This topic is locked
Hello, last night I downloaded an episode and when i tried to play it didn't work with VLC so I tried with Windows Mediaplayer and it said that it needed something additionaly so unaware I pressed ok. Nothing happend but then I noticed that my browser settings were changed and found a chinese program on my pc, I deleted it but there was another program running in taskmanager that didn't show up in configuration screen, a program called Tencent.
I followed this youtube video to delete it (), the program is gone I think. To be sure i searched for tencent and found about 7 files left and deleted them as well.
No from what i found on the internet about Tencent is that it could instal other unwanted programms without notice. So my brother directed me to this, hoping you could help me detect any unwanted programs left on my pc.
Anyway thanks in advance.
The files from the scan:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-05-2016
Ran by elias (administrator) on ELIAS-PC (18-05-2016 11:10:39)
Running from C:\Users\elias\Desktop
Loaded Profiles: elias & cynth_000 (Available Profiles: elias & cynth_000)
Platform: Windows 8.1 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Windows\System32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [SiemensAutomationFileStorage] => "C:\Program Files (x86)\Siemens\Automation\Portal V11\\Bin\Siemens.Automation.ObjectFrame.FileStorage.Server.exe" preload
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-04-01] (Raptr, Inc)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [522552 2015-12-10] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231736 2015-12-10] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-04-05] (Plays.tv, LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [2] => C:\Users\elias\AppData\Local\Temp\2.exe /start <===== ATTENTION
HKU\S-1-5-21-3686653356-2767655038-3197982578-1001\...\Run: [BrowserChoice] => C:\Windows\BrowserChoice\browserchoice.exe [86816 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-3686653356-2767655038-3197982578-1001\...\Run: [Dropbox Update] => C:\Users\elias\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3686653356-2767655038-3197982578-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-3686653356-2767655038-3197982578-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2016-05-08] (Overwolf LTD)
HKU\S-1-5-21-3686653356-2767655038-3197982578-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51656320 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3686653356-2767655038-3197982578-1004\...\Run: [ConnectionCenter] => C:\Users\cynth_000\AppData\Local\Citrix\ICA Client\concentr.exe [518496 2015-06-24] (Citrix Systems, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2016-05-18]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (AO Kaspersky Lab)
Startup: C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-05-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\elias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.130.130.2 195.130.131.2
Tcpip\..\Interfaces\{D8548F87-4E28-4644-8A70-A313F77AB2C2}: [DhcpNameServer] 195.130.130.2 195.130.131.2
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-03-17] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2016-03-17] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-22] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-22] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-05-17] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-05-17] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @baidu.com/npxbdcntb -> C:\Program Files (x86)\Baidu\BaiduPinyin\3.3.2.1028\npxbdcntb.dll [No File]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-12-10] (Citrix Systems, Inc.)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-05-17] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3686653356-2767655038-3197982578-1004: @Citrix.com/npican -> C:\Users\cynth_000\AppData\Local\Citrix\ICA Client\npicaN.dll [2015-06-24] (Citrix Systems, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-05-18]
Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHumfA2eDXzyC7yRmqEEsQPtdnPvthRfg5ylv0u_37mR5739iUQALFxPY9nyWkC8QKXEIhor1UXhoRUEwJHPfutMcYCT8qyYA4ZoMQ-nK_z8FGxMhzDa8W2w92ElQ_W01gjdDZyNcKqVtxup7vz4VjMM52NqxdIPgL77We9cZRIR
CHR Profile: C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Documenten) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-18]
CHR Extension: (Google Drive) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-18]
CHR Extension: (YouTube) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-18]
CHR Extension: (Adblock Plus) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-05-18]
CHR Extension: (Kaspersky Bescherming) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-05-18]
CHR Extension: (Offline Documenten) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-18]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-18]
CHR Extension: (Gmail) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-18]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-12-06] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-01] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1286896 2016-05-08] (Overwolf LTD)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-04-05] (Plays.tv, LLC)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-01-10] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-01-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5427472 2015-01-28] (TeamViewer GmbH)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 AppxeetouQ; C:\ProgramData\\AppxeetouQ\\AppxeetouQ.exe -f "C:\ProgramData\\AppxeetouQ\\AppxeetouQ.dat" -l -a
S2 CloudPrinter; no ImagePath
S3 DAUpdaterSvc; F:\Games\SteamLibrary\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]
S2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [X]
S2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [111128 2016-03-07] (Advanced Micro Devices)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 dpmconv; C:\Windows\System32\drivers\dpmconv.sys [259072 2011-04-19] (SIEMENS AG)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
S0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-12-06] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-12-06] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [934272 2015-12-06] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-06] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-12-06] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-18] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 s7odpx2x64; C:\Windows\System32\drivers\s7odpx2x64.sys [71168 2012-01-17] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\drivers\s7oppinx64.sys [107520 2012-01-17] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121344 2011-05-06] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\drivers\s7osmcax64.sys [195584 2011-09-29] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\drivers\s7osobux64.sys [152576 2011-05-06] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2011-05-06] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\drivers\s7otranx64.sys [260096 2012-01-17] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\drivers\s7otsadx64.sys [192000 2011-09-29] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\drivers\s7ousbu64x.sys [196608 2012-01-17] (SIEMENS AG)
R2 s7sn2srtx; C:\Windows\system32\DRIVERS\s7sn2srtx.sys [83032 2011-06-16] (SIEMENS AG)
R2 SNTIE; C:\Windows\system32\DRIVERS\sntie.sys [179288 2011-10-11] (SIEMENS AG)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
S3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-03-04] (Microsoft Corporation)
S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-03-04] (Microsoft Corporation)
R3 vsnl2ada; C:\Windows\System32\drivers\vsnl2ada.sys [120832 2011-04-19] (SIEMENS AG)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QMUdisk64.sys [X]
S1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\softaal64.sys [X]
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\SRepairDrv [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\TsNetHlpX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-18 11:10 - 2016-05-18 11:10 - 00027446 _____ C:\Users\elias\Desktop\FRST.txt
2016-05-18 11:09 - 2016-05-18 11:09 - 02382336 _____ (Farbar) C:\Users\elias\Desktop\FRST64.exe
2016-05-18 11:07 - 2016-05-18 11:10 - 00000000 ____D C:\FRST
2016-05-18 10:58 - 2016-05-18 10:58 - 00002414 _____ C:\Users\elias\Desktop\Safe Money.lnk
2016-05-18 10:58 - 2016-05-18 10:58 - 00002148 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2016-05-18 10:58 - 2016-05-18 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-05-18 10:58 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2016-05-18 10:57 - 2015-12-06 01:12 - 00934272 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-05-18 10:57 - 2015-12-06 01:12 - 00227512 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-05-18 10:57 - 2015-12-06 01:12 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2016-05-18 10:54 - 2016-05-18 10:58 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-05-18 10:54 - 2016-05-18 10:57 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-05-18 10:54 - 2016-05-18 10:54 - 00001111 _____ C:\Users\Public\Desktop\Kaspersky Software Updater Beta.lnk
2016-05-18 10:54 - 2016-05-18 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2016-05-18 10:53 - 2016-05-18 10:58 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-05-18 09:58 - 2016-05-18 09:58 - 00000000 ____D C:\Windows\pss
2016-05-18 00:10 - 2016-05-18 00:10 - 00003122 _____ C:\Windows\System32\Tasks\{0C0E3748-1A4D-408E-8DC2-633AA2EEE19D}
2016-05-18 00:09 - 2016-05-18 10:30 - 00038520 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2016-05-17 23:54 - 2016-05-18 10:30 - 00000000 ____D C:\ProgramData\TXQMPC
2016-05-17 23:54 - 2016-05-18 01:02 - 00000000 ____D C:\Users\elias\AppData\Roaming\Baidu
2016-05-17 23:54 - 2016-05-18 01:02 - 00000000 ____D C:\Users\elias\AppData\LocalLow\Baidu
2016-05-17 23:54 - 2016-05-17 23:54 - 00143992 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernelEx64.sys
2016-05-17 23:54 - 2016-05-17 23:54 - 00097400 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2016-05-17 23:54 - 2016-05-17 23:54 - 00000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2016-05-17 23:54 - 2016-05-17 23:54 - 00000000 ____D C:\ProgramData\Baidu
2016-05-17 23:54 - 2016-05-17 23:54 - 00000000 ____D C:\Program Files\Common Files\Baidu
2016-05-17 23:49 - 2016-05-18 00:39 - 00000000 ____D C:\ProgramData\AppxeetouQ
2016-05-17 23:49 - 2016-05-17 23:49 - 00000000 ____D C:\Users\elias\AppData\Roaming\Mozilla
2016-05-17 23:43 - 2016-05-18 00:39 - 00000000 ____D C:\Users\elias\AppData\Roaming\vnlgp
2016-05-17 23:43 - 2016-05-17 23:43 - 00293320 _____ (深圳市迅雷网络技术有限公司) C:\ProgramData\xldl.dll
2016-05-17 23:43 - 2016-05-17 23:43 - 00000000 ____D C:\Users\Public\Thunder Network
2016-05-17 23:43 - 2016-05-17 23:43 - 00000000 ____D C:\ProgramData\Thunder Network
2016-05-17 23:43 - 2016-05-17 23:43 - 00000000 ____D C:\ProgramData\download
2016-05-17 23:43 - 2016-05-17 23:43 - 00000000 ____D C:\extensions
2016-05-17 23:38 - 2016-05-17 23:38 - 00127488 _____ C:\Users\elias\AppData\Roaming\Installer.dat
2016-05-16 22:29 - 2016-05-17 18:47 - 03102604 _____ C:\Users\elias\Desktop\PC lessen MELA.mw
2016-05-14 10:20 - 2016-05-14 10:20 - 00000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-13 23:18 - 2016-04-22 22:54 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-13 23:18 - 2016-04-22 22:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-13 23:18 - 2016-04-22 22:14 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-13 23:18 - 2016-04-22 22:08 - 06052864 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-13 23:18 - 2016-04-22 22:06 - 20349952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-13 23:18 - 2016-04-22 22:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-13 23:18 - 2016-04-22 21:35 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-13 23:18 - 2016-04-22 21:29 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-13 23:18 - 2016-04-22 21:24 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-05-13 23:18 - 2016-04-22 21:23 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-13 23:18 - 2016-04-22 21:19 - 15414784 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-13 23:18 - 2016-04-22 21:17 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-13 23:18 - 2016-04-22 21:14 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-13 23:18 - 2016-04-22 21:14 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-13 23:18 - 2016-04-22 21:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-13 23:18 - 2016-04-22 21:12 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-13 23:18 - 2016-04-22 20:58 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-13 23:18 - 2016-04-22 20:58 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-05-13 23:18 - 2016-04-22 20:54 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-13 23:18 - 2016-04-22 20:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-13 23:18 - 2016-04-22 20:52 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-13 23:18 - 2016-04-22 20:52 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-13 23:18 - 2016-04-22 20:52 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-13 23:18 - 2016-04-22 20:51 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-13 23:18 - 2016-04-22 20:40 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-13 23:18 - 2016-04-22 20:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-13 23:18 - 2016-04-22 20:27 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-13 23:18 - 2016-04-22 20:24 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-13 23:18 - 2016-04-22 20:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-13 23:18 - 2016-04-11 08:21 - 00074584 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2016-05-13 23:18 - 2016-04-10 09:48 - 00738096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-13 23:18 - 2016-04-10 09:48 - 00613624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-13 23:18 - 2016-04-10 07:37 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-13 23:18 - 2016-04-10 06:21 - 01763376 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-13 23:18 - 2016-04-10 06:21 - 01489088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-13 23:18 - 2016-04-10 06:14 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-13 23:18 - 2016-04-10 01:29 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-13 23:18 - 2016-04-10 00:07 - 01097728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-13 23:18 - 2016-04-09 23:58 - 00534016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-05-13 23:18 - 2016-04-09 23:50 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-05-13 23:18 - 2016-04-06 23:13 - 00561960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-05-13 23:18 - 2016-04-06 23:13 - 00137976 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-13 23:18 - 2016-04-06 20:20 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-13 23:18 - 2016-04-06 20:19 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-13 23:18 - 2016-04-06 20:19 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-13 23:18 - 2016-04-06 19:49 - 00120384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-13 23:18 - 2016-04-06 19:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-13 23:18 - 2016-04-06 18:57 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-13 23:18 - 2016-04-06 18:52 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-13 23:18 - 2016-04-06 18:20 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-13 23:18 - 2016-04-06 17:48 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-13 23:18 - 2016-03-31 08:50 - 01307328 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-13 23:18 - 2016-03-31 05:40 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-13 23:18 - 2016-03-29 03:42 - 07446368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-13 23:18 - 2016-03-16 03:58 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-13 23:18 - 2016-03-16 03:58 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-13 23:18 - 2016-03-14 18:50 - 00316760 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-05-13 23:18 - 2016-03-12 02:49 - 02466136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-05-13 23:18 - 2016-03-12 02:47 - 00160160 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2016-05-13 23:18 - 2016-03-12 02:47 - 00121912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2016-05-13 23:18 - 2016-03-10 19:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsparse.dll
2016-05-13 23:18 - 2016-03-10 18:55 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-05-13 23:18 - 2016-03-10 18:52 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-05-13 23:18 - 2016-03-10 18:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsparse.dll
2016-05-13 23:18 - 2016-03-10 18:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-05-13 23:18 - 2016-03-05 19:44 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-05-13 23:18 - 2016-03-05 19:04 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-05-13 23:18 - 2016-02-27 20:28 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-05-13 23:18 - 2016-02-27 19:57 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-05-13 23:18 - 2016-02-27 19:19 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-05-13 23:18 - 2016-02-27 18:32 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-05-01 15:05 - 2016-05-01 15:05 - 00000000 ____D C:\Users\elias\Desktop\New folder (2)
2016-04-22 23:19 - 2016-04-22 23:19 - 00720334 _____ C:\Users\elias\Desktop\Nuclear Reactor - Feed The Beast Wiki - Wikia.html
2016-04-22 23:19 - 2016-04-22 23:19 - 00000000 ____D C:\Users\elias\Desktop\Nuclear Reactor - Feed The Beast Wiki - Wikia_files
2016-04-22 21:27 - 2016-04-22 21:27 - 00000000 _____ C:\Windows\system32\RENA0D7.tmp
2016-04-22 21:24 - 2016-04-22 21:26 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-04-22 21:24 - 2015-09-26 15:18 - 00110688 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-18 11:10 - 2014-04-17 13:48 - 00000000 ____D C:\Users\elias\AppData\Roaming\Skype
2016-05-18 11:03 - 2014-04-17 12:33 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3686653356-2767655038-3197982578-1001
2016-05-18 10:58 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-05-18 10:58 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-05-18 10:58 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-05-18 10:39 - 2015-10-10 19:53 - 00805344 _____ C:\Windows\system32\perfh013.dat
2016-05-18 10:39 - 2015-10-10 19:53 - 00161920 _____ C:\Windows\system32\perfc013.dat
2016-05-18 10:39 - 2014-04-17 12:26 - 01823174 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-18 10:35 - 2016-01-22 14:28 - 00000480 _____ C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job
2016-05-18 10:35 - 2015-11-07 18:01 - 00000091 _____ C:\HaxLogs.txt
2016-05-18 10:35 - 2015-01-10 13:18 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-18 10:35 - 2014-04-17 13:21 - 00001078 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-18 10:35 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-18 10:30 - 2013-08-22 15:25 - 01048576 ___SH C:\Windows\system32\config\BBI
2016-05-18 10:26 - 2014-04-17 13:21 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-18 10:19 - 2015-06-17 09:09 - 00001042 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3686653356-2767655038-3197982578-1001UA.job
2016-05-18 10:19 - 2014-10-12 11:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-18 01:03 - 2016-04-05 17:54 - 00000891 _____ C:\Users\Public\Desktop\Dragon Age Inquisition.lnk
2016-05-18 01:03 - 2016-04-05 15:03 - 00001719 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-05-18 01:03 - 2016-02-27 22:33 - 00001116 _____ C:\Users\Public\Desktop\Maple 2015.lnk
2016-05-18 01:03 - 2016-02-13 19:45 - 00001669 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
2016-05-18 01:03 - 2016-01-22 14:28 - 00000926 _____ C:\Users\Public\Desktop\MATLAB R2015b.lnk
2016-05-18 01:03 - 2016-01-22 14:28 - 00000696 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2015b.lnk
2016-05-18 01:03 - 2015-11-08 16:50 - 00002224 _____ C:\Users\elias\Desktop\Git Shell.lnk
2016-05-18 01:03 - 2015-10-11 17:08 - 00001327 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-05-18 01:03 - 2015-09-27 17:54 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-18 01:03 - 2015-09-27 17:54 - 00002061 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-05-18 01:03 - 2015-09-26 16:49 - 00000609 _____ C:\Users\elias\Desktop\eclipse - Shortcut.lnk
2016-05-18 01:03 - 2015-01-29 22:22 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2016-05-18 01:03 - 2014-09-30 18:57 - 00000981 _____ C:\Users\elias\Desktop\Adobe Photoshop CS6.lnk
2016-05-18 01:03 - 2014-07-28 23:59 - 00001151 _____ C:\Users\elias\Desktop\Skyrim (SKSE).lnk
2016-05-18 01:03 - 2014-07-15 20:29 - 00001450 _____ C:\Users\elias\Desktop\uTorrent.lnk
2016-05-18 01:03 - 2014-04-17 15:25 - 00001018 _____ C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloads.lnk
2016-05-18 01:03 - 2014-04-17 13:25 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-05-18 01:03 - 2014-04-17 13:24 - 00001933 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2016-05-18 01:03 - 2014-04-17 13:21 - 00000080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-18 01:03 - 2014-04-17 12:27 - 00001446 _____ C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-05-18 01:02 - 2014-07-21 01:32 - 00000000 ____D C:\Users\elias\AppData\Roaming\vlc
2016-05-18 01:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\MediaViewer
2016-05-18 00:33 - 2014-04-17 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-18 00:33 - 2014-04-17 13:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-18 00:31 - 2014-05-29 18:42 - 00000000 ____D C:\Users\elias\AppData\Roaming\ftblauncher
2016-05-18 00:11 - 2015-05-02 17:06 - 00000000 ____D C:\Users\elias\AppData\Local\ElevatedDiagnostics
2016-05-18 00:09 - 2014-04-17 12:28 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-05-18 00:09 - 2014-04-17 12:27 - 00000000 ____D C:\Users\elias\AppData\Local\VirtualStore
2016-05-18 00:09 - 2013-08-22 16:44 - 00532336 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-17 23:49 - 2015-09-07 17:01 - 00002311 _____ C:\Users\cynth_000\Desktop\Google Chrome.lnk
2016-05-17 23:49 - 2015-09-07 17:01 - 00001394 _____ C:\Users\cynth_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-05-17 23:45 - 2014-07-15 20:27 - 00000000 ____D C:\Users\elias\AppData\Roaming\uTorrent
2016-05-17 23:10 - 2014-05-29 18:42 - 00000000 ____D C:\Users\elias\AppData\Local\ftblauncher
2016-05-17 23:08 - 2016-02-27 22:42 - 00000000 ____D C:\Users\elias\.maplesoft
2016-05-17 17:19 - 2015-06-17 09:09 - 00000990 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3686653356-2767655038-3197982578-1001Core.job
2016-05-17 00:07 - 2014-04-17 13:24 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-16 16:51 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-05-16 12:36 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-05-15 16:40 - 2015-09-01 16:39 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-05-14 18:43 - 2016-03-12 17:56 - 00000000 ____D C:\Windows\system32\Drivers\en-GB
2016-05-14 18:43 - 2014-12-11 15:26 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-14 18:10 - 2014-04-17 12:27 - 00000000 ____D C:\Users\elias\AppData\Local\Packages
2016-05-14 18:07 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-05-14 15:02 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-05-14 15:01 - 2014-04-17 12:57 - 00000000 ____D C:\Windows\system32\MRT
2016-05-14 15:01 - 2013-08-22 21:11 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-14 14:57 - 2014-04-17 12:57 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-14 14:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2016-05-14 14:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\en-GB
2016-05-14 10:20 - 2014-05-31 15:02 - 00000000 ____D C:\Users\elias\AppData\Roaming\Dropbox
2016-05-13 23:22 - 2015-09-27 17:54 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-13 23:21 - 2014-04-17 13:21 - 00004054 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-13 23:21 - 2014-04-17 13:21 - 00003818 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-13 23:19 - 2014-10-12 11:22 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 23:18 - 2016-04-16 10:27 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-13 23:18 - 2016-04-16 10:27 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-13 23:18 - 2016-04-16 10:27 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-05-13 23:18 - 2016-04-16 10:27 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-13 23:18 - 2016-04-16 10:27 - 01490120 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-13 23:18 - 2016-04-16 10:27 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-05-13 23:18 - 2016-04-16 10:27 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-05-11 22:08 - 2013-08-22 17:38 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-11 22:08 - 2013-08-22 17:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-06 13:04 - 2015-04-17 13:05 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-06 13:04 - 2015-04-17 13:05 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-06 11:30 - 2015-01-10 13:28 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-05-06 11:30 - 2015-01-10 13:28 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-05-06 11:28 - 2014-05-01 11:01 - 00000000 ____D C:\ProgramData\Origin
2016-05-06 11:23 - 2014-05-17 17:40 - 00000000 ____D C:\Program Files\Microsoft Office
2016-05-06 11:23 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-05-05 16:21 - 2014-05-17 17:37 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-05-05 16:21 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-01 12:34 - 2015-01-07 16:26 - 00000000 ____D C:\Program Files (x86)\Origin
2016-04-30 13:10 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-30 13:09 - 2015-12-12 18:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-30 13:09 - 2014-04-17 13:25 - 00000000 ____D C:\ProgramData\Skype
2016-04-22 21:27 - 2015-09-26 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-04-22 21:27 - 2015-07-21 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-22 21:27 - 2015-07-21 13:15 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-22 21:27 - 2015-07-21 13:03 - 00000000 ____D C:\ProgramData\Oracle
2016-04-22 21:24 - 2015-09-26 15:18 - 00000000 ____D C:\Users\elias\.oracle_jre_usage
2016-04-22 09:57 - 2014-04-17 12:52 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2016-05-17 23:38 - 2016-05-17 23:38 - 0127488 _____ () C:\Users\elias\AppData\Roaming\Installer.dat
2016-05-17 23:43 - 2016-05-17 23:43 - 0293320 _____ (深圳市迅雷网络技术有限公司) C:\ProgramData\xldl.dll
Files to move or delete:
====================
C:\ProgramData\xldl.dll
Some files in TEMP:
====================
C:\Users\elias\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpj2jokx.dll
C:\Users\elias\AppData\Local\Temp\kis_setup.exe
C:\Users\elias\AppData\Local\Temp\Maple2015.2WindowsX64Upgrade.exe
C:\Users\elias\AppData\Local\Temp\playstv_patch.exe
C:\Users\elias\AppData\Local\Temp\qqpcmgr_v11.5.17490.219_45525_Silence.exe
C:\Users\elias\AppData\Local\Temp\raptrpatch.exe
C:\Users\elias\AppData\Local\Temp\raptr_stub.exe
C:\Users\elias\AppData\Local\Temp\Samsung_Magician_Setup_v45.exe
C:\Users\elias\AppData\Local\Temp\tmp5AF.exe
C:\Users\elias\AppData\Local\Temp\tmpF50E.exe
C:\Users\elias\AppData\Local\Temp\update.exe
C:\Users\elias\AppData\Local\Temp\Wj6BMYam_TN_channel1_2016-04-30_20-53-21_35_3.3.2.1028_1202000493.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-14 14:56
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:16-05-2016
Ran by elias (2016-05-18 11:11:03)
Running from C:\Users\elias\Desktop
Windows 8.1 Pro (X64) (2014-04-17 10:27:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3686653356-2767655038-3197982578-500 - Administrator - Disabled)
cynth_000 (S-1-5-21-3686653356-2767655038-3197982578-1004 - Limited - Enabled) => C:\Users\cynth_000
elias (S-1-5-21-3686653356-2767655038-3197982578-1001 - Administrator - Enabled) => C:\Users\elias
Guest (S-1-5-21-3686653356-2767655038-3197982578-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3686653356-2767655038-3197982578-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\Adobe Photoshop CS6) (Version: 13.0.0.0 - © The Computer Guy Tony)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version: - Hyper Hippo Games)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
AirMech (HKLM-x32\...\Steam App 206500) (Version: - Carbon Games)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
AppHelper (HKLM-x32\...\AppHelper) (Version: 1.0 - AppHelper)
Apple Application Support (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battleborn Closed Technical Test (HKLM-x32\...\Steam App 376500) (Version: - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Blender (HKLM\...\Blender) (Version: 2.71 - Blender Foundation)
BLOCKADE 3D (HKLM-x32\...\Steam App 302830) (Version: - Shumkov Dmitriy)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.4.0.8014 - Citrix Systems, Inc.)
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version: - )
Color Symphony (HKLM-x32\...\Steam App 317410) (Version: - REMIMORY)
Compatibility Check Tool TIA - TIACOMPCHECK Single SetupPackage V11.0 + SP1 (x32 Version: 11.00.0100 - Siemens AG) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version: - Crytek Studios)
Darksiders II (HKLM\...\Steam App 50650) (Version: - Vigil Games)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version: - BioWare)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dropbox (HKU\S-1-5-21-3686653356-2767655038-3197982578-1001\...\Dropbox) (Version: 3.20.1 - Dropbox, Inc.)
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 0.5.9 - Hotger)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GitHub (HKU\S-1-5-21-3686653356-2767655038-3197982578-1001\...\5f7eb300e2ea4ebf) (Version: 3.0.7.1 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{A19807B6-6057-456E-A560-A2A04862C1C6}) (Version: 1.5.1.202 - Kaspersky Lab)
Kaspersky Software Updater Beta (x32 Version: 1.5.1.202 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maple 2015 (HKLM\...\Maple 2015) (Version: 2015 - Maplesoft)
MATLAB R2015b (HKLM\...\Matlab R2015b) (Version: 8.6 - MathWorks)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - nl-nl (HKLM\...\O365ProPlusRetail - nl-nl) (Version: - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft SOAP Toolkit 3.0 (HKLM-x32\...\{BCB4C18A-ACA6-4383-8688-E19933A705DD}) (Version: 3.0.1325.4 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.51.0 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 14.3.0.5014 - Citrix Systems, Inc.) Hidden
Online Plug-in (x32 Version: 14.4.0.8014 - Citrix Systems, Inc.) Hidden
Orcs Must Die! Unchained (HKLM\...\Steam App 427270) (Version: - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
ORION: Prelude (HKLM-x32\...\Steam App 104900) (Version: - Spiral Game Studios)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.94.107.0 - Overwolf Ltd.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.9.2-r111395-release - Plays.tv, LLC)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.1.1-r111306-release - Raptr, Inc)
Red Faction: Armageddon (HKLM-x32\...\Steam App 55110) (Version: - Volition)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version: - Trion Worlds)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Self-service Plug-in (x32 Version: 4.3.0.8352 - Citrix Systems, Inc.) Hidden
Self-service Plug-in (x32 Version: 4.4.0.11833 - Citrix Systems, Inc.) Hidden
SIMATIC Device Drivers (Version: 01.00.0300 - Siemens AG) Hidden
SIMATIC Device Drivers WoW (x32 Version: 20.00.0300 - Siemens AG) Hidden
SIMATIC Event Database (x32 Version: 05.05.0100 - Siemens AG) Hidden
SIMATIC HMI License Manager Panel Plugin (x64) (Version: 11.00.0100 - Siemens AG) Hidden
SIMATIC HMI Symbol Library (x32 Version: 11.00.0200 - Siemens AG) Hidden
SIMATIC PLCSIM 64 (Version: 01.00.0001 - Siemens AG) Hidden
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Sniper Ghost Warrior 2 (HKLM-x32\...\Steam App 34870) (Version: - City Interactive)
Speccy (HKLM\...\Speccy) (Version: 1.27 - Piriform)
STAR WARS® - Battlefront® II (HKLM-x32\...\1421404701_is1) (Version: 2.0.0.5 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.4 - Krzysztof Kowalczyk)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.38388 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Talos Principle (HKLM-x32\...\Steam App 257510) (Version: - Croteam)
TIA Portal Single SetupPackage - Hardware Support Base Package WCF-01 V11.0 (x32 Version: 11.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - WINCCBASUCL V11.0 + SP11 (x32 Version: 11.00.1100 - Siemens AG) Hidden
Titan Quest (HKLM-x32\...\Steam App 4540) (Version: - Iron Lore Entertainment)
Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version: - Iron Lore Entertainment)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Totally Integrated Automation Portal V11 - TIA Portal Single SetupPackage V11.0 + SP2 (x32 Version: 11.00.0200 - Siemens AG) Hidden
Transformice (HKLM-x32\...\Steam App 335240) (Version: - Atelier 801)
TreeSize Free V3.3.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.3.2 - JAM Software)
VC User 71 RTL X86 --- (x32 Version: 1.0 - redistributed from Microsoft Corporation merge modules) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version: - Relic Entertainment)
WinCC Runtime Advanced Simulator (x32 Version: 11.00.0100 - Siemens AG) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3686653356-2767655038-3197982578-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\elias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3686653356-2767655038-3197982578-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> F:\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-3686653356-2767655038-3197982578-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3686653356-2767655038-3197982578-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3686653356-2767655038-3197982578-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3686653356-2767655038-3197982578-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3686653356-2767655038-3197982578-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3686653356-2767655038-3197982578-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3686653356-2767655038-3197982578-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3686653356-2767655038-3197982578-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3686653356-2767655038-3197982578-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3686653356-2767655038-3197982578-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\elias\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {13269074-71FD-42C9-83BC-3CF8A39E477E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-05-14] (Microsoft Corporation)
Task: {1563AAD3-270C-431D-BFDF-9517A77E6CC1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {173EADAF-59D4-4217-8AC6-181E96189F40} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {244206E6-8FDB-4688-B938-84AEB8829F1B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-03-17] (Microsoft Corporation)
Task: {26286DAF-9DF2-4D06-95F5-232D7A0D5279} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-05-08] (Overwolf LTD)
Task: {45040221-277F-4FD0-9822-379DE2C863D0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3686653356-2767655038-3197982578-1001UA => C:\Users\elias\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {4B64F82A-919D-4C7D-9310-513C302B444B} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {4F385A8D-7D4D-430C-AD6D-19BD9E52859A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {68A33FB8-2F7E-4C23-BF25-025FA7D54743} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {75873477-C796-4ABE-987F-14D5556C0A8C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3686653356-2767655038-3197982578-1001Core => C:\Users\elias\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {89C549A1-69BD-4D71-902B-EDE12CD32F6C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {93CDF7F4-45AF-49DA-B46E-18AD40CB8D0D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {9DE11DA0-FB85-4F72-BCBF-4EF13FCFC399} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {A740AD7E-6023-41C6-99D1-588964F7F266} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-31] (Microsoft Corporation)
Task: {AC5D18AD-EB7D-4C82-BF63-2173B7FCA272} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {AD372C4A-7820-4F11-AB65-6AC1BD5AC780} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {B19CAD96-BD80-43D3-B467-3A6AA5CD6D85} - System32\Tasks\{0C0E3748-1A4D-408E-8DC2-633AA2EEE19D} => pcalua.exe -a "C:\Program Files (x86)\Baidu\BaiduPinyin\3.3.2.1028\Uninst.exe"
Task: {BFFF60F4-B775-47A1-AD68-BE3F517C5F97} - System32\Tasks\MATLAB R2015b Startup Accelerator => F:\Matlab\bin\win64\MATLABStartupAccelerator.exe [2015-07-30] ()
Task: {CDE57C20-12AD-4BD3-925B-0122C61198B5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {DB8FF3C3-818A-4490-BD79-F34E17FB6669} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {E0D23DF6-9FD5-424C-92AE-48D8D505E08E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {E313A473-8D63-43AD-91FA-B7AB216A9B78} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E3961E58-1622-4704-9B0B-E36790F2D23F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-31] (Microsoft Corporation)
Task: {E9302F9F-833A-4BC3-8E82-DD2E17AA28DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3686653356-2767655038-3197982578-1001Core.job => C:\Users\elias\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3686653356-2767655038-3197982578-1001UA.job => C:\Users\elias\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job => F:\Matlab\bin\win64\MATLABStartupAccelerator.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-17 17:37 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-07-12 14:41 - 2015-01-10 13:42 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 20:23 - 2015-03-12 20:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 20:23 - 2015-03-12 20:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-07-03 10:10 - 2015-07-03 10:10 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2014-04-17 12:34 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll
2016-05-13 23:26 - 2016-05-11 13:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 23:26 - 2016-05-11 13:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2016-05-13 23:26 - 2016-05-11 13:48 - 17565848 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3686653356-2767655038-3197982578-1001\...\sharepoint.com -> hxxps://hogent.sharepoint.com
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2016-05-18 00:04 - 00517864 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 abcstats.com
0.0.0.0 ad4.abradio.cz
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
0.0.0.0 content.ad20.net
0.0.0.0 core.ad20.net
0.0.0.0 banner.ad.nu
There are 12407 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3686653356-2767655038-3197982578-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\elias\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 195.130.130.2 - 195.130.131.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "vnlgp"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SiemensAutomationFileStorage"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => " QQPCTray"
HKLM\...\StartupApproved\Run32: => "BaiduPinyin"
HKU\S-1-5-21-3686653356-2767655038-3197982578-1001\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk"
HKU\S-1-5-21-3686653356-2767655038-3197982578-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3686653356-2767655038-3197982578-1001\...\StartupApproved\Run: => "BrowserChoice"
HKU\S-1-5-21-3686653356-2767655038-3197982578-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3686653356-2767655038-3197982578-1001\...\StartupApproved\Run: => "Flvto Youtube Downloader"
HKU\S-1-5-21-3686653356-2767655038-3197982578-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3686653356-2767655038-3197982578-1001\...\StartupApproved\Run: => "Overwolf"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0205F01F-1534-4896-BE62-AC9E51413CBA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B784A0C2-8AE8-4C72-9BA3-2747A81AB887}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{1CBB0F01-D84D-4B60-AF2D-08DC9A3F8AA1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{34608001-104B-4E5B-BCA2-60E4B27C51C2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{876CEDFB-FFDB-4F5A-8BDD-6C97C51E0E50}C:\users\elias\appdata\local\temp\gw2.exe] => (Block) C:\users\elias\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{4DAD3342-5142-49CE-B6BE-2281AAD79271}C:\users\elias\appdata\local\temp\gw2.exe] => (Block) C:\users\elias\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{00DC1DAE-8BA0-464B-AA9F-473F28935C45}F:\games\guild wars 2\gw2.exe] => (Allow) F:\games\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{5F3E3E79-83FB-4269-B696-BC826B41FEC6}F:\games\guild wars 2\gw2.exe] => (Allow) F:\games\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{B03ECA08-8331-43A4-997C-AEF5AFF9C168}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{E68767AD-2FC0-4A12-AAC5-43CDE241688C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{F7A51C02-B844-4634-BB8F-0D2DBF244B44}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{D6E0C6E0-C42D-4D92-929E-D59C9758FE71}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{9A48F7FD-1B89-4136-BAF1-72F4987BBB08}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{5F2854AF-A861-4022-AFFE-8D46FB8BD807}] => (Allow) F:\Games\Battle.net\Battle.net.exe
FirewallRules: [{E5CCFE55-AC71-4D2A-8959-E137C7EE7530}] => (Allow) F:\Games\Battle.net\Battle.net.exe
FirewallRules: [{3A1EB3E3-44BA-48B7-AAC4-63334961CAA4}] => (Allow) F:\Games\Diablo III\Diablo III.exe
FirewallRules: [{B1E85992-20BD-43D4-8772-437F0C9E4ECF}] => (Allow) F:\Games\Diablo III\Diablo III.exe
FirewallRules: [{F74602E1-0D23-450F-87DA-23C04308BBEF}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\red faction armageddon\rf4_launcher.exe
FirewallRules: [{3EEEA839-9035-4FB0-968B-22A2A30D5001}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\red faction armageddon\rf4_launcher.exe
FirewallRules: [{2DD3242F-24A3-4184-8D01-6BD45DC0585D}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\red faction armageddon\RedFactionArmageddon.exe
FirewallRules: [{130EE192-59F1-4E0D-945E-A4BAA51F8019}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\red faction armageddon\RedFactionArmageddon.exe
FirewallRules: [{D612CBBF-1366-460C-B55C-9F6B45C13A84}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\red faction armageddon\RedFactionArmageddon_DX11.exe
FirewallRules: [{B0B6C2B5-A80A-43FA-8AEA-7852F51D2751}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\red faction armageddon\RedFactionArmageddon_DX11.exe
FirewallRules: [TCP Query User{E9E4B30B-9D77-4C99-B2E7-025E3F3B8DCE}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{AF3DF533-C7F0-4B92-9698-0599773FC63C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{89B1ED97-8689-44D2-8526-337FEAF8E84E}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{7504095A-0D4A-4431-9A0A-ADD56D462A7C}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [{6C674E60-C74B-4D24-851D-01801DD148AA}] => (Allow) C:\Users\elias\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{68282E2C-A884-4A4D-9F2E-7D48556D7D91}] => (Allow) C:\Users\elias\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{153B933B-BE3C-4F0A-AD23-CB42A29F5FF9}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{605EC901-734E-4431-9CB0-CF7A02C06604}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{6E1C073A-72FE-4A84-837B-EB0BD69B377C}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{EFC7BF18-8F48-439F-B272-627E67537F95}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{0B6F7BAC-161E-4700-9E1A-959B9604110C}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{CFF58E58-1CEC-4FFC-91DE-61971DD7E378}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [TCP Query User{440139F7-726C-4467-A46D-53E967B30154}F:\games\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) F:\games\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [UDP Query User{946887C9-6246-4AD4-8F38-3E19C38BFA2C}F:\games\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) F:\games\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [{28A42F68-20BB-468D-BEE9-D6A47E296837}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{5662B836-AA3B-4C5A-A5BD-024F2EB81414}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{DABB1958-0691-4540-8542-903DD5576A5F}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{F0214066-329F-4E48-93FF-58A3078E32CF}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{A9FF0D6C-942B-42A9-BE2A-2D0786ED3884}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{07D6CED1-2FA6-4661-89D3-E8EBA2439A27}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{A40FFFF8-2511-40D0-9E8C-F7A2F47A6D8A}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{0B6199FB-1265-465F-B6DF-36B88BDBA5F0}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{13BF1C1E-54C1-4955-9E4E-D59BBB576C7A}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Portal\hl2.exe
FirewallRules: [{E0147A7D-226D-4322-81DD-4CB96EBF767B}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Portal\hl2.exe
FirewallRules: [{C2DD0211-B9CA-43E7-B031-B2F785C210E3}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{5BECBED0-3D35-4C94-836B-15463907B45D}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{C296CB5C-1573-43D3-9BD2-D92D009DDCF2}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{D5C88337-9765-47AB-9EBB-F6479D484068}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{91C6FAF3-3AF6-4624-8086-E7B25851442E}F:\downloads\utorrent.exe] => (Allow) F:\downloads\utorrent.exe
FirewallRules: [UDP Query User{C44BB8FE-6DF7-49A2-A094-0E1DD16FC3E1}F:\downloads\utorrent.exe] => (Allow) F:\downloads\utorrent.exe
FirewallRules: [{EB6073E0-603A-4ED6-B692-9DF32CD9353D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2743FBB7-7F9E-4129-89C1-0AA9507A7900}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{353D6421-8F2F-46B9-93CD-CAAC26F5320A}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{06D543D8-0D07-4516-90D4-1F805A5D3C98}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{FFAD8E0C-D991-4494-A5D6-F357EE4CF80C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{16752D30-8967-4FB9-B614-483A197D478F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [TCP Query User{8A29D495-6A57-4EBC-9D34-7DB38A9977A1}C:\users\elias\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\elias\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{FA257ADE-01D7-4074-B561-527EB0AC254D}C:\users\elias\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\elias\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{90057D26-DB83-4339-987D-01E2F7A57289}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{94BEDB1B-BD06-4300-9DCC-C7D5E5559955}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{9FB72EAE-5918-4D31-93E3-4C0D5322780D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{F8E5E56C-89FF-4593-A352-6D6438EE3745}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [TCP Query User{57C7BCA0-7925-4198-83D0-4DE889F48D5F}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{7CEF5FC8-9775-40AB-97E7-B74B5A38ABE2}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{97F9E9B9-33D1-44AA-B845-6471F29E5F48}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{3741BA0A-2DAA-4A31-803C-CB9B6FB5190F}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [TCP Query User{AB63D689-11DC-44F8-AD83-2EC2615CCF87}F:\games\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) F:\games\steamlibrary\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{40749741-E7D0-4657-9373-A2DDBB14AFA6}F:\games\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) F:\games\steamlibrary\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{C9B782AA-B19B-4FA9-BFF3-8AED68E94A7F}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe
FirewallRules: [{4199EAA2-C4FE-4C7A-8B41-58ED61B607D3}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe
FirewallRules: [{5B17E22E-1EA7-451F-9E6C-BF190E268137}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\RIFT\riftpatchlive.exe
FirewallRules: [{6C4C51C4-BE0E-48E5-8AFE-00F9EF9D6772}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\RIFT\riftpatchlive.exe
FirewallRules: [{4C190055-4C30-4AC6-9999-D68E6F266DA4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DE330A99-FCC7-4A87-A912-A08166095EDA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D5C4B47C-D2CE-4F7F-BCE0-2B1BDFDA8845}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D994344C-8EA0-41BE-A22B-BB02E27BB54D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{998693A7-2205-4BFA-8324-025F97484F58}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{82AA71C1-CBC5-4DBB-9308-89947C48B035}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{2F5F7B3D-56E9-42E6-A106-6DAFDC453C87}] => (Allow) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
FirewallRules: [{C6153B22-F643-49F8-B778-83638BCB78CD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{ACD18369-B08A-48C7-A86D-BBE470B9A03C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{49793B98-912C-4CBC-AFB8-3DA8294C67D2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5BE6761D-3D46-4665-BA53-F1D8BD32CA24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{39B91259-EF50-457E-95BA-A4D887479CD8}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Blockade3d\main.exe
FirewallRules: [{881C4859-2BAA-43AA-986C-D778A0A6A78B}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Blockade3d\main.exe
FirewallRules: [{69EC3926-0E0A-4067-8F82-3DE569C32A47}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Transformice\Transformice.exe
FirewallRules: [{60C36193-D240-44D0-B99E-89B5CD42ECE9}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Transformice\Transformice.exe
FirewallRules: [{18EE4C54-808C-4EBF-8E2D-CB29CB999F34}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{D4C174A8-2C47-4DBC-B0EF-F03F58787F49}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{50C0038C-26D4-4BE5-BA98-F5290D4C9879}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{757C8087-9F95-414B-942E-B8AC7D8AFFE6}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{C8299B28-7206-43B8-B33E-A23F7EC75C26}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\AirMech\AirMech.exe
FirewallRules: [{42BD29E3-F3D7-49B4-BAD9-8E1C1078ED88}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\AirMech\AirMech.exe
FirewallRules: [{29AED09B-72DE-4514-9D11-35CEED943B04}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{DE8ECD5E-EC92-4127-BB28-277AF46C87D7}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{E61A4C98-1434-416D-BF2D-DAAE37A1214B}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{70F3C27A-2460-4FB1-8BDD-A4FD114E16A2}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{BBBA6DB3-1264-46ED-BB30-F9302649BE10}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{E14A3E41-2995-4FBC-8E50-47E83545C347}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{266B678C-4BF2-49D5-881B-18E1278623A0}] => (Allow) C:\Origin games\Battlefield 4\bf4_x86.exe
FirewallRules: [{752AD145-0C5D-44FD-94E9-A01F6AC8285E}] => (Allow) C:\Origin games\Battlefield 4\bf4_x86.exe
FirewallRules: [{2C7C908E-DEEC-48B5-8759-6331C39F505E}] => (Allow) C:\Origin games\Battlefield 4\bf4.exe
FirewallRules: [{1B3B2623-23E0-4471-AAF7-01F723F4D12B}] => (Allow) C:\Origin games\Battlefield 4\bf4.exe
FirewallRules: [{4658FC9A-7CE6-4B49-AA5C-2B9B58EA6C48}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{E6AF1707-8D76-4FFC-BF89-E662AAFBC3E6}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{A9773620-972B-43F9-8E90-774FE120D83A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{8A470B4F-8194-4B1A-B033-B37F1C95ED60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{1279C79C-FA84-4634-A3DF-E06E32E5E279}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{E299A083-6CE4-4C25-96DA-C65D0068CA36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{7C565941-4BAB-4202-A25C-5854F55E5D50}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Color Symphony\Color Symphony.exe
FirewallRules: [{3E779086-D4A1-4E4C-8A20-EA8E006723F3}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Color Symphony\Color Symphony.exe
FirewallRules: [{573D418E-8B60-4B94-BDF8-48C9885E8772}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{C63043B6-0E9A-4A15-886B-D515E982CF36}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{6FB1697B-7ABA-4C42-81B3-82F1ABCFAD4A}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{852E318A-69C1-4710-875D-75B65E9BBD39}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{8573A870-FD00-4559-AD4A-5A234489093A}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe
FirewallRules: [{AC3AC6CB-5869-4037-B2DF-FDBE2BB200F2}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe
FirewallRules: [{BB7E93A1-3B4D-4712-928D-03CF3DF4FA6A}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\The Talos Principle Demo\Bin\Talos_Demo.exe
FirewallRules: [{D4C2802C-B57E-4FBB-BAF6-8848999639F9}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\The Talos Principle Demo\Bin\Talos_Demo.exe
FirewallRules: [{1C0F645C-FB8E-498C-9D10-1BA7BD019089}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{A010729A-CBEC-4B63-98E8-CA12FF7EBF98}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [TCP Query User{BF427496-E3B3-404F-9C5E-DCD98ADD3158}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{D7088418-FCF9-4C4C-A903-09F985F31395}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{A13A5024-5701-4F55-B59D-C282C00BB180}F:\games\steamlibrary\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) F:\games\steamlibrary\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [UDP Query User{3C74FD3B-9714-49D7-87D1-B79A525DCA99}F:\games\steamlibrary\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) F:\games\steamlibrary\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [TCP Query User{C71E3995-19E2-4214-B176-82864FB17D1A}C:\gog games\star wars - battlefront 2\gamedata\battlefrontii.exe] => (Allow) C:\gog games\star wars - battlefront 2\gamedata\battlefrontii.exe
FirewallRules: [UDP Query User{771C8DE2-54F3-4746-B27F-9D722869526A}C:\gog games\star wars - battlefront 2\gamedata\battlefrontii.exe] => (Allow) C:\gog games\star wars - battlefront 2\gamedata\battlefrontii.exe
FirewallRules: [{8FEF1BB9-E140-4B71-9C36-71CD6E54F54D}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{7113032B-3E18-4811-B40B-FB15278B77F8}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{E4305C26-88EF-418E-951B-BB538BB61620}] => (Allow) F:\Games\Origin\Dead Space 3\deadspace3.exe
FirewallRules: [{F40D5D18-5586-4D46-A98A-EF5684497870}] => (Allow) F:\Games\Origin\Dead Space 3\deadspace3.exe
FirewallRules: [TCP Query User{122CCC13-61D5-444D-82AC-3C04B101038B}C:\users\elias\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\elias\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{014A6BA5-9891-4C4E-B4AA-C2CA3B7317BF}C:\users\elias\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\elias\appdata\local\popcorn time\nw.exe
FirewallRules: [TCP Query User{711DF497-48CA-4FA6-9A07-6495DD19FFCB}F:\eclips\eclipse\eclipse.exe] => (Allow) F:\eclips\eclipse\eclipse.exe
FirewallRules: [UDP Query User{B1D054A5-5C20-49D7-B5AD-4CCA8FC6CF1E}F:\eclips\eclipse\eclipse.exe] => (Allow) F:\eclips\eclipse\eclipse.exe
FirewallRules: [{4EA329E1-DA0B-46B9-BFFA-4E6E0DAB9E6F}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{06604839-EDA9-4A99-9B3D-98791BAB99E1}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{5E45A893-A8AB-42C2-98DD-007FDE8453D0}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Battleborn Closed Technical Test\Binaries\Win64\Battleborn.exe
FirewallRules: [{2245181F-BF67-49C1-9053-D3DB7E90B1C4}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Battleborn Closed Technical Test\Binaries\Win64\Battleborn.exe
FirewallRules: [TCP Query User{3B8E1E15-3220-4157-8778-76BEB09B2D93}F:\android studio\as\bin\studio64.exe] => (Allow) F:\android studio\as\bin\studio64.exe
FirewallRules: [UDP Query User{F30700FB-DB18-4721-BE7E-714239D712D6}F:\android studio\as\bin\studio64.exe] => (Allow) F:\android studio\as\bin\studio64.exe
FirewallRules: [TCP Query User{3C3F3B4B-8BAE-430F-A9B0-7DEF32CA9783}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_60\bin\java.exe
FirewallRules: [UDP Query User{CF039F65-6DF0-43F2-A708-17B8AE422DDE}C:\program files\java\jdk1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_60\bin\java.exe
FirewallRules: [{0B54472F-D042-4E4E-AB25-5D527ED1297B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{390ADFF4-8094-4737-91BD-4CF68C3A719B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{332C6EB9-6F68-4CAA-886D-69BDDC6798A9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{5BFE9002-B4C3-48ED-B9BF-5347AD7D7EB6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{F1223979-3160-4568-9113-598ECC9BF35B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{3E9AB0AF-72A4-447C-BC29-F5DFE7BBC2AF}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B3FFDD12-D6BA-4D92-9D3F-7D64CC7B0126}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{F7CB2469-B666-4A88-A856-6DB7A011762C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{B25C30A8-5546-406B-ABF2-9D67D89CD01C}] => (Allow) C:\Origin games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{F1984DFE-BF36-4F45-B04D-A64FD52D5D5E}] => (Allow) C:\Origin games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{708F6E0B-F9CD-4EB7-A8AC-04D0DDF3AB0C}] => (Allow) C:\Origin games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{6D5CA4B8-0115-4849-9F3B-0B766F9C567C}] => (Allow) C:\Origin games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{8566FD58-DB1A-4224-8653-744D763047E1}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{82F4A870-029E-41C7-A950-A1936F80E3C7}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{17548FD2-EF58-4B19-AC50-F0261FC9853C}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{49612192-F167-49C6-A6D4-EA128E2F51F5}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{AE420630-E251-4924-B3F6-A98E1ED64BFF}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{4DF552E5-9D78-4722-8E4F-88D933B0DDC8}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [TCP Query User{FF8B7C8E-6EB8-4CCF-9BB0-BA58580AD815}F:\matlab\bin\win64\matlab.exe] => (Allow) F:\matlab\bin\win64\matlab.exe
FirewallRules: [UDP Query User{A444091C-2D13-4FCC-8F8D-CBCD82BF7F4C}F:\matlab\bin\win64\matlab.exe] => (Allow) F:\matlab\bin\win64\matlab.exe
FirewallRules: [{FD285D29-0AFA-4B63-B1DF-94B123551AB6}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{26FD2594-A789-4621-A99D-DF2D2A98BB64}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{025BDF6C-D4AF-45B3-A8C5-A75106442A33}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{6471DAE7-FAD9-4A4C-B432-46EF0AAEBECD}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [TCP Query User{3672A7EC-CF71-490A-9971-F715D207D77F}F:\games\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) F:\games\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [UDP Query User{45D0B2D8-FBE5-49BC-9209-C413EABC0BBC}F:\games\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) F:\games\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{3E4929C5-7F59-454F-BA2D-46B04C183D18}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{AE606F1E-3807-432B-87D4-DE69C89268BA}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{D56B5515-1C17-4494-B440-676E07898F2E}C:\program files\maple 2015\jre\bin\javaw.exe] => (Allow) C:\program files\maple 2015\jre\bin\javaw.exe
FirewallRules: [UDP Query User{FBD4B8AC-30D5-4530-A41A-5185F3408A3E}C:\program files\maple 2015\jre\bin\javaw.exe] => (Allow) C:\program files\maple 2015\jre\bin\javaw.exe
FirewallRules: [TCP Query User{CEE1AE8F-4F19-4866-A467-360AD0F6EFF7}F:\java\bin\javaw.exe] => (Allow) F:\java\bin\javaw.exe
FirewallRules: [UDP Query User{554CB6CD-31AD-461C-9059-D7431CBA9240}F:\java\bin\javaw.exe] => (Allow) F:\java\bin\javaw.exe
FirewallRules: [{8B1FBD84-D3B8-4B80-9934-8C151131A274}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\OrcsMustDieUnchained\Dashboard\Bin\SpitfireDashboard.exe
FirewallRules: [{C8E7DB2E-4B1D-47E9-9695-2D13844BCAB8}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\OrcsMustDieUnchained\Dashboard\Bin\SpitfireDashboard.exe
FirewallRules: [TCP Query User{6F945D26-8D2A-42FC-8D08-2A65E78D04A6}F:\games\steamlibrary\steamapps\common\orcsmustdieunchained\binaries\win64\spitfiregame.exe] => (Allow) F:\games\steamlibrary\steamapps\common\orcsmustdieunchained\binaries\win64\spitfiregame.exe
FirewallRules: [UDP Query User{E9FA440C-B1BF-4FD9-AE81-0E5D19706F06}F:\games\steamlibrary\steamapps\common\orcsmustdieunchained\binaries\win64\spitfiregame.exe] => (Allow) F:\games\steamlibrary\steamapps\common\orcsmustdieunchained\binaries\win64\spitfiregame.exe
FirewallRules: [{845EE9C1-6CB8-4D69-AAF0-CC49F3E76EF7}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{36834132-E692-4FD1-9725-A516886AFBBE}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{350391E4-DDA6-49E0-9571-3314ADBE90C8}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{D3FC3DD2-3F60-4F9A-AB87-908B39A91AF5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{D5EC0230-B767-44A4-A6B7-A2039A747005}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{CF03D9E8-56EC-45F7-83BC-75F11A7308CB}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{61DEC34B-E2DD-41D1-8DF9-195793C9830E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CABB122C-F1B9-4C35-A7C8-964155743BFD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{27F750F6-20E5-4621-AC8F-F67DF3211ACF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D90C52E3-1C02-42F3-B507-8EEDCD0A9702}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7382131E-3D11-4D48-BC19-652744B28B5A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{3A7CCA63-D0FD-40F9-8059-14704F78951D}] => (Allow) F:\Games\Origin\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{C8667701-C95F-4615-A7CB-AB40B633A798}] => (Allow) F:\Games\Origin\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{6EE388B2-6EF3-4454-A80A-8228DF734C8D}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\daorigins.exe
FirewallRules: [{C8F3A81D-832A-4B34-8113-F35E50FCCAA0}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\daorigins.exe
FirewallRules: [{902AD57F-89B3-42A3-B646-25273BBF5328}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{93DD30E8-3B4E-4421-A332-AA892354FF62}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [TCP Query User{73D6E77B-E5B9-431A-A223-A02072CC71C3}C:\program files\java\jdk1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{F2EBF630-C130-4B88-B974-6A20FD04926E}C:\program files\java\jdk1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_60\bin\javaw.exe
FirewallRules: [{07D8DE62-1873-4559-B217-9D489BC55466}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{BBDB3CDB-BAFA-4641-BD19-7ED32640AA85}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{27FD045E-16EA-4E7D-952A-211A04D1C1DC}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{C80002CE-6611-48EA-B4CA-CE33BEF0F787}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{DE65BFF5-957B-40B6-AB2A-595F232E01C1}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{89BEFE21-BE74-4881-A9CF-181DD681205F}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{E79433D3-3163-4E50-B4D3-7F8DFEE852C9}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{29927845-D203-4428-BFA4-A67A08C0243E}] => (Allow) F:\Games\SteamLibrary\SteamApps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{AEDCD4C5-FE59-43DC-B04E-C0F64B5698F0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{63766DE5-4430-4EC4-A92F-EDC6F5E2F0C4}] => (Allow) C:\ProgramData\download\MiniThunderPlatform.exe
FirewallRules: [{C2865451-E511-4510-8F46-43816A3FE538}] => (Allow) C:\ProgramData\download\MiniThunderPlatform.exe
FirewallRules: [{618E48F5-AAB1-4AE8-96B7-022ABAB42DD1}] => (Allow) C:\Users\elias\AppData\Local\Temp\QQPCDownload8890541.exe
FirewallRules: [{F3F3AD8C-DD01-4B7A-A9CA-4FBF30AC1745}] => (Allow) C:\Users\elias\AppData\Local\Temp\QQPCDownload8890541.exe
FirewallRules: [{30B8E430-DAAA-40DA-B4F9-3906A1CE3648}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{22F38757-008E-4D55-85BE-7B580635C1D5}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QQPCmgrInstallGuide.exe
FirewallRules: [{243D42AC-7597-421E-AEA2-E64F493E4A33}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{2EAB2D3B-6456-486B-90A1-C23316A85C73}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QQPCTray.exe
FirewallRules: [{DC690C44-2A89-4D6B-A797-9D854C8AA905}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QQPCMgr.exe
FirewallRules: [{08AE0AC4-2147-4C5B-ACB7-0B601BC9F491}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QQPCRTP.exe
FirewallRules: [{57189346-E3C0-4F0F-B060-0FAA0D952639}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QMDL.exe
FirewallRules: [{C4DB7026-3BC2-4085-ABA4-DDE171A658FD}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\bugreport.exe
FirewallRules: [{9880EAD3-134B-493D-8B89-89E54B9634FC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QQPCFileOpen.exe
FirewallRules: [{0BD64414-96E7-4862-BE6B-720B782FF77E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QQPCLeakScan.exe
FirewallRules: [{FE03F184-BF7D-456A-B4C2-A58F9DD88F7E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QQPConfig.exe
FirewallRules: [{EA48A87F-B2C6-4C45-8865-913987B93AF0}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QQPCSoftMgr.exe
FirewallRules: [{C3DE6A15-F4EB-4A1A-8106-4D34BDBB0A2C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{B23D7B65-C4A0-40A0-993A-C1F6BEDD0649}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QQPCBTU.exe
FirewallRules: [{50CD1EA2-8525-4B7F-A2BC-5FB8DA223BD9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QQPCClinic.exe
FirewallRules: [{410E985E-080C-42AC-AC96-459FBDFC9A74}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QQPCLaunch.exe
FirewallRules: [{13DDD260-09C1-448D-B43E-FA952C7805F4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{5DD5392B-B3CC-442C-AFF4-6A80CDE1CB83}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QQPCSoftGame.exe
FirewallRules: [{43438238-6C8F-4E8C-99E6-3FE768B4332B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QQPCSysOptimize.exe
FirewallRules: [{5E45ACC4-25FF-492D-9974-F5C45433881C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QQPCUpdateAVLib.exe
FirewallRules: [{B19F5FA4-BE8C-410E-8FC0-191A77034C79}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QQRepair.exe
FirewallRules: [{D1E44DD3-C926-451E-8008-9456A90AC8A5}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\Uninst.exe
FirewallRules: [{DA71F096-AB63-44FA-8259-A3B7A21C1AEA}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QQPCPatch.exe
FirewallRules: [{52B4C591-E490-42AA-B66D-D234050E2A28}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\TpkUpdate.exe
FirewallRules: [{A10BFB74-E2F2-4407-9BDC-3C4586FF3C82}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QMRouterMgr.exe
FirewallRules: [{F2B548EB-6AED-45FF-B9E4-51C08BBB9842}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QMAccountProtection.exe
FirewallRules: [{33215A4F-FC48-45F7-8EDB-5AD143AA4B2A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17499.219\QMAdBlock.exe
==================== Restore Points =========================
06-05-2016 13:04:10 Windows Update
14-05-2016 14:56:07 Windows Update
==================== Faulty Device Manager Devices =============
Name: Microsoft Hyper-V Network Switch Default Miniport
Description: Hyper-V Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: VMSMP
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/18/2016 10:59:44 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
Details:
The content index catalog is corrupt. 0xc0041801 (0xc0041801)
Error: (05/18/2016 10:59:44 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4810 - enduser\mssearch2\search\ytrip\tripoli\inverted\decodinglayer.cpp (478)}. The service will attempt to automatically correct this problem by rebuilding the index.
Details:
The data is invalid. 0x8007000d (0x8007000d)
Error: (05/18/2016 10:58:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_PcaSvc, version: 6.3.9600.17415, time stamp: 0x54504177
Faulting module name: ntdll.dll, version: 6.3.9600.18233, time stamp: 0x56bb4ebb
Exception code: 0xc0000008
Fault offset: 0x00000000000925fa
Faulting process ID: 0x118
Faulting application start time: 0xsvchost.exe_PcaSvc0
Faulting application path: svchost.exe_PcaSvc1
Faulting module path: svchost.exe_PcaSvc2
Report ID: svchost.exe_PcaSvc3
Faulting package full name: svchost.exe_PcaSvc4
Faulting package-relative application ID: svchost.exe_PcaSvc5
Error: (05/18/2016 12:17:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Au_.exe version 3.3.2.1028 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 97c
Start Time: 01d1b089bcf719a4
Termination Time: 4294967295
Application Path: C:\Users\elias\AppData\Local\Temp\~nsu.tmp\Au_.exe
Report Id: 1ce34b48-1c7d-11e6-8841-0025228e487e
Faulting package full name:
Faulting package-relative application ID:
Error: (05/18/2016 12:05:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELIAS-PC)
Description: Activation of application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/18/2016 12:04:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELIAS-PC)
Description: Activation of application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/17/2016 11:58:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELIAS-PC)
Description: Activation of application BrowserChoice_cw5n1h2txyewy!App failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/17/2016 11:57:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELIAS-PC)
Description: Activation of application BrowserChoice_cw5n1h2txyewy!App failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/17/2016 11:49:19 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (05/17/2016 11:49:19 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
System errors:
=============
Error: (05/18/2016 10:59:24 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Device Association Service service, but this action failed with the following error:
%%1056
Error: (05/18/2016 10:58:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (05/18/2016 10:58:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s).
Error: (05/18/2016 10:58:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (05/18/2016 10:58:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (05/18/2016 10:58:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
Error: (05/18/2016 10:58:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Network Connection Broker service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Error: (05/18/2016 10:58:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HomeGroup Listener service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (05/18/2016 10:58:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Human Interface Device Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (05/18/2016 10:58:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The File History Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
CodeIntegrity:
===================================
Date: 2016-05-17 23:38:30.318
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-05-17 23:38:29.981
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-05-14 18:08:42.039
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-05-14 18:08:41.704
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-05-14 18:05:52.743
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-05-14 18:05:52.422
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-05-01 15:04:09.245
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-05-01 15:04:08.964
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-24 21:10:18.593
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-24 21:10:18.354
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 55%
Total physical RAM: 6126.68 MB
Available physical RAM: 2706.59 MB
Total Virtual: 8302.68 MB
Available Virtual: 4436.61 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.45 GB) (Free:10.63 GB) NTFS
Drive f: (Data) (Fixed) (Total:931.51 GB) (Free:312.8 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 56F45264)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F8264310)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Sign In
Create Account
