711-48B7-911C-21B15F88CCB1}] => (Allow) LPort=80
FirewallRules: [{A10A0EA4-9316-488E-BFAB-C142D0E98B73}] => (Allow) LPort=443
FirewallRules: [{A33F024F-90CD-4191-8382-38E3C3FE7B49}] => (Allow) LPort=20010
FirewallRules: [{B9B5A954-F4E1-40FB-8E6B-D00410407BFD}] => (Allow) LPort=3478
FirewallRules: [{6D8FF2FB-6637-45D1-B940-2BD30CB54994}] => (Allow) LPort=7850
FirewallRules: [{EBB1FB3F-1AEE-48D2-A0BD-C41851A47034}] => (Allow) LPort=27022
FirewallRules: [{6CD1BDAF-B6E7-45CA-8526-D62102934DAE}] => (Allow) LPort=6881
FirewallRules: [{AB5438AC-1F80-46B6-83BC-DB1E0E8710A9}] => (Allow) LPort=33333
FirewallRules: [{EF64B9E2-A337-4F79-BA9B-ED53E130E4DE}] => (Allow) LPort=20443
FirewallRules: [{85D6F364-A395-497F-BCB6-7BB6C2855D76}] => (Allow) LPort=8090
FirewallRules: [{6AD8B2A7-EB99-4B3B-B1CC-FDF4E57DC828}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{688079A3-04DF-4965-94E8-2699EDC8FC06}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{50A2E10A-E79A-4FE1-A856-753775850962}] => (Allow) LPort=4481
FirewallRules: [{92E678A2-3349-4454-A66F-409428B973DD}] => (Allow) LPort=4481
FirewallRules: [{8E81CC05-ABE0-48F3-945F-1B1DD2B830BD}] => (Allow) LPort=4482
FirewallRules: [{A3177FA7-6678-478C-8331-290539BBD96E}] => (Allow) LPort=4482
FirewallRules: [{12B6C0BC-92EC-457E-AE1E-11C1471C2D72}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{794756E2-DAE0-4FB9-90F1-842C960DC2C3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8CAC577B-6208-4620-9A5B-D59F011AC021}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{88AABBDA-B4B6-4BE6-B308-01128A5563B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{318502A1-7680-49C4-81FE-801EE0E45F2B}D:\steam2\steamapps\common\left 4 dead 2\left4dead2.exe] => (Block) D:\steam2\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{DF9A6A48-273B-4801-B064-7473AD32C00B}D:\steam2\steamapps\common\left 4 dead 2\left4dead2.exe] => (Block) D:\steam2\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{5724EE23-CA36-4D63-A095-CE5A768F8AC5}] => (Allow) D:\Steam2\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{D8D0BD66-3799-44A7-9A08-31B1A6F782B9}] => (Allow) D:\Steam2\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{DD698123-B35A-40A2-BE86-110C59F54A60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3D7BDD4E-3629-4A09-82D7-CC7ED3AD5DAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0AE6882D-6F8F-447A-AB52-DB2C0C872419}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{30A72062-4FD1-4784-891B-5A4B653CF348}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0BD5D1D0-8575-4B56-AC87-B1AD54A01ABB}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{84521F64-57BF-4C49-A4EA-665A317D587B}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{81B17FA8-5384-46B6-B5F8-0AFEE632A871}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D004800C-6175-4DD9-A1E8-9356793F4682}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{46D92196-F944-450C-BE90-15C7F124BB37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D4DC36DF-B556-4F81-9B12-5565E98A210E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{90E77640-0A97-4B97-8D8F-436D1F2F48C9}] => (Block) D:\downloads\dayz standalone steam early access cracked 3dm\dayz\dayz.exe
FirewallRules: [{503C4062-427D-43A8-9D24-43FDDB64ABA8}] => (Block) D:\downloads\dayz standalone steam early access cracked 3dm\dayz\dayz.exe
FirewallRules: [{919F9C8E-8CFE-4862-B900-6B397A4CC2AC}] => (Allow) D:\Steam2\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{F421ECEB-C04D-48DA-8B0C-54BC54379192}] => (Allow) D:\Steam2\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{CF56E6A2-A88D-47CD-9C0B-BA01C52B65C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{0D3AFBCC-998E-4734-87D4-9278A297ED21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{657E0DE4-669B-4731-B447-89DCB890B8CB}] => (Allow) D:\Steam2\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{B89F085B-E9E4-4DB6-8B71-E8E8EF83E46D}] => (Allow) D:\Steam2\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{A742B462-0B7F-46AD-91D9-93E5D34136CA}] => (Allow) D:\Steam2\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9D191EB5-8868-4F23-93C4-57B85DA6685D}] => (Allow) D:\Steam2\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9937F884-E143-44DC-8516-CD0C253F2B0C}] => (Allow) D:\Steam2\SteamApps\common\Gotham City Impostors F2P\Impostors.exe
FirewallRules: [{A92ADBD4-959E-48CB-BAF0-8C8A28E13C88}] => (Allow) D:\Steam2\SteamApps\common\Gotham City Impostors F2P\Impostors.exe
FirewallRules: [{1CD57A0A-CBE3-4F9C-A6BB-3630400C1DAE}] => (Allow) D:\Steam2\SteamApps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [{650D0530-67A9-450D-AA0D-9F14C2476848}] => (Allow) D:\Steam2\SteamApps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [{48DE94DA-79C1-414B-A972-F2126EE7B78E}] => (Allow) D:\Steam2\Steam\Steam.exe
FirewallRules: [{915F9305-73F6-47BB-9D53-1C01563F7377}] => (Allow) D:\Steam2\Steam\Steam.exe
FirewallRules: [{685DF530-D94C-4BA8-8628-818EF24E5269}] => (Allow) D:\Steam2\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6FDF0597-C709-430D-B7EC-C2E7C0C5DC46}] => (Allow) D:\Steam2\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C108F9D2-E04C-4616-A954-D70D9F90962B}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AF253F58-969D-4374-AD09-B37C0C0FE614}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CDD8DD40-7035-48EB-9148-8496230A0674}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{251E8A35-B2E3-4CCC-983D-533B67D88A83}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A7772B48-6EAB-49D0-AA5C-07B6848A3F83}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8F840BF1-9F58-4506-AF89-25D65ED62A7B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{41F00837-7A0A-432B-946A-FE77F3A09D11}] => (Allow) D:\Steam2\Steam\bin\steamwebhelper.exe
FirewallRules: [{5F4F7F94-D503-47DF-BB22-0146E44B5FCC}] => (Allow) D:\Steam2\Steam\bin\steamwebhelper.exe
FirewallRules: [{2FDE2D91-9948-4B48-806D-3F1F38B0AA9F}] => (Allow) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5E84DE6C-59B8-4B3A-84BA-E09B266CBBEF}] => (Allow) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{39F4F9ED-01A6-4F91-A598-D4CF7A1B04BB}] => (Allow) D:\Steam2\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{DBBFA142-2DD9-45AD-ADA3-70067F69B8C7}] => (Allow) D:\Steam2\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{5594A889-1A87-4EEA-A4D3-3B63DA8D2A3F}C:\users\admin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\admin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{8A148AD7-71D5-4961-AB10-F80D33D8626B}C:\users\admin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\admin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{78E94B0F-53EE-442B-8A6F-EE6EC69A94AF}] => (Allow) D:\Steam2\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{D3E906CE-93E7-4B2F-9823-5A088782782F}] => (Allow) D:\Steam2\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{1FC21FF6-EADF-4D12-8EB0-96DCF702B180}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{0BD03831-8132-4868-AB71-85939F2166F6}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{344BDF24-BB72-4CE9-9B36-8EEF8C9D7039}] => (Allow) D:\Steam2\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{9FC447FF-CEAA-4A3D-822F-6FB1A62E061C}] => (Allow) D:\Steam2\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [TCP Query User{DD4C7F04-8AF6-4C3E-A939-F1F8325720E0}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{9B9F1522-7349-4B8F-A3DA-4BD903EE63EF}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{46C79ACB-F0F7-43A6-9C99-AD2A90C318F5}] => (Allow) D:\Steam2\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{91052E0C-6266-452C-8770-0D93E895491B}] => (Allow) D:\Steam2\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [TCP Query User{A6B705E7-3C98-461F-9BD4-503403D831D2}D:\steam2\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Block) D:\steam2\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [UDP Query User{21B8C2E6-1DD0-46FD-8A02-51904DDD8149}D:\steam2\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Block) D:\steam2\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{569489B5-8D9B-4409-A57D-6CE0DA0BEA5B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AA687208-51C9-464E-B95A-D371C8A4CC6E}] => (Allow) D:\Steam2\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{5111666B-A3E2-497C-8B87-5548C7EF8C42}] => (Allow) D:\Steam2\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{9EACCA48-2DA3-4CC6-9110-44B8E691DC8A}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{41B076ED-F38B-4923-B604-93F384D03906}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{3B77E6CC-B852-41AE-8378-D109AD317FDB}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{4AC568C7-EDC8-43F1-BF29-F61152CB639C}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{31ED8194-37D8-48CF-B603-95F7DD90092A}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{8755D747-5626-47E2-A51B-313D2BC4F3CC}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{79011089-D04B-4CB6-B6B1-D1B98C26ED02}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{504D474B-8CB8-4D2D-9B50-E522CE5F665F}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{86C4206E-1043-4BB5-A642-2326B6E0FDC4}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{590705ED-BBE0-46A9-B51F-F86B3489B66C}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{0F3B89CC-5FB1-47DE-AE2D-05BDB9CB7F72}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{E59E0393-9D91-4090-A232-D08FB3E81B84}] => (Allow) D:\Steam2\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{386F67AA-7C3C-4524-9B0B-8C11C7452FC8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{3B2D9D9A-36E9-404C-913A-86F61E6EC2FD}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{15E63405-72E9-405D-BA79-FCB2E1E63C36}] => (Allow) D:\Steam2\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{97FA0A4D-E4D4-4CB3-B80B-6B29AE6DE8AE}] => (Allow) D:\Steam2\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{0DCB0E68-24ED-454E-8ED0-791883986AAB}] => (Allow) D:\Steam2\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{776389A4-FC95-4623-83A6-BA4B17B30B08}] => (Allow) D:\Steam2\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [TCP Query User{5A5A4FE1-A8A3-41F4-AE7B-C04C0ABF5D83}D:\steam2\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steam2\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{98BFCEE3-3205-4E91-9F96-79BC960EF9A2}D:\steam2\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steam2\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{39861F71-7258-458B-B934-A7643920187F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{52C0D635-3D86-41D7-BA03-37AF4229EC4A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A80F9BA1-C59F-4945-9B4C-BF50B1753E33}] => (Allow) D:\Steam2\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{458B9C19-E5F0-4076-9649-0B9151AC626A}] => (Allow) D:\Steam2\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{EC5EA284-9EE4-492B-9ED7-C9061E0662B7}] => (Allow) D:\Steam2\Steam\SteamApps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{ABF159A5-70DF-4C97-A331-1ABE5FE75A7B}] => (Allow) D:\Steam2\Steam\SteamApps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{8D0C5387-BF66-4174-9ED8-B3C2A80149DC}] => (Allow) D:\Steam2\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{1E161645-B8D1-4C56-85A6-F1676432D458}] => (Allow) D:\Steam2\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{6DDE4B4E-4BC2-436C-8618-330D04803C3D}] => (Allow) D:\Steam2\Steam\SteamApps\common\Depth\Binaries\Win64\DepthGame.exe
FirewallRules: [{22C0CBBD-F2C4-4471-BBFE-E7EC08B81D30}] => (Allow) D:\Steam2\Steam\SteamApps\common\Depth\Binaries\Win64\DepthGame.exe
FirewallRules: [{4E80F6D2-F5DB-4740-BD89-F7A2310FF4AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B7801BA5-A0BF-45DE-BF67-689065C97664}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{21821CA6-C1B1-4CEE-8D4E-04C35C060DB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{671DE35E-194C-4CF5-9E2E-07E51200F025}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{836E4EA3-847F-46E3-A87D-068DC73B933E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{452C6726-7510-4122-9A00-1CBFDA44D847}] => (Allow) D:\Steam2\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{3C88A6D9-4941-4E11-8C97-CD7E699256C8}] => (Allow) D:\Steam2\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{BECC6CB6-AAF2-46D8-91FA-457AD3B185BB}] => (Allow) D:\Steam2\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{D75ECA0A-BCB1-4C35-9804-43A3ECC09D08}] => (Allow) D:\Steam2\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{5991B975-E483-46D1-BF60-1F7DB6185662}] => (Allow) D:\Steam2\Steam\SteamApps\common\diriptide\DeadIslandGame_x86_rwdi.exe
FirewallRules: [{823FCF61-CC12-482B-8153-2915A914626B}] => (Allow) D:\Steam2\Steam\SteamApps\common\diriptide\DeadIslandGame_x86_rwdi.exe
FirewallRules: [{33E61B26-2880-47E2-9234-82D9A7BBA477}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{39FB5C2C-66F2-4CAD-A213-022BAA19C886}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{40E0FCA9-0D2A-457A-AE11-6CD4E7D72030}] => (Allow) D:\Steam2\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{15A9EC39-DC35-4323-9C80-1AEC5C32BDD1}] => (Allow) D:\Steam2\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{A8981C25-FE56-4518-B2D6-85288C22A4C0}] => (Allow) D:\Steam2\Steam\SteamApps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{C5BCF24D-8784-48EA-B164-49A27C9A7DD5}] => (Allow) D:\Steam2\Steam\SteamApps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{27FF0122-C885-4402-AFA7-4BE09C0481CF}] => (Allow) D:\Steam2\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{2ECF21BA-EED1-48F9-91B2-8EA50343BCA1}] => (Allow) D:\Steam2\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{6CD35076-DFC6-4934-8524-46B7228ED012}] => (Allow) D:\Steam2\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{3D095755-1A42-44FF-AA82-CEE7505CCBD4}] => (Allow) D:\Steam2\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{A834626C-F426-4416-9E31-8FBDF9070000}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{096CB03B-E796-4E68-90ED-FBB2F5D7B311}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7E7BC395-38F0-4417-9A53-78A4DFB2B69C}D:\qbittorrent\qbittorrent.exe] => (Allow) D:\qbittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{47FC76AB-6A75-4C62-B966-55491E61AB2C}D:\qbittorrent\qbittorrent.exe] => (Allow) D:\qbittorrent\qbittorrent.exe
FirewallRules: [{889C8BF7-F420-48A4-B9CB-A05E23153339}] => (Allow) D:\Steam2\Steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{81838B9A-FAE4-4110-A434-761380C00136}] => (Allow) D:\Steam2\Steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{775CD3B7-C42F-4546-BFE7-A736E6EC2D2E}] => (Allow) D:\Steam2\Steam\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{9BC65C0F-5CF3-48AB-92FF-4B69894A7761}] => (Allow) D:\Steam2\Steam\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [TCP Query User{69CA8AC2-3F94-4A01-A39C-2DE08C238F16}D:\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) D:\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [UDP Query User{640FE9E9-BF8C-453B-817D-F5A6FF2F2FCA}D:\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) D:\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [TCP Query User{57C46652-0EB5-40AC-B92A-27590DE29990}D:\desktop\call of duty black ops\blackops.exe] => (Allow) D:\desktop\call of duty black ops\blackops.exe
FirewallRules: [UDP Query User{5717E3E0-57C2-4BCE-A798-80B722A80539}D:\desktop\call of duty black ops\blackops.exe] => (Allow) D:\desktop\call of duty black ops\blackops.exe
FirewallRules: [TCP Query User{6B578936-B66F-4A01-91EA-C6EC1CF3AD63}D:\desktop\call of duty black ops\blackopsmp.exe] => (Block) D:\desktop\call of duty black ops\blackopsmp.exe
FirewallRules: [UDP Query User{BFB9F24C-C0E0-4AF1-A2C0-8BF013F64043}D:\desktop\call of duty black ops\blackopsmp.exe] => (Block) D:\desktop\call of duty black ops\blackopsmp.exe
FirewallRules: [{49EEE417-2B48-42B8-A873-B779631BD08F}] => (Allow) D:\Steam2\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{49793601-C25C-4315-B03D-1D5F34A9AEA3}] => (Allow) D:\Steam2\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{153785A9-87C3-47F7-943B-9F1907540A9C}] => (Allow) D:\Steam2\Steam\SteamApps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{8D3EDD28-7304-479E-802D-016B89FE2943}] => (Allow) D:\Steam2\Steam\SteamApps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{6D444DB0-7F9A-48E8-9727-4657F2B024B9}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{5EA176B7-2835-4F9E-8F68-661E9B497E1D}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [TCP Query User{5A80C7B4-B89A-4850-83ED-5989B6E65C55}D:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{0CECDF39-B596-4CAE-B678-1F069DC089AD}D:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{279BED9E-81C9-438B-9264-CC3B899BAE16}D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{24A7549C-0FEB-477F-9160-6034D09BFD1F}D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{6584BA63-3F26-4978-827D-A20B162418AB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{358D2D50-2F5F-43D9-9AE2-7F8016EDC691}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CDED4F07-99A8-406C-8D22-11E7D7FA388A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7D939B95-3B9C-4AFE-9F17-F8A0E92CEFB1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A9BAD6B8-2DA1-4179-AE4E-4C2DAB4777B2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{945CC728-19D1-4BC6-8CDC-95AA5DD8CCE3}] => (Allow) D:\Steam2\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{01F7AB93-19B8-4990-9380-DCEBB4879B99}] => (Allow) D:\Steam2\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{2B0D3F65-7859-466C-855A-14CD0E7E1B78}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
03-04-2016 13:45:46 Windows Update
==================== Faulty Device Manager Devices =============
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/03/2016 04:55:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Steam.exe, version: 3.38.6.76, time stamp: 0x56fee3fa
Faulting module name: tier0_s.dll, version: 3.38.6.76, time stamp: 0x56fee3b1
Exception code: 0x40000015
Fault offset: 0x0001edee
Faulting process id: 0xf2c
Faulting application start time: 0xSteam.exe0
Faulting application path: Steam.exe1
Faulting module path: Steam.exe2
Report Id: Steam.exe3
Error: (04/03/2016 04:48:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/03/2016 04:48:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvBackend.exe, version: 20.14.20.0, time stamp: 0x56af2e28
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7ef6658a
Faulting process id: 0xef8
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3
Error: (04/03/2016 04:48:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cmd.exe, version: 6.1.7601.17514, time stamp: 0x33c4ac70
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7efa658a
Faulting process id: 0x10e4
Faulting application start time: 0xcmd.exe0
Faulting application path: cmd.exe1
Faulting module path: cmd.exe2
Report Id: cmd.exe3
Error: (04/03/2016 04:44:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Steam.exe, version: 3.38.6.76, time stamp: 0x56fee3fa
Faulting module name: tier0_s.dll, version: 3.38.6.76, time stamp: 0x56fee3b1
Exception code: 0x40000015
Fault offset: 0x0001edee
Faulting process id: 0x1c10
Faulting application start time: 0xSteam.exe0
Faulting application path: Steam.exe1
Faulting module path: Steam.exe2
Report Id: Steam.exe3
Error: (04/03/2016 04:41:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Steam.exe, version: 3.38.6.76, time stamp: 0x56fee3fa
Faulting module name: tier0_s.dll, version: 3.38.6.76, time stamp: 0x56fee3b1
Exception code: 0x40000015
Fault offset: 0x0001edee
Faulting process id: 0xc68
Faulting application start time: 0xSteam.exe0
Faulting application path: Steam.exe1
Faulting module path: Steam.exe2
Report Id: Steam.exe3
Error: (04/03/2016 04:41:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: steamwebhelper.exe, version: 3.38.6.76, time stamp: 0x56fee3bf
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7ef3658a
Faulting process id: 0x16d4
Faulting application start time: 0xsteamwebhelper.exe0
Faulting application path: steamwebhelper.exe1
Faulting module path: steamwebhelper.exe2
Report Id: steamwebhelper.exe3
Error: (04/03/2016 04:41:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvBackend.exe, version: 20.14.20.0, time stamp: 0x56af2e28
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7ef5658a
Faulting process id: 0x17f0
Faulting application start time: 0xNvBackend.exe0
Faulting application path: NvBackend.exe1
Faulting module path: NvBackend.exe2
Report Id: NvBackend.exe3
Error: (04/03/2016 04:41:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OAWrapper.exe, version: 27.0.0.0, time stamp: 0x56fbc793
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7efa658a
Faulting process id: 0x1c40
Faulting application start time: 0xOAWrapper.exe0
Faulting application path: OAWrapper.exe1
Faulting module path: OAWrapper.exe2
Report Id: OAWrapper.exe3
Error: (04/03/2016 04:41:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvOAWrapperCache.exe, version: 27.0.0.0, time stamp: 0x56fbc7a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7efa65d3
Faulting process id: 0x1c24
Faulting application start time: 0xNvOAWrapperCache.exe0
Faulting application path: NvOAWrapperCache.exe1
Faulting module path: NvOAWrapperCache.exe2
Report Id: NvOAWrapperCache.exe3
System errors:
=============
Error: (04/03/2016 04:58:28 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer HOME
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{388AE378-0085-4B27-AE23-D9066CA92C32}.
The master browser is stopping or an election is being forced.
Error: (04/03/2016 01:53:45 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
Error: (04/03/2016 01:49:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {682159D9-C321-47CA-B3F1-30E36B2EC8B9}
Error: (04/02/2016 12:39:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
Error: (04/02/2016 12:24:21 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (04/01/2016 03:22:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Razer Game Scanner service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Error: (04/01/2016 03:18:58 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {682159D9-C321-47CA-B3F1-30E36B2EC8B9}
Error: (04/01/2016 03:15:40 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
CSC
DfsC
discache
NetBIOS
NetBT
nsiproxy
Psched
rdbss
SASDIFSV
SASKUTIL
SCDEmu
spldr
tdx
Wanarpv6
WfpLwf
Error: (04/01/2016 03:15:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:
%%1068
Error: (04/01/2016 03:15:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:
%%1068
CodeIntegrity:
===================================
Date: 2016-04-03 16:52:56.062
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-03 16:47:17.222
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-03 14:16:24.093
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-03 13:57:09.687
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-03 13:46:50.054
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-03 13:41:05.222
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-02 14:47:27.761
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-02 12:27:20.832
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-01 15:30:56.577
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-01 15:21:14.823
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 51%
Total physical RAM: 8190.55 MB
Available physical RAM: 3988.15 MB
Total Virtual: 16379.32 MB
Available Virtual: 11602.41 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.72 GB) (Free:7.23 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Storage) (Fixed) (Total:800 GB) (Free:238.22 GB) NTFS
Drive e: (G71-VNW1021) (CDROM) (Total:2.55 GB) (Free:0 GB) CDFS
Drive f: (Filip Storage) (Fixed) (Total:298.06 GB) (Free:239.94 GB) NTFS
Drive h: (FARCRY2) (CDROM) (Total:3.67 GB) (Free:0 GB) UDF
Drive i: (BIAHH_PC_EFIS) (CDROM) (Total:6.22 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 00028ACA)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Edited by filipfilip, 03 April 2016 - 11:26 AM.