Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2017
Ran by Manectric (administrator) on RAIKOU (14-03-2017 16:05:26)
Running from C:\Users\Electrike\Downloads
Loaded Profiles: Manectric & Electrike (Available Profiles: Manectric & Electrike)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
() C:\Program Files\GIGABYTE\SmartManagerV3\ElevateService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\Smart Update\Update_Service.exe
() C:\Program Files (x86)\Windscribe\WindscribeService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avpui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Ruiware) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieCrypto.exe
(Valve Corporation) E:\Steam\Steam.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) E:\Sandbox\Steambox\drive\C\S\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) E:\Sandbox\Steambox\drive\C\S\bin\cef\cef.win7\steamwebhelper.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\32\SbieSvc.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Users\Electrike\Downloads\Idle Master\IdleMaster.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Electrike\Downloads\Idle Master\steam-idle.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Valve Corporation) E:\Sandbox\Steambox\drive\C\S\bin\cef\cef.win7\steamwebhelper.exe
(AVAST Software) C:\Users\Electrike\Desktop\aswMBR.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276040 2014-05-21] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13675736 2014-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-09-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Razer Naga Driver] => C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe [953232 2011-11-16] (Razer USA Ltd)
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [515600 2016-08-01] (QFX Software Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-28] (Intel Corporation)
HKLM Group Policy restriction on software: C:\Windows\System32\VSSAdmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.WSF <====== ATTENTION
HKLM Group Policy restriction on software: *.JSE <====== ATTENTION
HKLM Group Policy restriction on software: *.JS <====== ATTENTION
HKLM Group Policy restriction on software: %appdata% <====== ATTENTION
HKLM Group Policy restriction on software: *.WSH <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile% <====== ATTENTION
HKLM Group Policy restriction on software: *.VBE <====== ATTENTION
HKLM Group Policy restriction on software: *.VBS <====== ATTENTION
HKLM\...\Policies\Explorer: [NoThumbnailCache] 1
HKLM\...\Policies\Explorer: [DisableThumbnailsOnNetworkFolders] 1
HKLM\...\Policies\Explorer: [NoCDBurning] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [799376 2016-12-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7946144 2017-02-16] (SUPERAntiSpyware)
HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4015216 2016-12-15] (Tonec Inc.)
HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [9161720 2016-12-23] (Binary Fortress Software)
HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1231240 2016-11-14] (Ruiware)
HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [799376 2016-12-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [9161720 2016-12-23] (Binary Fortress Software)
HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1231240 2016-11-14] (Ruiware)
HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7946144 2017-02-16] (SUPERAntiSpyware)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170360 2017-02-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2017-02-10] (NVIDIA Corporation)
IFEO\taskmgr.exe: [Debugger] "C:\PROGRAM FILES (X86)\PROCESSEXPLORER\PROCEXP.EXE"
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{0326CB5A-1274-4DD9-8EB4-1BE8C95AE083}: [NameServer] 8.8.8.8,203.12.160.35
Tcpip\..\Interfaces\{4F65E33E-CBEB-441C-B813-D5B11989BAD0}: [DhcpNameServer] 10.110.234.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com/?pc=SBJB
HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com/?pc=SBJB
HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES007&pc=UE06
HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com/?pc=SBJB
SearchScopes: HKLM -> DefaultScope {B0C9ACC6-6B01-470F-B98A-DCC12B58795A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {B0C9ACC6-6B01-470F-B98A-DCC12B58795A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {B0C9ACC6-6B01-470F-B98A-DCC12B58795A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {B0C9ACC6-6B01-470F-B98A-DCC12B58795A} URL =
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2016-12-02] (AO Kaspersky Lab)
FireFox:
========
FF DefaultProfile: ipvqxq4h.default
FF ProfilePath: C:\Users\Manectric\AppData\Roaming\Mozilla\Firefox\Profiles\ipvqxq4h.default [2017-03-12]
FF Extension: (HTTPS-Everywhere) - C:\Users\Manectric\AppData\Roaming\Mozilla\Firefox\Profiles\ipvqxq4h.default\Extensions\https-everywhere@eff.org [2016-01-22]
FF Extension: (TrafficLight) - C:\Users\Manectric\AppData\Roaming\Mozilla\Firefox\Profiles\ipvqxq4h.default\Extensions\trafficlight@bitdefender.com.xpi [2016-01-22]
FF Extension: (Flagfox) - C:\Users\Manectric\AppData\Roaming\Mozilla\Firefox\Profiles\ipvqxq4h.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-01-22]
FF Extension: (NoScript) - C:\Users\Manectric\AppData\Roaming\Mozilla\Firefox\Profiles\ipvqxq4h.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-06-11]
FF Extension: (No Name) - C:\Users\Manectric\AppData\Roaming\Mozilla\Firefox\Profiles\ipvqxq4h.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2017-03-11] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-12-02]
FF HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Manectric\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Manectric\AppData\Roaming\IDM\idmmzcc5 [2017-02-24] [not signed]
FF HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Electrike\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Electrike\AppData\Roaming\IDM\idmmzcc5 [2017-02-12] [not signed]
FF HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-30] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-30] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-24] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-01-26]
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-01-26]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-02-16] (SUPERAntiSpyware.com)
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5098008 2016-12-23] (Binary Fortress Software)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [229648 2016-10-06] (EasyAntiCheat Ltd)
R2 ElevateService; C:\Program Files\GIGABYTE\SmartManagerV3\ElevateService.exe [14336 2014-10-29] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18584 2014-10-10] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-10-15] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-02-01] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-04-30] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-04-30] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-08-19] ()
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation)
S4 PAExec; C:\Windows\PAExec.exe [189112 2017-02-24] (Power Admin LLC)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197776 2016-12-14] (Sandboxie Holdings, LLC)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R2 Update_Service; C:\Program Files\Smart Update\Update_Service.exe [135680 2016-11-02] () [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-09-02] (Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [53352 2016-12-08] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3817168 2014-08-19] (Intel® Corporation)
S2 AVP16.0.0; no ImagePath
S4 fsssvc; no ImagePath
S3 Futuremark SystemInfo Service; no ImagePath
S4 TBS; %SystemRoot%\System32\tbssvc.dll [X]
S3 vssbrigde64; no ImagePath
S4 wlidsvc; no ImagePath
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-05-14] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1424184 2014-05-14] (Motorola Solutions, Inc.)
S3 btmlehid; C:\Windows\system32\drivers\btmlehid.sys [83256 2014-02-04] (Motorola Solutions, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 fssfltr; no ImagePath
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [30360 2014-10-09] (Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [210376 2014-07-04] (Intel Corporation)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [224720 2015-08-19] (QFX Software Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [236432 2016-12-02] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2017-03-14] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1001304 2016-08-25] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [110424 2016-08-25] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-04-30] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3438872 2015-02-22] (Intel Corporation)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [429272 2014-10-22] (Realsil Semiconductor Corporation)
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [126464 2011-11-15] (Razer USA Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [205968 2016-12-14] (Sandboxie Holdings, LLC)
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation)
R2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [29896 2015-10-05] (CyberLink Corp.)
U4 npcap_wifi; no ImagePath
U3 aswMBR; \??\C:\Users\MANECT~1\AppData\Local\Temp\aswMBR.sys [X] <==== ATTENTION
U3 aswVmm; \??\C:\Users\MANECT~1\AppData\Local\Temp\aswVmm.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-14 16:05 - 2017-03-14 16:05 - 00024718 _____ C:\Users\Electrike\Downloads\FRST.txt
2017-03-14 16:04 - 2017-03-14 16:05 - 00000000 ____D C:\FRST
2017-03-14 16:04 - 2017-03-14 16:04 - 02424832 _____ (Farbar) C:\Users\Electrike\Downloads\FRST64.exe
2017-03-14 15:44 - 2017-03-14 15:44 - 05198336 _____ (AVAST Software) C:\Users\Electrike\Desktop\aswMBR.exe
2017-03-13 20:15 - 2017-03-13 20:16 - 00000000 ____D C:\Users\Electrike\AppData\Roaming\vlc
2017-03-13 20:15 - 2017-03-13 20:15 - 00001076 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-03-13 20:15 - 2017-03-13 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-03-13 20:15 - 2017-03-13 20:15 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2017-03-13 20:10 - 2017-03-13 20:11 - 30533688 _____ C:\Users\Electrike\Downloads\vlc-2.2.4-win32.exe
2017-03-13 20:06 - 2017-03-13 20:06 - 00000000 ____D C:\Users\Electrike\Downloads\f
2017-03-13 18:03 - 2017-03-13 18:03 - 00170497 _____ C:\Users\Electrike\Downloads\WO-089055.pdf
2017-03-13 14:50 - 2017-03-13 16:47 - 00233482 _____ C:\Windows\ntbtlog.txt
2017-03-13 09:15 - 2017-03-13 09:16 - 14079474 _____ C:\Users\Electrike\Downloads\f.zip
2017-03-13 07:08 - 2017-03-14 00:05 - 00000000 ____D C:\Users\Electrike\Downloads\SAT
2017-03-13 05:47 - 2017-03-13 05:47 - 00335960 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-13 05:47 - 2017-03-13 05:47 - 00084896 _____ C:\Users\Electrike\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-12 22:05 - 2017-03-12 22:05 - 00007662 _____ C:\Users\Manectric\AppData\Local\Resmon.ResmonCfg
2017-03-12 19:48 - 2017-03-12 19:53 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-12 19:41 - 2017-03-12 19:43 - 11581544 _____ (SurfRight B.V.) C:\Users\Electrike\Downloads\HitmanPro_x64.exe
2017-03-12 19:35 - 2017-03-12 19:36 - 00230058 _____ C:\TDSSKiller.3.1.0.12_12.03.2017_19.35.05_log.txt
2017-03-12 19:33 - 2017-03-12 19:34 - 04656523 _____ C:\Users\Electrike\Downloads\tdsskiller.zip
2017-03-12 19:33 - 2017-03-12 19:33 - 00000354 _____ C:\TDSSKiller.2.8.16.0_12.03.2017_19.33.34_log.txt
2017-03-12 19:33 - 2016-11-07 07:10 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Electrike\Downloads\TDSSKiller.exe
2017-03-10 23:10 - 2017-03-12 16:31 - 00000000 ____D C:\Users\Electrike\Downloads\Idle Master
2017-03-03 17:44 - 2017-03-03 17:44 - 00000202 _____ C:\Users\Electrike\Desktop\Fiends of Imprisonment.url
2017-03-03 17:43 - 2017-03-03 17:43 - 00000202 _____ C:\Users\Electrike\Desktop\Break Into Zatwor.url
2017-02-24 22:05 - 2017-03-10 19:25 - 00000000 ____D C:\Users\Electrike\AppData\Roaming\NVIDIA
2017-02-24 21:55 - 2017-02-24 21:55 - 00000000 ____D C:\Users\Electrike\AppData\Local\NVIDIA Corporation
2017-02-24 21:54 - 2017-02-24 21:54 - 00000000 ____D C:\Windows\SysWOW64\NV
2017-02-24 21:54 - 2017-02-24 21:54 - 00000000 ____D C:\Windows\system32\NV
2017-02-24 21:54 - 2017-02-24 21:54 - 00000000 ____D C:\Users\Manectric\AppData\Local\NVIDIA Corporation
2017-02-24 21:53 - 2017-03-14 11:48 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-24 21:53 - 2017-02-24 21:53 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-24 21:53 - 2017-02-24 21:53 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-24 21:53 - 2017-02-24 21:53 - 00003676 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-24 21:53 - 2017-02-24 21:53 - 00003500 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-24 21:53 - 2017-02-24 21:53 - 00003440 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-24 21:53 - 2017-02-24 21:53 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-24 21:53 - 2017-02-24 21:53 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-24 21:53 - 2017-02-10 08:52 - 00418752 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-02-24 21:53 - 2017-02-10 07:13 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-02-24 21:53 - 2017-02-10 06:57 - 07791217 _____ C:\Windows\system32\nvcoproc.bin
2017-02-24 21:53 - 2017-02-10 06:57 - 06403640 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-02-24 21:53 - 2017-02-10 06:57 - 02477504 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-02-24 21:53 - 2017-02-10 06:57 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-02-24 21:53 - 2017-02-10 06:57 - 00548288 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-02-24 21:53 - 2017-02-10 06:57 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-02-24 21:53 - 2017-02-10 06:57 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-02-24 21:53 - 2017-02-10 06:57 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-02-24 21:53 - 2017-01-26 08:13 - 00103936 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-02-24 21:53 - 2017-01-26 08:12 - 00326656 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-02-24 21:53 - 2017-01-26 08:09 - 00322560 _____ C:\Windows\system32\vulkan-1.dll
2017-02-24 21:53 - 2017-01-26 08:09 - 00118272 _____ C:\Windows\system32\vulkaninfo.exe
2017-02-24 21:52 - 2017-02-24 21:52 - 00000000 ____D C:\Windows\LastGood.Tmp
2017-02-24 21:52 - 2017-02-10 08:52 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 34937280 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 28212280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 19110088 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 19006832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 16510160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 16398896 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 14674896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 14373824 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-02-24 21:52 - 2017-02-10 08:52 - 13377072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 11122912 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 11019704 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 09305984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 08990072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 04064088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 03627064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 03583560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 03187256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 01051584 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 00989120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 00961080 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 00912440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 00687224 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 00611384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 00576192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 00504104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 00500792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 00492744 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 00425288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 00408272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 00042606 _____ C:\Windows\system32\nvinfo.pb
2017-02-24 21:52 - 2017-02-10 08:52 - 00039992 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2017-02-24 21:52 - 2017-02-10 08:52 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-02-24 21:52 - 2017-02-10 08:52 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-02-24 20:24 - 2017-02-10 08:52 - 00514616 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-02-24 19:35 - 2017-02-24 19:35 - 00189112 _____ (Power Admin LLC) C:\Windows\PAExec.exe
2017-02-24 18:56 - 2017-02-10 08:52 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-02-24 18:56 - 2017-02-10 08:52 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-02-24 18:29 - 2017-02-24 18:30 - 00001908 _____ C:\Windows\diagwrn.xml
2017-02-24 18:29 - 2017-02-24 18:30 - 00001908 _____ C:\Windows\diagerr.xml
2017-02-24 18:29 - 2017-02-24 18:29 - 00000000 ____D C:\$WINDOWS.~BT
2017-02-23 23:22 - 2017-02-23 23:22 - 00001928 _____ C:\Users\Public\Desktop\DOSBox 0.74.lnk
2017-02-23 23:22 - 2017-02-23 23:22 - 00000000 ____D C:\Users\Electrike\AppData\Local\DOSBox
2017-02-23 23:22 - 2017-02-23 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
2017-02-23 23:22 - 2017-02-23 23:22 - 00000000 ____D C:\Program Files (x86)\DOSBox-0.74
2017-02-23 13:04 - 2017-02-23 13:04 - 00000000 ____D C:\Users\Electrike\Downloads\hw64_544
2017-02-22 21:19 - 2017-03-02 18:49 - 00000000 ____D C:\Users\Electrike\Documents\OpenXcom
2017-02-21 19:23 - 2017-02-21 19:27 - 00000650 _____ C:\Users\Electrike\Downloads\gfjydty.txt
2017-02-20 22:08 - 2017-02-20 23:31 - 00000000 ____D C:\Users\Manectric\Documents\OpenXcom
2017-02-20 22:08 - 2017-02-20 22:08 - 00000000 ____D C:\Users\Manectric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenXcom
2017-02-17 12:10 - 2017-03-14 16:02 - 00000518 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e4d34f86-8653-4a93-bc58-a1e3600e97f4.job
2017-02-17 12:10 - 2017-02-17 12:10 - 00003522 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task e4d34f86-8653-4a93-bc58-a1e3600e97f4
2017-02-12 18:35 - 2017-03-12 22:06 - 00000000 ____D C:\Users\Electrike\Downloads\b
2017-02-12 08:12 - 2017-02-12 08:12 - 00001270 _____ C:\Users\Manectric\Desktop\4K Video Downloader.lnk
2017-02-12 08:12 - 2017-02-12 08:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2017-02-12 08:12 - 2017-02-12 08:12 - 00000000 ____D C:\Program Files (x86)\4KDownload
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-14 16:04 - 2016-08-13 10:46 - 00029436 __RSH C:\ProgramData\ntuser.pol
2017-03-14 15:56 - 2016-08-08 20:01 - 00000000 ____D C:\Users\Manectric\AppData\Local\CrashDumps
2017-03-14 15:31 - 2016-03-06 10:01 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-14 15:04 - 2016-10-06 14:55 - 00000000 ____D C:\Users\Electrike\AppData\Local\DisplayFusion
2017-03-14 14:04 - 2016-08-25 12:59 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-14 12:41 - 2009-07-14 13:13 - 00847142 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-14 12:41 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\inf
2017-03-14 11:59 - 2016-06-26 17:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-14 11:57 - 2009-07-14 12:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-14 11:57 - 2009-07-14 12:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-14 11:52 - 2016-01-23 11:54 - 00000000 __SHD C:\Users\Electrike\IntelGraphicsProfiles
2017-03-14 11:48 - 2017-01-27 13:29 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2017-03-14 11:48 - 2009-07-14 13:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-14 00:05 - 2017-01-02 20:10 - 00000000 ____D C:\Users\Electrike\AppData\Roaming\HLSW
2017-03-13 22:45 - 2015-01-12 17:26 - 00133910 _____ C:\Users\Electrike\Documents\%$##!!@.TXT
2017-03-13 20:03 - 2016-01-23 17:21 - 00000000 ____D C:\Users\Electrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-03-12 20:04 - 2016-08-22 14:14 - 00000000 ____D C:\Windows\pss
2017-03-12 20:03 - 2016-05-11 05:36 - 00000000 ____D C:\Users\Electrike\AppData\Roaming\IDM
2017-03-12 20:03 - 2016-04-29 15:47 - 00000000 ____D C:\Users\Electrike\AppData\Local\CrashDumps
2017-03-12 20:03 - 2016-04-29 10:46 - 00000000 ____D C:\Users\Electrike\AppData\Roaming\FileZilla
2017-03-12 20:03 - 2016-01-22 17:02 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-03-12 19:40 - 2016-01-22 19:04 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-12 18:41 - 2016-08-06 09:44 - 01125745 _____ C:\Users\Electrike\Downloads\Trainer for Oil Rush.zip
2017-03-12 17:41 - 2016-01-22 11:28 - 00008934 _____ C:\Windows\Sandboxie.ini
2017-03-12 15:16 - 2016-08-26 14:01 - 00001368 _____ C:\Users\Electrike\Desktop\Steam(_bot_3).lnk
2017-03-12 15:15 - 2016-06-25 10:18 - 00001301 _____ C:\Users\Electrike\Desktop\Steam(BFF18).lnk
2017-03-12 02:08 - 2016-07-08 13:09 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2017-03-12 02:08 - 2014-10-22 14:55 - 00000000 ____D C:\ProgramData\Temp
2017-03-12 01:43 - 2016-08-03 05:57 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-03-12 01:43 - 2016-03-06 09:48 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-10 23:13 - 2017-01-02 20:10 - 00000961 _____ C:\Users\Manectric\Desktop\HLSW.lnk
2017-03-10 23:13 - 2017-01-02 20:10 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HLSW
2017-03-10 23:13 - 2017-01-02 20:10 - 00000000 ___SD C:\Program Files (x86)\HLSW
2017-03-10 23:13 - 2017-01-02 20:10 - 00000000 ____D C:\Users\Manectric\AppData\Roaming\HLSW
2017-03-09 17:28 - 2017-01-30 17:19 - 00002242 ____H C:\Users\Electrike\Documents\Default.rdp
2017-03-05 21:06 - 2016-08-13 09:21 - 00003148 _____ C:\Windows\System32\Tasks\FRAPS
2017-03-05 21:06 - 2016-01-22 17:01 - 00000000 ____D C:\Fraps
2017-03-02 13:19 - 2016-01-22 11:24 - 00003832 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1453433047
2017-03-02 13:19 - 2016-01-22 11:24 - 00000000 ____D C:\Program Files (x86)\Opera
2017-03-01 23:49 - 2016-04-29 10:46 - 00001864 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2017-03-01 23:49 - 2016-04-29 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2017-03-01 23:49 - 2016-04-29 10:46 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2017-02-24 21:54 - 2016-01-19 10:59 - 00000000 __SHD C:\Users\Manectric\IntelGraphicsProfiles
2017-02-24 21:53 - 2014-10-22 14:26 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-24 21:53 - 2014-10-22 14:26 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-24 21:53 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\Help
2017-02-24 20:38 - 2016-03-11 08:40 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-24 03:02 - 2016-01-22 20:48 - 00000000 ____D C:\Windows\system32\MRT
2017-02-24 03:00 - 2016-01-22 20:48 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-23 23:22 - 2016-01-23 11:55 - 00000000 ____D C:\Users\Electrike\AppData\Local\VirtualStore
2017-02-20 02:01 - 2016-06-23 22:12 - 00000000 ____D C:\Users\Electrike\AppData\Roaming\Skype
2017-02-18 20:01 - 2016-08-14 00:10 - 00079093 _____ C:\Users\Electrike\Desktop\Group Policy.msc
2017-02-17 12:10 - 2016-01-22 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-02-17 10:39 - 2016-01-22 21:44 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2017-02-15 12:31 - 2016-08-03 05:57 - 00003890 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-02-15 12:31 - 2016-03-06 10:01 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-15 12:31 - 2016-03-06 10:01 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-15 12:31 - 2016-03-06 10:01 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-15 12:31 - 2016-03-06 09:48 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-12 18:35 - 2016-05-11 05:36 - 00000000 ____D C:\Users\Electrike\AppData\Roaming\DMCache
==================== Files in the root of some directories =======
2016-01-19 10:59 - 2016-01-22 17:20 - 0000020 _____ () C:\Users\Manectric\AppData\Roaming\db.ini
2017-03-12 22:05 - 2017-03-12 22:05 - 0007662 _____ () C:\Users\Manectric\AppData\Local\Resmon.ResmonCfg
2014-08-20 12:06 - 2014-08-20 12:06 - 0000020 _____ () C:\ProgramData\db.ini
2014-10-22 13:49 - 2014-10-22 13:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-04 13:45
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2017
Ran by Manectric (14-03-2017 16:05:45)
Running from C:\Users\Electrike\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-01-19 02:59:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2798084944-1211984927-2140173799-500 - Administrator - Disabled)
Electrike (S-1-5-21-2798084944-1211984927-2140173799-1001 - Limited - Enabled) => C:\Users\Electrike
Guest (S-1-5-21-2798084944-1211984927-2140173799-501 - Limited - Disabled)
Manectric (S-1-5-21-2798084944-1211984927-2140173799-1000 - Administrator - Enabled) => C:\Users\Manectric
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3DMark (HKLM-x32\...\Steam App 223850) (Version: - Futuremark)
4K Video Downloader 4.2 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.2.1.2185 - Open Media LLC)
7 Days to Die (HKLM\...\Steam App 251570) (Version: - The Fun Pimps)
8BitBoy (HKLM-x32\...\Steam App 296910) (Version: - AwesomeBlade)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
AmCap version 9.01 (HKLM-x32\...\{0F45BECF-4C85-4301-A8A4-D2E2AE2A2C08}_is1) (Version: 9.01 - Gigabyte, Inc.)
Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
Auslogics BoostSpeed 7 (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 7.9.0.0 - Auslogics Labs Pty Ltd)
BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)
BioShock Remastered (HKLM\...\Steam App 409710) (Version: - 2K Boston)
Blender (HKLM\...\{437221A8-91D1-42A0-9E04-0AD64B502374}) (Version: 2.78.1 - Blender Foundation)
Break Into Zatwor (HKLM\...\Steam App 395980) (Version: - Zonitron Productions)
Breakout Invaders (HKLM-x32\...\Steam App 366700) (Version: - DreamsSoftGames)
Broforce (HKLM\...\Steam App 274190) (Version: - Free Lives)
Canon Easy-PhotoPrint EX - Additional Materials DL_AN1 (HKLM-x32\...\Easy-PhotoPrint EX - DL_AN1) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_AN2 (HKLM-x32\...\Easy-PhotoPrint EX - DL_AN2) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_AN3 (HKLM-x32\...\Easy-PhotoPrint EX - DL_AN3) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_AN4 (HKLM-x32\...\Easy-PhotoPrint EX - DL_AN4) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_AN5 (HKLM-x32\...\Easy-PhotoPrint EX - DL_AN5) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_FA1 (HKLM-x32\...\Easy-PhotoPrint EX - DL_FA1) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_FA2 (HKLM-x32\...\Easy-PhotoPrint EX - DL_FA2) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_FA3 (HKLM-x32\...\Easy-PhotoPrint EX - DL_FA3) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_FA4 (HKLM-x32\...\Easy-PhotoPrint EX - DL_FA4) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_FA5 (HKLM-x32\...\Easy-PhotoPrint EX - DL_FA5) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_ST1 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST1) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_ST2 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST2) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_ST3 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST3) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_ST4 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST4) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_ST5 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST5) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_ST6 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST6) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_ST7 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST7) (Version: - )
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.1.6 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG6200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6200_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6499 - CDBurnerXP)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CyberLink PowerDVD 15 (HKLM-x32\...\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}) (Version: 15.0.2205.58 - CyberLink Corp.)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DisplayFusion (HKLM\...\Steam App 227260) (Version: - Binary Fortress Software)
DisplayFusion 8.1.2 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 8.1.2.0 - Binary Fortress Software)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Edge of Space (HKLM-x32\...\Steam App 238240) (Version: - Handyman Studios)
ELAN Touchpad 11.14.7.1_X64_WHQL (HKLM\...\Elantech) (Version: 11.14.7.1 - ELAN Microelectronic Corp.)
Fiends of Imprisonment (HKLM\...\Steam App 410590) (Version: - Zonitron Productions)
FileZilla Client 3.24.1 (HKLM-x32\...\FileZilla Client) (Version: 3.24.1 - Tim Kosse)
FRAFS AVI Info version 0.2.2.2 (HKLM-x32\...\{3DC088C4-41EB-4CEF-9B45-940555A818D3}_is1) (Version: 0.2.2.2 - raffriff42)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Game Dev Tycoon version 1.5.24 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.5.24 - Greenheart Games Pty. Ltd.)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
GIGABYTE Smart USB Backup 2.0.20141014 (HKLM-x32\...\GIGABYTE Smart USB Backup) (Version: 2.0.20141014 - GIGABYTE TECHNOLOGY CO.,LTD.)
Gone Home (HKLM-x32\...\GoneHome) (Version: - )
GRID (HKLM\...\Steam App 12750) (Version: - Codemasters Studios)
Hard Disk Sentinel (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 4.71 - Janos Mathe)
Hell Yeah! (HKLM-x32\...\Steam App 205230) (Version: - Arkedo)
HLSW v1.4.0.5 (HKLM-x32\...\HLSW_is1) (Version: - Stripf Software)
Hyperdimension Neptunia Re;Birth1 (HKLM-x32\...\Steam App 282900) (Version: - Idea Factory, Inc.)
Hyperdimension Neptunia Re;Birth2 Sisters Generation (HKLM-x32\...\Steam App 351710) (Version: - Compile Heart)
Intel® Chipset Device Software (x32 Version: 10.0.22 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4294 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
Intel® Wireless Bluetooth®(patch version 17.0.1427.2) (HKLM\...\{302600C1-6BDF-4FD1-1406-148929CC1385}) (Version: 17.1.1406.0472 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7991b5ae-96d7-4df2-97fb-a605b7cb638b}) (Version: 17.12.0 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Jet Set Radio (HKLM-x32\...\Steam App 205950) (Version: - Blit Software)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.10.0.0 - QFX Software Corporation)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
Killing Floor 2 - SDK (HKLM\...\Steam App 232150) (Version: - )
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version: - Tripwire Interactive)
Killing Floor SDK (HKLM\...\Steam App 1260) (Version: - Tripwire Interactive)
Kingdom Wars (HKLM\...\Steam App 227180) (Version: - Reverie World Studios, INC)
LanOptimizer (HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\{B416A23D-C2BD-4956-8BAE-5C3BAFF1AC1E}) (Version: 1.00.0000 - Realtek)
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version: - Valve)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MediaInfo 0.7.78 (HKLM\...\MediaInfo) (Version: 0.7.78 - MediaArea.net)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 45.8.0 ESR (x86 en-US) (HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\Mozilla Firefox 45.8.0 ESR (x86 en-US)) (Version: 45.8.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.3.0 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mumble 1.2.17 (HKLM-x32\...\{95A0093C-0C81-4D0B-BCA7-3CE11755A6BD}) (Version: 1.2.17 - Thorvald Natvig)
My MP4Box GUI 0.6.0.6 (HKLM\...\{3FBE3061-F2BC-4D3A-B4A9-8FB15C503F87}_is1) (Version: 0.6.0.6 - Matt Bodin)
NTLite v1.2.0.4750 (HKLM\...\NTLite_is1) (Version: 1.2.0.4750 - Nlitesoft)
NVIDIA Graphics Driver 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.0 - OBS Project)
Omikron - The Nomad Soul (HKLM-x32\...\Steam App 243000) (Version: - Quantic Dream)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenXcom 1.0 (HKLM-x32\...\OpenXcom) (Version: 1.0.0.0 - OpenXcom Developers)
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
ORION: Prelude (HKLM-x32\...\Steam App 104900) (Version: - Spiral Game Studios)
Razer Naga (HKLM-x32\...\{ED4108A9-60FD-4F18-AF42-122219977773}) (Version: 3.03.01 - Razer USA Ltd.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7348 - Realtek Semiconductor Corp.)
Renegade Ops (HKLM-x32\...\Steam App 99300) (Version: - Avalanche Studios)
Revo Uninstaller Pro 3.1.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.7 - VS Revo Group, Ltd.)
Rise of the Tomb Raider (HKLM\...\Steam App 391220) (Version: - Crystal Dynamics)
Sandboxie 5.16 (64-bit) (HKLM\...\Sandboxie) (Version: 5.16 - Sandboxie Holdings, LLC)
Savage Resurrection (HKLM\...\Steam App 366440) (Version: - S2 Games, LLC)
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version: - Sega)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Smart Manager V3 Ver 4.4.3 (HKLM\...\Smart Manager V3) (Version: Ver 4.4.3 - GIGABYTE)
Smart Update v3.3.1 (HKLM-x32\...\Smart Update) (Version: v3.3.1 - GIGABYTE TECHNOLOGY CO.,LTD.)
Sniper Elite: Nazi Zombie Army (HKLM\...\Steam App 227100) (Version: - Rebellion)
Sniper Elite: Nazi Zombie Army 2 (HKLM-x32\...\Steam App 247910) (Version: - )
Soulbringer (HKLM-x32\...\Steam App 283310) (Version: - Infogames Europe SA)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.04.0000 - Electronic Arts)
SPORE™ Creepy & Cute Parts Pack (HKLM-x32\...\{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}) (Version: 1.00.0000 - Electronic Arts)
SPORE™ Galactic Adventures (HKLM-x32\...\{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}) (Version: 1.00.0000 - Electronic Arts)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
Starbound - Unstable (HKLM\...\Steam App 367540) (Version: - )
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
State of Decay (HKLM-x32\...\Steam App 241540) (Version: - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Street Racing Syndicate (HKLM-x32\...\Steam App 292410) (Version: - Eutechnyx)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1212 - SUPERAntiSpyware.com)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version: - Bethesda Game Studios)
The Ship (HKLM-x32\...\Steam App 2400) (Version: - Outerlight Ltd.)
Trainz (HKLM-x32\...\{F03D7004-F232-4B7A-A4A0-4B8FC118C4BD}) (Version: - )
UE Explorer (HKLM-x32\...\{73C686EA-0FF6-4491-BD0D-FE52A62E8B63}) (Version: 1.2.71 - Eliot)
UE3Redist (HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}) (Version: 1.00.0000 - Epic Games)
UE3Redist (x32 Version: 1.00.0000 - Epic Games) Hidden
Viking: Battle for Asgard (HKLM-x32\...\Steam App 211160) (Version: - Creative Assembly, PC Port - Hardlight)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 2.0.0.0 - Microsoft Corporation)
Windscribe version 1.61 build 9 (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.61 build 9 - Windscribe)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 34.11.2016.27 - Ruiware)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
X-COM: UFO Defense (HKLM\...\Steam App 7760) (Version: - MicroProse Software, Inc)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42}\InprocServer32 -> C:\Program Files\MediaInfo\MediaInfo_InfoTip.dll (MediaArea.net)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {056FFE8C-A857-4FBF-8FCF-1A17169A23E7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {09A737C1-5415-4850-916F-39F71D37506D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {0E440603-5998-4E6F-A468-6534CE21E6F8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-10] (NVIDIA Corporation)
Task: {23999207-D116-4723-BBA3-00FDCAD2E369} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {4191DB8E-F288-4967-9413-3A887B0857B4} - System32\Tasks\SUPERAntiSpyware Scheduled Task e4d34f86-8653-4a93-bc58-a1e3600e97f4 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)
Task: {9C42B084-9500-4777-9C27-56A5BC51522B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-10] (NVIDIA Corporation)
Task: {B76B62E6-4816-41E9-928B-167DC7901818} - System32\Tasks\Opera scheduled Autoupdate 1453433047 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-27] (Opera Software)
Task: {CB6F5C92-84A9-4643-A25F-B79D4542047C} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2015-09-05] (Beepa P/L)
Task: {D23151EE-5256-4901-9127-5EE10B45EBD6} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-10] (NVIDIA Corporation)
Task: {D2443CEE-28E7-4E8E-B014-09D96E0D998C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-06] (Piriform Ltd)
Task: {E1B701B4-8889-46F5-A1E8-6226A5212985} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {EB01EC40-DA06-4B4E-88A7-BA219EC53B4F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-10] (NVIDIA Corporation)
Task: {FF4E6B6D-7A57-4A57-8419-5585F849144D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-10] (NVIDIA Corporation)
Task: {FFE4DF80-8C39-4568-8C64-A70E97751AF6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe [2017-02-15] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e4d34f86-8653-4a93-bc58-a1e3600e97f4.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-02-24 21:52 - 2017-02-10 08:52 - 00018880 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2017-02-24 21:53 - 2017-02-10 06:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-29 15:01 - 2014-10-29 15:01 - 00014336 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\ElevateService.exe
2016-11-02 11:52 - 2016-11-02 11:52 - 00135680 _____ () C:\Program Files\Smart Update\Update_Service.exe
2016-12-28 09:42 - 2016-12-08 01:15 - 00053352 _____ () C:\Program Files (x86)\Windscribe\WindscribeService.exe
2017-02-22 05:09 - 2017-02-22 05:09 - 00052392 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-03-12 15:40 - 2017-01-06 01:55 - 01958400 _____ () C:\Users\Electrike\Downloads\Idle Master\IdleMaster.exe
2017-03-12 15:40 - 2015-02-10 01:44 - 00497664 _____ () C:\Users\Electrike\Downloads\Idle Master\steam-idle.exe
2015-12-22 02:47 - 2015-12-22 02:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\kpcengine.2.3.dll
2014-04-30 07:23 - 2014-04-30 07:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-02-24 21:52 - 2017-02-10 08:52 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2016-01-15 06:37 - 2017-02-03 09:42 - 00668960 _____ () E:\Steam\SDL2.dll
2016-01-15 06:37 - 2016-09-01 09:02 - 04969248 _____ () E:\Steam\v8.dll
2016-01-15 06:37 - 2016-09-01 09:02 - 01563936 _____ () E:\Steam\icui18n.dll
2016-01-15 06:37 - 2016-09-01 09:02 - 01195296 _____ () E:\Steam\icuuc.dll
2016-01-15 06:37 - 2017-03-14 06:04 - 02465056 _____ () E:\Steam\video.dll
2016-01-15 06:37 - 2016-01-27 15:49 - 02549760 _____ () E:\Steam\libavcodec-56.dll
2016-01-15 06:37 - 2016-01-27 15:49 - 00442880 _____ () E:\Steam\libavutil-54.dll
2016-01-15 06:37 - 2016-01-27 15:49 - 00491008 _____ () E:\Steam\libavformat-56.dll
2016-01-15 06:37 - 2016-01-27 15:49 - 00332800 _____ () E:\Steam\libavresample-2.dll
2016-01-15 06:37 - 2016-01-27 15:49 - 00485888 _____ () E:\Steam\libswscale-3.dll
2016-01-15 06:31 - 2017-03-14 06:04 - 00838944 _____ () E:\Steam\bin\chromehtml.DLL
2016-03-10 10:38 - 2016-07-05 06:17 - 00266560 _____ () E:\Steam\openvr_api.dll
2016-12-13 10:17 - 2017-01-31 05:41 - 68875552 _____ () E:\Steam\bin\cef\cef.win7\libcef.dll
2016-01-15 06:37 - 2017-03-14 06:04 - 00383776 _____ () E:\Steam\steam.dll
2016-01-15 06:37 - 2015-09-25 07:52 - 00119208 _____ () E:\Steam\winh264.dll
2017-03-12 15:42 - 2015-09-25 07:52 - 00119208 _____ () E:\Sandbox\Steambox\drive\C\S\winh264.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [125]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7932 more sites.
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\1-2005-search.com -> www.1-2005-search.com
There are 12749 more sites.
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\1-2005-search.com -> www.1-2005-search.com
There are 12749 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-12-27 22:20 - 2017-03-12 02:03 - 00454766 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 tonec.com
127.0.0.1 www.tonec.com
127.0.0.1 registeridm.com
127.0.0.1 www.registeridm.com
127.0.0.1 secure.registeridm.com
127.0.0.1 internetdownloadmanager.com
127.0.0.1 www.internetdownloadmanager.com
127.0.0.1 secure.internetdownloadmanager.com
127.0.0.1 mirror.internetdownloadmanager.com
127.0.0.1 mirror2.internetdownloadmanager.com
127.0.0.1 cap.cyberlink.com
127.0.0.1 activation.cyberlink.com127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
There are 15601 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Manectric\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Electrike\AppData\Local\DisplayFusion\Wallpaper_1
DNS Servers: 8.8.8.8 - 203.12.160.35
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GBOSDV3.lnk => C:\Windows\pss\GBOSDV3.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^update_start.lnk => C:\Windows\pss\update_start.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Welcome.lnk => C:\Windows\pss\Welcome.lnk.CommonStartup
MSCONFIG\startupreg: CleanUp RzWizard => C:\Program Files (x86)\Razer\RzWizard\RzInstallerDeletion.vbs
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: SmartUpdate => C:\Program Files\Smart Update\urgent.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{ED44402E-6B9E-4DB1-B967-E19AA4AE59D5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{066D6F27-71F5-4E62-A6E1-7CBE8CC659B8}] => (Allow) LPort=2869
FirewallRules: [{DB872E6F-011D-4F33-9FAC-0FDC2FF78F8E}] => (Allow) LPort=1900
FirewallRules: [{8AA98205-C1F8-4F48-929E-28A6F5C66746}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{218FBBB7-0A07-424B-9DBA-25DEE324042F}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{BA275EC0-0E29-4CB2-851E-0DF94DD3B256}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD.exe
FirewallRules: [{D7B7FE81-F7C1-4CC2-9A5D-3BFBC4F8B092}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe
FirewallRules: [{158CD4F6-032B-4273-826C-217282EBB367}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe
FirewallRules: [{1923CDDD-D237-42FD-8C23-BC5FB283A78E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVDMovie.exe
FirewallRules: [{AE2A9A89-B88B-4683-B869-8B2EF65AD275}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{23E604FA-4DDA-45B1-9908-9EBFB959E3DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B14BB29-0D4F-4A8C-8ABC-6888D216BD83}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{42E4617A-5FCA-4251-8EFB-91382308D1CF}] => (Allow) E:\Steam\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{5915F504-940F-4CF9-8851-E2D9D34CCF8B}] => (Allow) E:\Steam\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{977B611B-A28C-4028-B3BC-1039ED8857E6}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{6E11EF2F-6830-49D3-BD5C-667A4C9A40F6}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{19406A0C-DDD7-46E7-A82F-38E6F9627D2A}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{2513EA08-BD87-41FE-A41B-2C727C0E0AA2}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{31FED2C9-495D-4342-8B10-7966E278394C}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{61BC3A19-BF39-4DD6-A1A6-0D58AEE19178}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{106113F8-9421-4270-820D-CC76EEA2A2B3}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{DBF93726-DD05-4DD9-BC9F-9948951E75B1}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{D0CE9C82-7250-46DC-94CF-0CA3B4E0A5AC}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{B70D3706-95ED-49E3-AF67-CBE783281915}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{B7138CFE-00E4-4F1A-B081-EAF371CC90C5}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2DC418BB-D092-44D7-B9D5-2AAF21966D87}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{080F40DB-3587-4EB6-818C-FE2225702188}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{441B589F-AC8B-4E86-9F8A-536B5BB1D1BB}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{1AC40D78-85FC-44D5-97B1-05DE752CE4AB}] => (Allow) E:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{16E5442B-B244-434D-89BC-122C4DC23666}] => (Allow) E:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{0659532C-2FC0-41DE-A1FE-F884355EFCA2}] => (Allow) E:\Steam\steamapps\common\Edge of Space\Launcher.exe
FirewallRules: [{E7546CF8-5893-4099-B834-70CE3F0A815D}] => (Allow) E:\Steam\steamapps\common\Edge of Space\Launcher.exe
FirewallRules: [{0E8AC9E3-CCC1-4B56-A403-CAF7318C1872}] => (Allow) E:\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{0B8EAF10-34D3-4982-97C4-7B8909D7ABA1}] => (Allow) E:\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{4B4DA01D-819F-4EFF-A0FD-2C0BE6406682}] => (Allow) E:\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{54884BF2-8338-451F-B9E7-46AB96619750}] => (Allow) E:\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{E61D0B2A-5D79-4977-AF7D-2F0B7106C268}] => (Allow) E:\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{3DCB6A24-1389-4942-92D5-3843075404E4}] => (Allow) E:\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{DBA18D9C-8ACA-49E2-AAC4-3562035A8C57}] => (Allow) E:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{BBEFBE26-BED3-48B4-B121-E489A3ADF5B1}] => (Allow) E:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{33926AC4-D51F-4479-8FC0-6A47B2055EEF}] => (Allow) E:\Steam\steamapps\common\Neptunia Rebirth1\NeptuniaReBirth1.exe
FirewallRules: [{1C996CF8-6816-406F-B0E0-7F5346B9A085}] => (Allow) E:\Steam\steamapps\common\Neptunia Rebirth1\NeptuniaReBirth1.exe
FirewallRules: [{8EB3D9BC-0F02-45D3-9DAB-C24D00AB72C1}] => (Allow) E:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{11A7FAF0-73F9-4D6F-BE83-AE1B847685DE}] => (Allow) E:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{9BD875E2-2851-4332-AE83-1C609C0F596E}] => (Allow) E:\Steam\steamapps\common\The Ship\ship.exe
FirewallRules: [{B64A9B7C-6C69-4C35-B792-9697435EB025}] => (Allow) E:\Steam\steamapps\common\The Ship\ship.exe
FirewallRules: [{C7B05986-D0C4-4108-BF55-AA0DB2F9B964}] => (Allow) E:\Steam\steamapps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{86B27BFA-B00C-4819-AC2E-2698A8D1D867}] => (Allow) E:\Steam\steamapps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{0CB72F27-4441-44FA-9C5A-5441E38EE959}] => (Allow) E:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{1D8F9B21-75A4-4095-925D-37EF588122EC}] => (Allow) E:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{D1FBB2F4-3AEB-4A10-B314-1997BF169FD9}] => (Allow) E:\Steam\steamapps\common\Sniper Elite Nazi Zombie Army 2\bin\NZA2.exe
FirewallRules: [{746B90D7-A441-49B8-9D00-634C77BA026A}] => (Allow) E:\Steam\steamapps\common\Sniper Elite Nazi Zombie Army 2\bin\NZA2.exe
FirewallRules: [{DBE2503B-EFAA-4652-A651-B03A21CBF6F6}] => (Allow) E:\Steam\steamapps\common\Neptunia Rebirth2\NeptuniaReBirth2.exe
FirewallRules: [{2DF07BBF-0773-4A95-9F7F-1E5853B86F17}] => (Allow) E:\Steam\steamapps\common\Neptunia Rebirth2\NeptuniaReBirth2.exe
FirewallRules: [{53DFE6F9-4512-43A8-9878-0A28C814363E}] => (Allow) E:\Steam\steamapps\common\8BitBoy\8bitboy.exe
FirewallRules: [{79D7B79F-14C8-41B4-AF2B-E5A83CD0A94E}] => (Allow) E:\Steam\steamapps\common\8BitBoy\8bitboy.exe
FirewallRules: [{BE1625A0-5C22-4012-B36E-CBEB9D1D0B44}] => (Allow) E:\Steam\steamapps\common\Soulbringer\Soulbringer.exe
FirewallRules: [{732E4072-52AD-437F-832B-8788A54BC722}] => (Allow) E:\Steam\steamapps\common\Soulbringer\Soulbringer.exe
FirewallRules: [{B8112D4F-B895-48FD-A761-07233224E301}] => (Allow) E:\Steam\steamapps\common\Soulbringer\SBLang.exe
FirewallRules: [{7B73DB18-60C1-48C2-8BC7-EDB9EA198B1A}] => (Allow) E:\Steam\steamapps\common\Soulbringer\SBLang.exe
FirewallRules: [{DBB54C42-A404-4750-9EA6-CE7EC5EBF23F}] => (Allow) E:\Steam\steamapps\common\Omikron\Runtime.exe
FirewallRules: [{4394EE80-8ACE-407E-952B-CC4B6719971F}] => (Allow) E:\Steam\steamapps\common\Omikron\Runtime.exe
FirewallRules: [{ACA46DCF-C461-4ED4-BED5-2C3C4850A8F3}] => (Allow) E:\Steam\steamapps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{273E2CC8-617A-48CB-9CCF-B94AA9D96ECD}] => (Allow) E:\Steam\steamapps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{172E3FBA-DEE4-43F4-8A2D-B9B8D68CACA0}] => (Allow) E:\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{E94AD05B-C733-4A92-B5A2-BD09EB05A410}] => (Allow) E:\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{5D6F89F7-F555-4AFF-87D7-8917694FB047}] => (Allow) E:\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{4881C23D-6B79-4AC8-8E02-130174DB56C6}] => (Allow) E:\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{3FE16417-2CD9-440A-BB2C-706CE915A875}] => (Allow) E:\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{36087A05-0CF8-4B27-BDF8-9CF302C67AA5}] => (Allow) E:\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{1019BCF9-BD0D-4A13-9E3C-06A6AC454A6E}] => (Allow) E:\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{A00A786A-C640-42D3-BECB-E15D111B895D}] => (Allow) E:\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{085CECB5-F16A-4FEA-A367-635ECAF8AE68}] => (Allow) E:\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{9B0C99E4-2915-4FF2-808A-3D312E5B96A5}] => (Allow) E:\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{91F06AFB-8E75-44AB-B0C6-96E7EA655247}] => (Allow) E:\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{0967B77F-C7CF-4CB1-B661-58A2C9D4BD8A}] => (Allow) E:\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{283F00F6-FC06-4202-A2BC-1D6A71A602D5}] => (Allow) E:\Steam\steamapps\common\NZA\bin\NZA.exe
FirewallRules: [{DC835193-8257-4F17-8766-DF1FB666B42D}] => (Allow) E:\Steam\steamapps\common\NZA\bin\NZA.exe
FirewallRules: [{3E197E6E-E3C9-40F3-9604-1AB1DDD83215}] => (Allow) E:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{262CE7D0-859A-4BCB-BF53-863D3E54387D}] => (Allow) E:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{AE3F9038-B0B2-484A-A0B1-3D461F707A25}] => (Allow) E:\Steam\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{88FFB1AB-B4BB-4CB1-8339-5C300B57DF88}] => (Allow) E:\Steam\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{00D6D883-169F-4CD5-A134-1E5E3108437F}] => (Allow) E:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{46943071-DCB0-4546-972B-D4B05FDE06AC}] => (Allow) E:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{F980B93B-B3F1-4AA1-AD53-E7B190E3AAD7}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A2B82D57-252F-4C4F-A1A7-A1188351003D}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{EAE36BAF-20C0-4176-B891-C93AAB4ED7DA}] => (Allow) E:\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{67C6681C-C526-4AC0-BED8-57D394792A05}] => (Allow) E:\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{EBD6F8DB-25EB-4CF6-9090-B5F73AD0A7D1}] => (Allow) E:\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{17F768BA-5DE3-4570-8749-48DE6DEE3874}] => (Allow) E:\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{F0BF232F-0E90-43F5-BAB8-9E1936900147}] => (Allow) E:\Steam\steamapps\common\BioShock Remastered\Build\Final\BioshockHD.exe
FirewallRules: [{D8856E62-B3BA-457A-A248-9959B0346D43}] => (Allow) E:\Steam\steamapps\common\BioShock Remastered\Build\Final\BioshockHD.exe
FirewallRules: [{AB2AE5A7-16A8-4447-A239-51F2FE8E1FF8}] => (Allow) E:\Steam\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{D0A56F3B-A64F-49EE-A0B5-9A4C1887BC00}] => (Allow) E:\Steam\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{554683F5-2875-4102-866B-E2927BD9EFF1}] => (Allow) E:\Steam\steamapps\common\Grid\grid.exe
FirewallRules: [{1DBBC372-00BA-42C8-BEFE-3B3A884381D7}] => (Allow) E:\Steam\steamapps\common\Grid\grid.exe
FirewallRules: [{E83FF4F2-6B3F-4B21-B9DC-9F432AE9D98B}] => (Allow) E:\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{D77029EA-9252-4050-A4DE-5A2CC74A9EA4}] => (Allow) E:\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{B776EDE2-9CD3-45DE-A25A-22B3D50AC5C1}] => (Allow) E:\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFEditor.exe
FirewallRules: [{4E67D89B-1B83-41DA-B727-2B2874D0239F}] => (Allow) E:\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFEditor.exe
FirewallRules: [{19A0D37B-FA82-4321-AE25-55588203A217}] => (Allow) E:\Steam\steamapps\common\killingfloor2\Binaries\SDKFrontend.exe
FirewallRules: [{559BF878-03EA-4C81-A386-2C3BFC462225}] => (Allow) E:\Steam\steamapps\common\killingfloor2\Binaries\SDKFrontend.exe
FirewallRules: [{66496B66-92ED-44AA-A642-DA5C257C9123}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{918EB967-F962-4314-BD81-2F28F8521144}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8FDB7ABE-5DCF-4542-A141-3C9793D7DC3D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3A591451-8A66-4923-A9AB-6346E9F97557}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{526EE4AE-3507-4266-B353-17A721CEC874}] => (Allow) E:\Steam\steamapps\common\XCom UFO Defense\dosbox.exe
FirewallRules: [{AC5DE1F3-4BE0-4DBD-B24D-B445FBEE3B09}] => (Allow) E:\Steam\steamapps\common\XCom UFO Defense\dosbox.exe
FirewallRules: [{512F06A7-AFB7-4145-AD29-42794DDD341E}] => (Allow) E:\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe
FirewallRules: [{8DC36634-33C8-4E4B-874E-894ED4F2B1FB}] => (Allow) E:\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe
FirewallRules: [{E1AF0320-DDA2-45D7-8071-AD597B84097F}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
FirewallRules: [{15D6FF85-65B8-4C2C-9829-FD57567056D4}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
FirewallRules: [{87CA3F26-AE3E-445A-AD8E-2FA27074829A}] => (Allow) E:\Steam\steamapps\common\Break Into Zatwor\BreakIntoZatwor.exe
FirewallRules: [{53AB99E8-63AB-414E-AD57-CD1420A53428}] => (Allow) E:\Steam\steamapps\common\Break Into Zatwor\BreakIntoZatwor.exe
FirewallRules: [{6B1058F9-48A7-43A0-B735-FF3E11DCEFE3}] => (Allow) E:\Steam\steamapps\common\Fiends of Imprisonment\FOI.exe
FirewallRules: [{25FC8068-B1D3-4219-BE8E-399467389486}] => (Allow) E:\Steam\steamapps\common\Fiends of Imprisonment\FOI.exe
FirewallRules: [{464199AF-E7E6-4394-B850-124D7B616A2C}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{26767745-BC9E-4ADF-8146-5BEDAE24A855}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{5C7714B4-02FF-4607-94E0-9FB515E5E531}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{1B1E2960-FB4C-4BBB-A142-8B6C503C9A02}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{FD9CFDF3-17E1-4711-A3D2-06D9648D82C8}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{7BEEAB4F-9A78-41D2-AD8E-67AD02241823}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{4A22E1D3-267E-41B8-BD28-BA6D78667A89}] => (Allow) E:\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{6BEA73E4-3F8B-41BE-90D7-5CB88A72D889}] => (Allow) E:\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{5A5EA93C-58AF-486E-9DE6-74CA542004DF}] => (Allow) E:\Steam\steamapps\common\Savage Resurrection\Savage\Binaries\Win64\Savage-Win64-Shipping.exe
FirewallRules: [{7459045A-6894-4297-9CEF-43A8B0D9781F}] => (Allow) E:\Steam\steamapps\common\Savage Resurrection\Savage\Binaries\Win64\Savage-Win64-Shipping.exe
FirewallRules: [{89D2E6FA-5EB4-4CA2-8A3F-5E386B6A67D2}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\starbound.exe
FirewallRules: [{B02A18C5-A6EB-4EB8-B1A9-866D8F9F74A2}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\starbound.exe
FirewallRules: [{E9972893-BD74-4117-BB06-5F9EF2CAF303}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\starbound_server.exe
FirewallRules: [{D7916A5A-2760-44DC-970A-7D60E36FF048}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\starbound_server.exe
FirewallRules: [{0DC80C9F-6D3D-4913-AF9E-CE4002B8ED3A}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\mod_uploader.exe
FirewallRules: [{0AAEAADE-CBD3-46C7-9CE0-CB92F4E77DA3}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\mod_uploader.exe
FirewallRules: [{F5589897-B5DE-4A27-9919-D5E825B0C52C}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win32\starbound.exe
FirewallRules: [{C50E1C8E-2BC2-4EC3-8135-EB81498AC855}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win32\starbound.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Npcap Loopback Adapter
Description: Microsoft Loopback Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: msloop
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/14/2017 04:02:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: aswMBR.exe, version: 1.0.1.2252, time stamp: 0x5465ba64
Faulting module name: aswMBR.exe, version: 1.0.1.2252, time stamp: 0x5465ba64
Exception code: 0xc0000005
Fault offset: 0x0004e010
Faulting process id: 0xf44
Faulting application start time: 0x01d29c98ae0b1fdf
Faulting application path: C:\Users\Electrike\Desktop\aswMBR.exe
Faulting module path: C:\Users\Electrike\Desktop\aswMBR.exe
Report Id: 931de159-088c-11e7-baa7-f81654f7d0d1
Error: (03/14/2017 03:55:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: aswMBR.exe, version: 1.0.1.2252, time stamp: 0x5465ba64
Faulting module name: aswMBR.exe, version: 1.0.1.2252, time stamp: 0x5465ba64
Exception code: 0xc0000005
Fault offset: 0x0004e010
Faulting process id: 0x1d78
Faulting application start time: 0x01d29c97a57760f9
Faulting application path: C:\Users\Electrike\Downloads\aswMBR.exe
Faulting module path: C:\Users\Electrike\Downloads\aswMBR.exe
Report Id: 913c5637-088b-11e7-baa7-f81654f7d0d1
Error: (03/14/2017 03:49:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: aswMBR.exe, version: 1.0.1.2252, time stamp: 0x5465ba64
Faulting module name: aswMBR.exe, version: 1.0.1.2252, time stamp: 0x5465ba64
Exception code: 0xc0000005
Fault offset: 0x0004e010
Faulting process id: 0x1f84
Faulting application start time: 0x01d29c96e1ec1386
Faulting application path: C:\Users\Electrike\Downloads\aswMBR.exe
Faulting module path: C:\Users\Electrike\Downloads\aswMBR.exe
Report Id: c9f865c4-088a-11e7-baa7-f81654f7d0d1
Error: (03/14/2017 11:48:56 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Error: (03/14/2017 11:48:56 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Error: (03/14/2017 11:48:56 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Error: (03/13/2017 05:02:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Error: (03/13/2017 05:02:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Error: (03/13/2017 05:02:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Error: (03/13/2017 04:48:25 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
System errors:
=============
Error: (03/14/2017 03:59:27 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer CHARMANDER
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{0326CB5A-1274-4DD9-8EB4-1BE8C95AE083}.
The master browser is stopping or an election is being forced.
Error: (03/14/2017 01:35:30 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer CHARMANDER
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{0326CB5A-1274-4DD9-8EB4-1BE8C95AE083}.
The master browser is stopping or an election is being forced.
Error: (03/14/2017 12:06:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (03/14/2017 12:06:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Error: (03/14/2017 11:52:29 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (03/14/2017 11:49:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
The system cannot find the file specified.
Error: (03/14/2017 11:49:00 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
VBoxNetAdp
Error: (03/14/2017 11:48:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Kaspersky Anti-Virus Service 16.0.0 service failed to start due to the following error:
The system cannot find the path specified.
Error: (03/14/2017 11:48:49 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
Error: (03/13/2017 07:28:14 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer CHARMANDER
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{0326CB5A-1274-4DD9-8EB4-1BE8C95AE083}.
The master browser is stopping or an election is being forced.
CodeIntegrity:
===================================
Date: 2016-01-22 13:37:14.199
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-01-22 13:37:14.198
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-01-22 13:37:14.196
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-01-22 13:37:14.194
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-01-22 13:37:14.193
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-01-22 13:37:14.192
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 34%
Total physical RAM: 16302.39 MB
Available physical RAM: 10661.18 MB
Total Virtual: 16300.58 MB
Available Virtual: 10371.83 MB
==================== Drives ================================
Drive b: (FRAPS) (Fixed) (Total:931.51 GB) (Free:867.86 GB) NTFS
Drive c: (SYSTEM) (Fixed) (Total:103.99 GB) (Free:21.62 GB) NTFS
Drive e: (Game Drive) (Fixed) (Total:1863.01 GB) (Free:1332.86 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: E71727C5)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: AEFDE666)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=260 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=104 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 69318C77)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================