Jump to content

Can't download blocks certain sites


Recommended Posts

Hello and :welcome:

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button. button.

    x5o4gh.png

  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.

  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-03-2016
Ran by User (administrator) on DESKTOP-FX (06-04-2016 17:32:01)
Running from C:\Users\User\Downloads
Loaded Profiles: User & (Available Profiles: User)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(dimitris) C:\Windows\mcgrew.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(razed) C:\Windows\waimea.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(windows) C:\Program Files (x86)\schwartzkopf\beltran.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(multiplatform) C:\Program Files (x86)\polarity\riverboat.exe
() C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Malwarebytes) C:\Program Files (x86)\Malwa\mb2m.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [269824 2015-12-21] ()
HKU\S-1-5-21-968768310-279414444-468820066-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [3931192 2016-03-25] (GOG.com)
HKU\S-1-5-21-968768310-279414444-468820066-1000\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe [5400912 2013-04-09] (ManyCam LLC)
HKU\S-1-5-21-968768310-279414444-468820066-1000\...\Run: [Itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
HKU\S-1-5-21-968768310-279414444-468820066-1000\...\MountPoints2: {2522f7d0-ae19-11e2-9733-806e6f6e6963} - F:\setup.exe
HKU\S-1-5-21-968768310-279414444-468820066-1000\...\MountPoints2: {2f234c4a-2813-11e5-bff9-806e6f6e6963} - E:\DVDSetup.exe
HKU\S-1-5-21-968768310-279414444-468820066-1000\...\MountPoints2: {d392f3ca-b0e1-11e3-9418-806e6f6e6963} - E:\setup.exe
HKU\S-1-5-21-968768310-279414444-468820066-1000\...\MountPoints2: {e90d08ca-7104-11e3-aa04-806e6f6e6963} - E:\Run.exe
HKU\S-1-5-21-968768310-279414444-468820066-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [3931192 2016-03-25] (GOG.com)
HKU\S-1-5-21-968768310-279414444-468820066-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe [5400912 2013-04-09] (ManyCam LLC)
HKU\S-1-5-21-968768310-279414444-468820066-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
HKU\S-1-5-21-968768310-279414444-468820066-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {2522f7d0-ae19-11e2-9733-806e6f6e6963} - F:\setup.exe
HKU\S-1-5-21-968768310-279414444-468820066-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {2f234c4a-2813-11e5-bff9-806e6f6e6963} - E:\DVDSetup.exe
HKU\S-1-5-21-968768310-279414444-468820066-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {d392f3ca-b0e1-11e3-9418-806e6f6e6963} - E:\setup.exe
HKU\S-1-5-21-968768310-279414444-468820066-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e90d08ca-7104-11e3-aa04-806e6f6e6963} - E:\Run.exe
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\.lnk [2016-03-29]
ShortcutTarget: .lnk -> C:\Program Files (x86)\schwartzkopf\beltran.exe (windows)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ok44445793.lnk [2016-03-29]
ShortcutTarget: ok44445793.lnk -> C:\Program Files (x86)\schwartzkopf\beltran.exe (windows)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-968768310-279414444-468820066-1000] => Proxy is enabled.
ProxyServer: [S-1-5-21-968768310-279414444-468820066-1000] => http=127.0.0.1:8877;https=127.0.0.1:8877
ProxyEnable: [S-1-5-21-968768310-279414444-468820066-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => Proxy is enabled.
ProxyServer: [S-1-5-21-968768310-279414444-468820066-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => http=127.0.0.1:8877;https=127.0.0.1:8877
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{073ED850-954A-4F7A-9E0C-85B857E49C85}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{14126EA1-8B8F-4C0F-8C91-D64BC6CA21E0}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{2A681A25-B26F-41BF-A2A9-FA59A2578388}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{2D21F65E-0E22-428B-81AD-77432C592104}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{310C2DBC-07EC-4142-B061-88EDF45A39DD}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3657F377-B0CF-410E-824F-ED763F1E1B18}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{5A13F34B-7D26-424C-8DA2-876CADD7DA3F}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{7FB838A6-E636-4B6D-9634-72F50745DE21}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{87FEA591-9AAA-41D7-B827-D8C99CF6B99A}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{89182A83-B030-45CA-9120-0CFD2A111367}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{8DD6C8EB-E4A4-4515-A8BF-C47E002DD34A}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{9220883C-9D14-4F8F-87BA-20D232CA037D}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{AF575AC8-7D5E-46E6-9167-43F5EAAD057C}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C9B2A453-4352-4997-B11B-A3594DE511CA}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{E0F5C7FF-D13D-467D-B964-2C76410BC4B1}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E305B20F-095D-40DC-BCFF-2DBD89D4C85C}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{EE6B7E9C-C823-4F04-8163-AE7FFE37EE9A}: [DhcpNameServer] 192.168.0.1
ManualProxies: 1http=127.0.0.1:8877;https=127.0.0.1:8877

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-968768310-279414444-468820066-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-968768310-279414444-468820066-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-968768310-279414444-468820066-1000 -> {44010992-42E9-4CE9-9262-729B7C38B6D0} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-968768310-279414444-468820066-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {44010992-42E9-4CE9-9262-729B7C38B6D0} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-26] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-26] (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-26] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-26] (Oracle Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\jh2r7z3u.default-1459977734060
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-23] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-26] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-23] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-27] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWvsniqknnm6GRBDaKP2thktG2ww3LaFloGhH2veOxikZCOVwyfTCqEGu6GweLbq3pSkMwhf2BHRM8CGQyO6OAjs_vpsjhf2ZqPpsOrcY40jflWTts-8meXyARuB-JD7kM4MUF4GyMQko0_JJFr4ZzsB-tU-Ypga_D7EhsbAe6
CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://www.google.com"
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-20]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-29]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [nogdfjjfhknacchjpiccacoimeelkajb] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [File not signed]
S2 amdacpusrsvc; C:\AMD\amdacpusrsvc.exe [82432 2014-04-17] () [File not signed]
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-09-19] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 barrens; C:\Windows\mcgrew.exe [9216 2016-03-29] (dimitris) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1314848 2016-01-19] ()
S3 celavimushost; C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [124120 2015-08-30] (altPUG LLC)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [242664 2012-05-09] (CyberLink)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-06-03] (Futuremark)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [227896 2016-03-25] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [5971000 2016-03-25] (GOG.com)
R2 mcnary; C:\Windows\waimea.exe [13312 2016-03-29] (razed) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-14] (Electronic Arts)
S4 RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [193888 2010-06-28] (Ralink Technology, Corp.)
S4 RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [211808 2010-06-28] (Ralink Technology, Corp.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6940944 2016-02-16] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 BstHdAndroidSvc; "C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android [X]
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [X]
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [297672 2015-07-15] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2014-09-19] (Advanced Micro Devices)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R1 BIOS; C:\Windows\system32\drivers\BIOS64.sys [14136 2011-01-10] (BIOSTAR Group)
R1 BIOS; C:\Windows\SysWOW64\drivers\BIOS64.sys [14136 2011-01-10] (BIOSTAR Group)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-10] (ManyCam LLC)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-06] (Malwarebytes)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-26] (Razer, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-04-24] (Duplex Secure Ltd.)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [194976 2015-12-18] (Oracle Corporation)
S3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [231112 2013-01-02] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [301256 2013-01-02] (VIA Technologies, Inc.)
U3 av26lrzc; C:\Windows\System32\Drivers\av26lrzc.sys [0 ] (AMD Technologies Inc.) <==== ATTENTION (zero byte File/Folder)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X]
S3 cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [X]
S3 cpuz137; \??\C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S3 X6va060; \??\C:\Windows\SysWOW64\Drivers\X6va060 [X]
S3 X6va061; \??\C:\Windows\SysWOW64\Drivers\X6va061 [X]
S3 X6va062; \??\C:\Windows\SysWOW64\Drivers\X6va062 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-06 17:32 - 2016-04-06 17:32 - 00023607 _____ C:\Users\User\Downloads\FRST.txt
2016-04-06 17:31 - 2016-04-06 17:32 - 00000000 ____D C:\FRST
2016-04-06 17:31 - 2016-04-06 17:31 - 02374144 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2016-04-06 17:22 - 2016-04-06 17:22 - 00000000 ____D C:\Users\User\Desktop\Old Firefox Data
2016-04-06 17:01 - 2016-04-06 17:01 - 03119168 _____ C:\Users\User\Downloads\adwcleaner_5.109 (1).exe
2016-04-06 16:46 - 2016-04-06 16:46 - 03119168 _____ C:\Users\User\Downloads\adwcleaner_5.109.exe
2016-04-06 16:46 - 2016-04-06 16:46 - 00000000 ____D C:\AdwCleaner
2016-04-06 16:30 - 2016-04-06 16:30 - 06871040 _____ C:\Program Files (x86)\GUTE392.tmp
2016-04-06 16:30 - 2016-04-06 16:30 - 00000000 ____D C:\Program Files (x86)\GUME391.tmp
2016-04-06 00:45 - 2016-04-06 15:41 - 00003804 _____ C:\Windows\System32\Tasks\214645463
2016-04-06 00:45 - 2016-04-06 15:41 - 00003640 _____ C:\Windows\System32\Tasks\114645463
2016-04-04 20:03 - 2016-04-06 17:32 - 00003670 _____ C:\Windows\System32\Tasks\4050023405002340500234050023
2016-04-04 20:03 - 2016-04-05 20:34 - 00003818 _____ C:\Windows\System32\Tasks\5UcRJKX3os3bBa9QObIz-ni-2016-03-29-ni-2140-ni-1
2016-03-29 22:03 - 2016-03-29 22:21 - 920370704 _____ C:\Users\User\Downloads\WEARVR-rapidrail-vr.mp4
2016-03-29 21:27 - 2016-03-29 21:29 - 00000000 ____D C:\Program Files (x86)\Malwa
2016-03-29 21:20 - 2016-03-29 21:20 - 00000000 ____D C:\ProgramData\HitmanPro
2016-03-29 21:06 - 2016-03-29 21:08 - 10457272 _____ (SurfRight B.V.) C:\Users\User\Desktop\HitmanPro.exe
2016-03-29 21:03 - 2016-04-06 17:13 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-29 21:03 - 2016-03-29 21:54 - 00000964 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-29 21:03 - 2016-03-29 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-29 21:03 - 2016-03-29 21:26 - 00000000 ____D C:\Program Files (x86)\rr
2016-03-29 21:03 - 2016-03-29 21:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-29 21:03 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-29 21:03 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-29 21:03 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-29 21:00 - 2016-03-29 21:02 - 22851472 _____ (Malwarebytes ) C:\Users\User\Desktop\mam-setup-2.2.1.1043.exe
2016-03-29 20:58 - 2016-03-29 20:58 - 04749272 _____ (Google) C:\Users\User\Downloads\chrome_cleanup_tool.exe
2016-03-29 20:22 - 2016-04-06 17:31 - 00004352 _____ C:\Windows\System32\Tasks\93916
2016-03-29 20:22 - 2016-03-29 21:52 - 00000000 ____D C:\Program Files (x86)\schwartzkopf
2016-03-29 20:22 - 2016-03-29 21:18 - 00000002 _____ C:\END
2016-03-29 20:22 - 2016-03-29 20:23 - 00000000 ____D C:\Program Files\Sound+
2016-03-29 20:22 - 2016-03-29 20:22 - 00000054 _____ C:\Windows\key.ini
2016-03-29 20:22 - 2016-03-29 20:22 - 00000014 _____ C:\Users\User\AppData\Local\77298626.txt
2016-03-29 20:22 - 2016-03-29 20:22 - 00000000 ____D C:\Program Files (x86)\softball
2016-03-29 20:22 - 2016-03-29 20:22 - 00000000 ____D C:\Program Files (x86)\polarity
2016-03-29 20:22 - 2016-03-29 20:22 - 00000000 ____D C:\Program Files (x86)\perfection
2016-03-29 20:22 - 2016-03-29 20:22 - 00000000 ____D C:\Program Files (x86)\InternetPlus
2016-03-29 20:22 - 2016-03-29 20:22 - 00000000 ____D C:\a
2016-03-29 20:21 - 2016-03-29 21:51 - 00000000 ____D C:\Program Files\BitTorrent
2016-03-29 20:21 - 2016-03-29 20:21 - 00000000 ____D C:\Windows\Snail Translator
2016-03-29 20:19 - 2016-03-29 20:19 - 06504960 _____ C:\Users\User\AppData\Roaming\agent.dat
2016-03-29 20:19 - 2016-03-29 20:19 - 01626416 _____ C:\Users\User\AppData\Roaming\TransCore.tst
2016-03-29 20:19 - 2016-03-29 20:19 - 00018432 _____ C:\Users\User\AppData\Roaming\Main.dat
2016-03-29 20:18 - 2016-03-29 21:51 - 00000000 ____D C:\Program Files (x86)\msrtn32
2016-03-29 20:18 - 2016-03-29 20:18 - 00127488 _____ C:\Users\User\AppData\Roaming\Installer.dat
2016-03-29 20:18 - 2016-03-29 20:18 - 00072699 _____ C:\Users\User\AppData\Roaming\Transla.tst
2016-03-29 20:17 - 2016-03-29 20:17 - 00041743 _____ C:\Windows\pontificating.exe
2016-03-29 20:17 - 2016-03-29 20:17 - 00041472 _____ (windows) C:\Windows\widget.exe
2016-03-29 20:17 - 2016-03-29 20:17 - 00013312 _____ (razed) C:\Windows\waimea.exe
2016-03-29 20:17 - 2016-03-29 20:17 - 00009216 _____ (dimitris) C:\Windows\mcgrew.exe
2016-03-29 20:17 - 2016-03-29 20:17 - 00002560 _____ C:\Users\User\AppData\Local\uninstall.exe
2016-03-29 20:17 - 2016-03-29 20:17 - 00000019 _____ C:\Windows\SysWOW64\84965567.bat
2016-03-29 20:16 - 2016-03-29 21:49 - 00000000 ____D C:\Program Files (x86)\S5
2016-03-29 20:16 - 2016-03-29 20:16 - 00000000 ____D C:\Users\User\AppData\Roaming\c
2016-03-29 20:16 - 2016-03-29 20:16 - 00000000 ____D C:\ProgramData\1459297001
2016-03-29 20:14 - 2016-03-29 20:14 - 00081747 _____ C:\Users\User\Downloads\Anshar wars2 downloader.exe.zip
2016-03-29 17:36 - 2016-03-29 17:36 - 00005120 _____ C:\Users\User\AppData\Local\download4.exe
2016-03-29 17:36 - 2016-03-29 17:36 - 00005120 _____ C:\Users\User\AppData\Local\download.exe
2016-03-26 22:50 - 2016-03-29 21:54 - 00001318 _____ C:\Users\Public\Desktop\STAR WARS Battlefront.lnk
2016-03-22 20:12 - 2016-03-22 20:12 - 00007680 _____ C:\Users\User\AppData\Local\tinstall.exe
2016-03-22 20:11 - 2016-03-22 20:11 - 00007680 _____ C:\Users\User\AppData\Local\tinstall4.exe
2016-03-18 01:00 - 2016-03-18 01:00 - 00000000 _____ C:\Users\User\AppData\Local\ok223.txt
2016-03-10 01:29 - 2016-03-10 01:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2016-03-10 01:27 - 2016-03-10 01:27 - 00000000 ____D C:\Program Files\SAMSUNG
2016-03-10 01:27 - 2014-06-16 02:01 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2016-03-10 01:27 - 2014-06-16 02:01 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2016-03-10 01:27 - 2014-06-16 02:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2016-03-10 01:27 - 2014-06-16 02:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2016-03-10 01:26 - 2016-03-10 01:26 - 00000000 ____D C:\ProgramData\Samsung
2016-03-10 01:25 - 2016-03-10 01:26 - 16007072 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\User\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.45.00.exe
2016-03-10 01:17 - 2016-04-05 20:34 - 00000000 ____D C:\Users\User\AppData\Roaming\SynciOS Data Transfer
2016-03-10 01:17 - 2016-03-10 01:29 - 00000000 ____D C:\Users\User\AppData\Roaming\Syncios
2016-03-10 01:17 - 2016-03-10 01:17 - 00000000 ____D C:\Users\User\Documents\Syncios
2016-03-10 01:17 - 2016-03-10 01:17 - 00000000 ____D C:\Users\User\AppData\Local\CrashRpt
2016-03-10 01:17 - 2016-03-10 01:17 - 00000000 ____D C:\Users\User\.android
2016-03-10 01:17 - 2016-03-10 01:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Syncios
2016-03-10 01:17 - 2016-03-10 01:17 - 00000000 ____D C:\Program Files (x86)\Syncios
2016-03-10 01:16 - 2016-03-10 01:16 - 66390912 _____ (Anvsoft, Inc. ) C:\Users\User\Downloads\setup_syncios.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-06 17:24 - 2015-08-06 10:16 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2016-04-06 17:11 - 2009-07-14 00:45 - 00028528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-06 17:11 - 2009-07-14 00:45 - 00028528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-06 16:52 - 2013-12-28 00:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-06 16:43 - 2015-08-07 21:32 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-06 16:37 - 2015-07-29 21:56 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-06 16:30 - 2015-07-29 21:56 - 00000000 ____D C:\Users\User\AppData\Local\Deployment
2016-04-06 16:23 - 2015-07-29 21:56 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-05 20:37 - 2015-07-29 21:56 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-05 20:33 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-04 19:44 - 2016-02-26 10:12 - 00000000 ____D C:\Users\User\rpkzclient
2016-03-31 23:57 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Globalization
2016-03-29 21:55 - 2016-02-29 23:14 - 00000840 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-03-29 21:55 - 2016-02-26 10:19 - 00001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-03-29 21:55 - 2015-12-29 01:16 - 00001639 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2016-03-29 21:55 - 2015-12-29 01:14 - 00002070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2016-03-29 21:55 - 2015-09-26 14:06 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-03-29 21:55 - 2013-04-24 23:58 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-03-29 21:55 - 2013-04-24 23:58 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-03-29 21:55 - 2013-04-24 21:31 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-29 21:55 - 2009-07-14 01:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-03-29 21:55 - 2009-07-14 00:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-29 21:55 - 2009-07-14 00:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-03-29 21:55 - 2009-07-14 00:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-03-29 21:55 - 2009-07-14 00:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-03-29 21:55 - 2009-07-14 00:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-03-29 21:54 - 2016-02-29 23:14 - 00000792 _____ C:\Users\User\Desktop\Start Tor Browser.lnk
2016-03-29 21:54 - 2016-02-20 15:12 - 00001711 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-03-29 21:54 - 2015-08-07 21:32 - 00000969 _____ C:\Users\Public\Desktop\Steam.lnk
2016-03-29 21:54 - 2015-08-06 10:15 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
2016-03-29 21:54 - 2015-07-30 03:55 - 00001203 _____ C:\Users\Public\Desktop\CEVO Client (CSGO).lnk
2016-03-29 21:49 - 2015-12-29 00:39 - 00000000 ____D C:\Program Files (x86)\Cain
2016-03-29 21:49 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-03-29 21:23 - 2016-02-15 02:16 - 100574663 _____ C:\Users\User\Downloads\VCW - Josephine.rar
2016-03-29 21:22 - 2016-02-15 02:11 - 130518999 _____ C:\Users\User\Downloads\part1.rar
2016-03-29 21:22 - 2016-02-15 01:39 - 103545116 _____ C:\Users\User\Downloads\HF.rar
2016-03-29 21:22 - 2016-01-04 00:58 - 09716410 _____ C:\Users\User\Downloads\How to Get IPs on Steam www.ebookleaks.org.rar
2016-03-29 21:22 - 2015-12-27 10:24 - 53950550 _____ C:\Users\User\Downloads\Anna Pack.rar
2016-03-29 21:14 - 2016-02-20 15:12 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2016-03-29 21:13 - 2009-07-14 00:45 - 00419856 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-29 20:33 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2016-03-29 20:32 - 2013-04-27 00:05 - 00000000 ____D C:\Program Files (x86)\Marvell
2016-03-29 20:31 - 2013-04-24 22:38 - 00000000 ____D C:\ProgramData\Real
2016-03-29 20:31 - 2013-04-24 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2016-03-29 20:31 - 2013-04-24 22:37 - 00000000 ____D C:\Users\User\AppData\Roaming\Real
2016-03-29 20:26 - 2013-04-24 21:28 - 00115088 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-29 20:22 - 2013-04-24 21:39 - 00000000 ____D C:\Program Files\CPUID
2016-03-29 17:17 - 2016-02-20 15:11 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-03-27 19:46 - 2015-12-25 13:39 - 00000000 ____D C:\Users\User\Documents\STAR WARS Battlefront
2016-03-27 13:55 - 2015-12-25 11:14 - 00000000 ____D C:\ProgramData\Origin
2016-03-27 00:07 - 2009-07-14 01:13 - 00786558 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-27 00:07 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-03-23 21:53 - 2013-04-24 21:33 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-23 21:53 - 2013-04-24 21:33 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-22 22:53 - 2016-02-25 16:27 - 00000237 _____ C:\Users\User\Desktop\tor.txt
2016-03-17 17:32 - 2015-07-29 21:49 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2016-03-15 21:49 - 2016-02-29 23:14 - 00000000 ____D C:\Users\User\Desktop\Tor Browser
2016-03-13 11:02 - 2016-02-26 10:20 - 00000000 ____D C:\Users\User\Desktop\clean
2016-03-10 01:35 - 2015-09-05 01:52 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client

==================== Files in the root of some directories =======

2013-12-27 22:41 - 2013-05-15 18:56 - 0059606 _____ () C:\Program Files\GeekyHippo3.bmp
2016-04-06 16:30 - 2016-04-06 16:30 - 6871040 _____ () C:\Program Files (x86)\GUTE392.tmp
2016-03-29 20:19 - 2016-03-29 20:19 - 6504960 _____ () C:\Users\User\AppData\Roaming\agent.dat
2016-03-29 20:18 - 2016-03-29 20:18 - 0127488 _____ () C:\Users\User\AppData\Roaming\Installer.dat
2016-03-29 20:19 - 2016-03-29 20:19 - 0018432 _____ () C:\Users\User\AppData\Roaming\Main.dat
2013-05-01 22:18 - 2015-07-30 03:54 - 0000181 _____ () C:\Users\User\AppData\Roaming\mainhst.zgh
2016-03-29 20:19 - 2016-03-29 20:19 - 1626416 _____ () C:\Users\User\AppData\Roaming\TransCore.tst
2016-03-29 20:18 - 2016-03-29 20:18 - 0072699 _____ () C:\Users\User\AppData\Roaming\Transla.tst
2016-03-29 20:22 - 2016-03-29 20:22 - 0000014 _____ () C:\Users\User\AppData\Local\77298626.txt
2016-03-29 17:36 - 2016-03-29 17:36 - 0005120 _____ () C:\Users\User\AppData\Local\download.exe
2016-03-29 17:36 - 2016-03-29 17:36 - 0005120 _____ () C:\Users\User\AppData\Local\download4.exe
2016-03-18 01:00 - 2016-03-18 01:00 - 0000000 _____ () C:\Users\User\AppData\Local\ok223.txt
2016-03-22 20:12 - 2016-03-22 20:12 - 0007680 _____ () C:\Users\User\AppData\Local\tinstall.exe
2016-03-22 20:11 - 2016-03-22 20:11 - 0007680 _____ () C:\Users\User\AppData\Local\tinstall4.exe
2016-03-29 20:17 - 2016-03-29 20:17 - 0002560 _____ () C:\Users\User\AppData\Local\uninstall.exe
2014-07-10 15:33 - 2014-07-10 15:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\User\7A1920D61156ABC05A60135AEFE8BC67.dat
C:\Users\User\matrix_cl_matrix_LIVE.dat
C:\Users\User\rn_cl_anarchy_LIVE.dat
C:\Users\User\rn_cl_anarchy_LIVE1.dat
C:\Users\User\system32log.dat


Some files in TEMP:
====================
C:\Users\User\AppData\Local\Temp\libeay32.dll
C:\Users\User\AppData\Local\Temp\msvcr120.dll
C:\Users\User\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-29 00:33

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-03-2016
Ran by User (2016-04-06 17:32:41)
Running from C:\Users\User\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-04-25 01:00:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-968768310-279414444-468820066-500 - Administrator - Disabled)
Guest (S-1-5-21-968768310-279414444-468820066-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-968768310-279414444-468820066-1009 - Limited - Enabled)
User (S-1-5-21-968768310-279414444-468820066-1000 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark (HKLM-x32\...\{12d6e0d7-21d5-4755-9da2-70352c6f7558}) (Version: 1.5.915.0 - Futuremark)
3DMark (Version: 1.5.915.0 - Futuremark) Hidden
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{8DF1EF50-AEB6-902C-F68C-4683C45784E6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Advanced Micro Devices, Inc.)
AMD PRO Control Center (HKLM-x32\...\{BDFBDA0C-2525-4EF1-85F4-78CC66D4F878}) (Version: 1.0.0.833 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Application Profiles (HKLM-x32\...\{148971EC-8755-A666-D384-8F2E9E8B0DC8}) (Version: 2.0.4854.34117 - Advanced Micro Devices, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.8.000 - Asmedia Technology)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Auto Mouse Click v7.2 (HKLM-x32\...\{F5E3859D-0720-41F0-BAF5-4CBCDFD8F406}_is1) (Version: 7.2 - MurGee.com)
Auto Mouse Clicker v4.1 (HKLM-x32\...\{C83F056D-E3D5-4308-B3ED-9FAFA8ACF821}_is1) (Version: - MurGee Softwares)
AutoHotkey 1.1.22.09 (HKLM\...\AutoHotkey) (Version: 1.1.22.09 - Lexikos)
Belkin USB Wireless Adapter (HKLM-x32\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.13 - Belkin)
Belkin USB Wireless Adapter (x32 Version: 1.0.0.13 - Belkin) Hidden
BlueStacks App Player (HKLM-x32\...\{AF0D9073-1AE0-4C21-AA70-41294AEFBDFD}) (Version: 2.0.8.5638 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.3 - Broadcom Corporation)
Cain & Abel 4.9.56 (HKLM-x32\...\Cain & Abel 4.9.56) (Version: - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM\...\Steam App 10190) (Version: - Infinity Ward)
CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CommView for WiFi (HKLM-x32\...\{CDED9EF0-D072-11DF-2EA6-0104A00B0BB3}) (Version: 7.1 - TamoSoft)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrossFire (HKLM-x32\...\CrossFire_is1) (Version: 1213 - Z8Games.com)
CrossFire BR (HKLM-x32\...\CrossFire BR_is1) (Version: V5138 - Z8Games.com)
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.115 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Futuremark SystemInfo (HKLM-x32\...\{AFBB2F94-A43D-46AD-8F77-66ACB3C71EDF}) (Version: 4.39.552.0 - Futuremark)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Gyazo 3.2.1 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Daybreak Games)
H1Z1: King of the Kill (HKLM-x32\...\Steam App 433850) (Version: - Daybreak Game Company)
Havij 1.17 Pro (HKLM-x32\...\Havij_is1) (Version: - ITSecTeam)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManyCam 3.1.51 (HKLM-x32\...\ManyCam) (Version: 3.1.51 - ManyCam LLC)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
ModifyRegistry version 0.1 (HKLM-x32\...\{1D5BE6B5-7FD4-4A78-90F2-AF6B53BC8C1C}_is1) (Version: 0.1 - VIA Technologies, Inc.)
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
Mumble 1.2.10 (HKLM-x32\...\{63243F5C-E941-4461-A4B0-2689A9A3BF13}) (Version: 1.2.10 - Thorvald Natvig)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Oracle VM VirtualBox 5.0.12 (HKLM\...\{6F93731D-89E1-4A8F-BDA9-D104860DDB02}) (Version: 5.0.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.2.10120 - Electronic Arts, Inc.)
PC Wizard 2012.2.11 (HKLM-x32\...\PC Wizard 2012_is1) (Version: - CPUID)
PC Wizard 2013.2.12 (HKLM-x32\...\PC Wizard 2013_is1) (Version: - CPUID)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
Platform (x32 Version: 1.40 - VIA Technologies, Inc.) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26914 - Razer Inc.)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
SmartClose 1.3 (HKLM-x32\...\SmartClose.{7F22CBCB-92B5-4F5D-9A34-BB690215BEF2}_is1) (Version: 1.3 - BM-productions)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.5.2252 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Syncios version 5.0.2 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 5.0.2 - Anvsoft, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.55321 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Tenda Wireless LAN Card (HKLM-x32\...\{192BCCC6-C47B-4473-B187-5164185A413C}) (Version: 1.0.0.0 - Tenda)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wireshark 2.0.1 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.0.1 - The Wireshark developer community, hxxps://www.wireshark.org)
ZipGenius 6 (HKLM-x32\...\{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1) (Version: 6.3 - Wininizio.it Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {003F2481-6C0D-462F-83E9-1E4CE6A9D0D6} - \AMD.PROCC WakeUp Computer -> No File <==== ATTENTION
Task: {05361193-F317-4374-8FB7-92C0AC594C39} - \GyazoUpdateTaskMachineDaily -> No File <==== ATTENTION
Task: {24D89F2B-BB34-42FF-A1FB-74C52F177B7F} - \AMD.PROCC CleanupTemporaryInternetFiles -> No File <==== ATTENTION
Task: {24DCA611-3E61-4060-A55D-4CE3FA5DAE6C} - System32\Tasks\5UcRJKX3os3bBa9QObIz-ni-2016-03-29-ni-2140-ni-1 => C:\Program Files (x86)\schwartzkopf\beltran.exe [2016-03-29] (windows)
Task: {32731D00-8E27-466C-8839-AC4A4B0EC0DB} - \GyazoUpdateTaskMachine -> No File <==== ATTENTION
Task: {3A74F7BD-098B-4DE5-BB2F-A4E638692702} - System32\Tasks\93916 => C:\Program Files (x86)\schwartzkopf\beltran.exe [2016-03-29] (windows) <==== ATTENTION
Task: {4EED6CC9-2847-4C5F-976B-90BEA90FA542} - System32\Tasks\4050023405002340500234050023 => C:\Program Files (x86)\schwartzkopf\beltran.exe [2016-03-29] (windows) <==== ATTENTION
Task: {533F7916-AF25-464F-88F5-662CE5F2DF15} - System32\Tasks\114645463 => C:\Program Files (x86)\polarity\riverboat.exe [2016-03-29] (multiplatform) <==== ATTENTION
Task: {6C26972B-2C30-4FD9-96F5-16C47F5E3333} - \AMD.PROCC CleanupCookies -> No File <==== ATTENTION
Task: {76B4E0D3-973B-45A5-AA99-9CF5CF0A6094} - \RealPlayerRealUpgradeScheduledTaskS-1-5-21-968768310-279414444-468820066-1000 -> No File <==== ATTENTION
Task: {972EC528-46DC-4779-B1C1-39844FDCFE8F} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {9FE882F7-0B9E-4E68-8CD3-2CE8FD07AC21} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {BA19DBC0-755E-4F09-A563-D9094325AE85} - \RealPlayerRealUpgradeLogonTaskS-1-5-21-968768310-279414444-468820066-1000 -> No File <==== ATTENTION
Task: {C355C30F-C05C-4CB7-BADC-3A7A042EC71E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {D537BF14-FED8-4A85-93C5-0FB7B34CB175} - \AutoKMS -> No File <==== ATTENTION
Task: {D5840736-B9C8-409C-880E-EAF07E853C5D} - \CommView for WiFi Update -> No File <==== ATTENTION
Task: {E03B017F-9F70-4BE2-AB94-BCC8FCBE008D} - System32\Tasks\214645463 => C:\Program Files (x86)\polarity\riverboat.exe [2016-03-29] (multiplatform) <==== ATTENTION
Task: {ED472C2E-97D7-4D1A-AE43-D08AC3CBAB4A} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {FE0D806D-936E-4588-8C63-48F3CB7F72FC} - \RealDownloaderDownloaderScheduledTaskS-1-5-21-968768310-279414444-468820066-1000 -> No File <==== ATTENTION
Task: {FF9F324F-E8B1-4654-93F8-641B74DDFF19} - \AMD.PROCC SleepHibernate Computer -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-07-15 21:39 - 2015-07-15 21:39 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2015-07-15 21:38 - 2015-07-15 21:38 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-09-23 16:47 - 2015-09-23 16:47 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 16:47 - 2015-09-23 16:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-23 15:11 - 2015-06-23 15:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-07-15 21:38 - 2015-07-15 21:38 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 00103424 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-01-11 11:36 - 2016-01-11 11:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2013-04-09 21:38 - 2013-04-09 21:38 - 01241088 _____ () C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll
2013-04-09 21:38 - 2013-04-09 21:38 - 02010624 _____ () C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 00198144 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\launcher.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 00317952 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 00203776 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\vstdlib.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 00390656 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\filesystem_stdio.dll
2015-10-23 19:09 - 2016-03-26 15:48 - 06971392 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\engine.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 00166912 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\inputsystem.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 01174016 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vphysics.dll
2015-10-23 19:09 - 2016-03-26 15:48 - 01242112 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 00355840 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\datacache.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 00610816 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\studiorender.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 00164864 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\soundemittersystem.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 00708096 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vscript.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 00134656 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\valve_avi.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 01336320 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vguimatsurface.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 00395264 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vgui2.dll
2015-10-23 19:09 - 2016-03-26 15:48 - 03276288 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\scaleformui.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 01769984 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\shaderapidx9.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 00143360 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\localize.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 00230912 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dbg.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 01016832 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dx9.dll
2015-10-23 19:09 - 2016-03-31 21:48 - 00584192 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\matchmaking.dll
2015-10-23 19:09 - 2016-04-02 00:52 - 12693504 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\client.dll
2015-10-23 19:09 - 2016-03-26 15:48 - 10247168 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\server.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 00094208 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\scenefilecache.dll
2015-10-23 19:09 - 2016-03-20 14:09 - 00084992 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vaudio_miles.dll
2015-10-23 19:09 - 2015-10-23 19:09 - 00071680 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssmp3.asi
2015-10-23 19:09 - 2015-10-23 19:09 - 00012800 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssds3d.flt
2015-10-23 19:09 - 2015-10-23 19:09 - 00055808 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\msseax.flt
2015-10-23 19:09 - 2016-03-20 14:09 - 00173568 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vaudio_celt.dll
2015-10-23 19:09 - 2016-03-26 15:48 - 00974336 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\serverbrowser.dll
2015-08-07 21:33 - 2016-03-10 20:56 - 00783360 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-07 21:33 - 2016-03-31 16:55 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-08-07 21:33 - 2015-07-03 12:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-07 21:33 - 2015-07-03 12:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-07 21:33 - 2015-07-03 12:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-08-07 21:33 - 2016-03-31 16:55 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-08-07 21:33 - 2016-02-08 19:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-08-07 21:33 - 2016-02-08 19:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-08-07 21:33 - 2016-02-08 19:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-08-07 21:33 - 2016-02-08 19:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-08-07 21:33 - 2016-02-08 19:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-03-08 22:37 - 2016-02-17 18:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-08-07 21:33 - 2016-02-08 21:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\User:Heroes & Generals [38]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-968768310-279414444-468820066-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-968768310-279414444-468820066-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.76.76 - 75.75.75.75
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: PDF Architect Helper Service => 2
MSCONFIG\Services: PDF Architect Service => 2
MSCONFIG\Services: RalinkRegistryWriter => 2
MSCONFIG\Services: RalinkRegistryWriter64 => 2
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: RtHDVCpl => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: RUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BC1FAFD6-FFFD-4A62-9C49-1F3EFDC93856}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{304E5613-A735-4E21-8ECC-9F3375A8DB62}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [TCP Query User{10D768AA-7919-4854-9F15-233292F9207E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{B1DF00EC-28E4-47D9-AD95-A004E3CD38FA}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{2EBDEFDE-8DFD-4EBF-85DB-C19A55212F5F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{27985B41-520F-49B8-854E-753822635911}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{C1603B2D-C37E-430B-87A7-53F1DE707FE8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D35D5D09-7831-4E20-94FC-D7E0732AA965}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EEED1DAF-3109-41F1-9552-3D6A1A2C5F96}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1D82D919-F58E-4114-8DDE-056376612D32}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{ED3B2384-7DE0-4CEC-BB28-2513F3A18032}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{008B88AF-E114-44AC-9EFA-09700E7293D7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{284EF98D-D228-44CE-9EA0-83605392C5E6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{7AC75961-849D-4DD2-8C7D-0662F7D5F54A}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E1DD6807-06D4-4A88-8732-ABD53DD40522}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{A06CDC87-FAAE-485F-9101-C36DC5A34808}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{CDE495F5-AB60-4F51-B4FE-7B49E5C18175}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DBC28EBD-14E9-47E2-91AA-BEEFABA2C5BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{655AB1DC-37DE-4C4E-AA33-1F3DDF0D1F49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [TCP Query User{38B7F10E-5323-4133-99C0-3E448D2CA56E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{0D366E77-C242-41F2-8194-795875BF39E4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{3E0FF72D-94EA-495D-BC96-DE4F327D9BC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{9A1D0096-E8F9-4548-AF14-9ACA6C89F8B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{06DE002B-0F23-40F2-A5AC-025C0FDED314}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{AD01D888-0018-4A47-9025-81EF4AD5CD71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{F552F8AA-83EE-44EE-B872-0985F616D92B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{677AEAA3-B0C6-4445-BE4F-FB67AB72247B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{AADF35AB-4FE2-4486-82DD-65A8795919EE}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{783CD95C-3400-4E14-BC76-AFCD0893E693}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{086B2B48-7591-483B-89D7-3B8AF3D75B68}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{FBC1C428-E9C0-4A0A-891E-723C945FC3EC}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{1B1BC585-74F3-4439-8ADE-FB29E461515D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{60960083-3F3B-4E77-A08F-560B89F3202E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3BCCFC67-B7D6-40E0-80F3-C04EA16A3486}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{98AEA813-336D-4900-86DA-8F70B582FD24}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{20797362-9966-49A4-8F35-C5054621D6B5}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E2AA5A9C-EA9E-4755-95E9-4792F4A7ED32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{EE3AF07F-DF99-479B-9D32-108AC2631065}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{8663F059-369F-4173-B0DD-F07E173A0A27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{103B5537-887A-47D7-8050-9976E2A7BAC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F2C56135-3CCE-4E37-8B94-12A0C240E22F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{9699A51A-D2C2-4491-95E7-9574712D37E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{C49861C3-3DF0-4AE1-9BDC-077AAB26656A}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{84501A21-97B4-4B85-89E0-F94B407FA163}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [TCP Query User{B7F23F7E-89D3-4D83-B10C-14BB1087FF09}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{D70CE5AD-4AFA-4DC3-8EF4-2265E8F2A0FE}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [TCP Query User{631AA798-67DD-4E8B-9300-BAFEFFD6EB5B}C:\program files (x86)\cain\cain.exe] => (Allow) C:\program files (x86)\cain\cain.exe
FirewallRules: [UDP Query User{40AB7BCD-F9B9-4CBE-8C4B-F9A792A45B35}C:\program files (x86)\cain\cain.exe] => (Allow) C:\program files (x86)\cain\cain.exe
FirewallRules: [{354C2F0B-5851-4BDF-861C-091A5BB238FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{234EE53A-4D86-4764-84BA-ACF1219A0225}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{0711E90B-F7B3-478B-AA77-77CCA2E4D070}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{CA43FE31-28C9-4B63-A22E-00C5E9083F7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{851F516E-7539-4DC6-A837-3D2CD331C2AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{38F3E4EB-8BF5-4B45-9560-4FE882AA01B7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8A654069-2753-4E26-97A0-DE5A797A65AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{012FA63C-10CB-4B18-A5D0-D60FA9541650}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4E772E01-DB13-4025-A9EA-88A489A5E712}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{F8D4D27F-68C1-4359-B8C2-FB200188F3DD}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{119F3F02-879F-45C8-8EBA-052B60E4512F}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{892379AA-D1CD-4EEB-9A90-03638A1D17AD}] => (Allow) C:\Users\User\AppData\Local\tinstall.exe
FirewallRules: [{54F8CD69-93B2-4B91-A382-972E5466D13F}] => (Allow) C:\Users\User\AppData\Local\tinstall.exe
FirewallRules: [{7F46A94E-479C-45D1-8245-443FB3603183}] => (Allow) C:\Users\User\AppData\Local\uid.exe
FirewallRules: [{0707C31E-F896-425D-B762-D10BB9A5C16A}] => (Allow) C:\Users\User\AppData\Local\uid.exe
FirewallRules: [{29EB9408-E545-46DD-8F99-DCCF95DDEE6F}] => (Allow) C:\Users\User\AppData\Local\download.exe
FirewallRules: [{2B02FE90-1B63-4B89-97A2-98203AC1C4E8}] => (Allow) C:\Users\User\AppData\Local\download.exe
FirewallRules: [{22958374-FFA3-41D7-A592-F34A484C465D}] => (Allow) C:\Users\User\AppData\Local\Temp\setup.exe
FirewallRules: [{127343DB-28BC-41E1-8D38-99046B6466D7}] => (Allow) C:\Users\User\AppData\Local\Temp\setup.exe
FirewallRules: [{78CEC915-A0F2-413C-93F1-79271E7A66C9}] => (Allow) C:\Program Files (x86)\schwartzkopf\beltran.exe
FirewallRules: [{53683809-F073-4F1F-A4AB-04604988C6C9}] => (Allow) C:\Program Files (x86)\schwartzkopf\beltran.exe
FirewallRules: [{F495A8C6-F5C0-4B34-B7B4-767E5CDD5D6C}] => (Allow) C:\Program Files (x86)\schwartzkopf\getcap.exe
FirewallRules: [{71B893A3-9695-4E27-845F-CB45AAFF2C53}] => (Allow) C:\Program Files (x86)\schwartzkopf\getcap.exe
FirewallRules: [{2A0AC51E-693D-4B84-AC38-5C130B48B278}] => (Allow) C:\a\winonit.exe
FirewallRules: [{D1EA32D0-3E71-4E5E-AE6C-80463F2EF9EC}] => (Allow) C:\a\winonit.exe
FirewallRules: [{8F60E122-8B1F-48EA-AFAE-3100170E788D}] => (Allow) C:\Program Files (x86)\schwartzkopf\millage.exe
FirewallRules: [{584C2789-C032-4789-9C94-0EEFB0563A6C}] => (Allow) C:\Program Files (x86)\schwartzkopf\millage.exe
FirewallRules: [{DFB7ADBF-CEA9-45A6-9F81-7484FCF577D2}] => (Allow) C:\a\vchk.exe
FirewallRules: [{DCDE3FB8-3B67-4F84-BB05-B96F97DBF85C}] => (Allow) C:\a\vchk.exe
FirewallRules: [{7E68EDA2-0A42-43CB-B20A-AC3928E69606}] => (Allow) C:\a\5UcRJKX3os3bBa9QObIz-ni-2016-03-29-ni-2140-ni-1.exe
FirewallRules: [{E2ED0F70-CDEF-4CB4-9A8A-244FFE60813B}] => (Allow) C:\a\5UcRJKX3os3bBa9QObIz-ni-2016-03-29-ni-2140-ni-1.exe
FirewallRules: [{A67B4505-87A0-4A66-812D-806C9311D136}] => (Allow) C:\Program Files (x86)\polarity\riverboat.exe
FirewallRules: [{4C0757DD-58EF-405E-8E82-B68FBF0E3161}] => (Allow) C:\Program Files (x86)\polarity\riverboat.exe
FirewallRules: [{B4B463FE-053B-4A3F-B42C-171EB4EC31F3}] => (Allow) C:\Program Files (x86)\perfection\tetroxide.exe
FirewallRules: [{666F105B-00FD-4235-9582-E0C14608EA87}] => (Allow) C:\Program Files (x86)\perfection\tetroxide.exe
FirewallRules: [{529117CC-3333-4A9E-BFDA-9E0FFD360619}] => (Allow) C:\Program Files (x86)\schwartzkopf\beltran.exe
FirewallRules: [{CD7E9E31-E273-4337-8801-BCDA6036FDAD}] => (Allow) C:\Program Files (x86)\schwartzkopf\beltran.exe
FirewallRules: [{0A6F5DEB-46A6-4152-9811-E5CDEAB3ADFD}] => (Allow) C:\Program Files (x86)\polarity\riverboat.exe
FirewallRules: [{4F9645B1-F7E3-41D5-8CE5-84A04ADF4CC9}] => (Allow) C:\Program Files (x86)\polarity\riverboat.exe
FirewallRules: [{0C61B2EF-AE3F-46F5-B459-9B270F0F0970}] => (Allow) C:\Program Files (x86)\perfection\tetroxide.exe
FirewallRules: [{BCF89FB9-897F-4F7C-99C8-A8BC99DA11A7}] => (Allow) C:\Program Files (x86)\perfection\tetroxide.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: BlueStacks Hypervisor
Description: BlueStacks Hypervisor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BstHdDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ACP Kernel Service Driver
Description: ACP Kernel Service Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: amdacpksd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.2.0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/06/2016 04:18:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 49.0.2623.110, time stamp: 0x56f5d850
Faulting module name: chrome.exe, version: 49.0.2623.110, time stamp: 0x56f5d850
Exception code: 0x40000015
Fault offset: 0x00062370
Faulting process id: 0x1608c
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (04/06/2016 04:18:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mb2m.exe, version: 2.3.173.0, time stamp: 0x56e065b4
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x16078
Faulting application start time: 0xmb2m.exe0
Faulting application path: mb2m.exe1
Faulting module path: mb2m.exe2
Report Id: mb2m.exe3

Error: (04/06/2016 02:34:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: csgo.exe, version: 0.0.0.0, time stamp: 0x56da83c3
Faulting module name: tier0.dll, version: 0.0.0.0, time stamp: 0x56e9ae39
Exception code: 0x40000015
Fault offset: 0x0002135e
Faulting process id: 0xd5b0
Faulting application start time: 0xcsgo.exe0
Faulting application path: csgo.exe1
Faulting module path: csgo.exe2
Report Id: csgo.exe3

Error: (04/06/2016 02:34:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: steamerrorreporter.exe, version: 3.37.92.83, time stamp: 0x56fd7681
Faulting module name: steamerrorreporter.exe, version: 3.37.92.83, time stamp: 0x56fd7681
Exception code: 0x40000015
Fault offset: 0x0000cf8c
Faulting process id: 0x12d68
Faulting application start time: 0xsteamerrorreporter.exe0
Faulting application path: steamerrorreporter.exe1
Faulting module path: steamerrorreporter.exe2
Report Id: steamerrorreporter.exe3

Error: (04/06/2016 01:37:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: riverboat.exe, version: 4.9.5.66, time stamp: 0x56fb1b0a
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18869, time stamp: 0x556366fd
Exception code: 0xe0434f4d
Fault offset: 0x000000000000b3dd
Faulting process id: 0x%9
Faulting application start time: 0xriverboat.exe0
Faulting application path: riverboat.exe1
Faulting module path: riverboat.exe2
Report Id: riverboat.exe3

Error: (04/06/2016 01:37:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: beltran.exe, version: 1.0.2.0, time stamp: 0x56fb1b0b
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18869, time stamp: 0x556366fd
Exception code: 0xe0434f4d
Fault offset: 0x000000000000b3dd
Faulting process id: 0x%9
Faulting application start time: 0xbeltran.exe0
Faulting application path: beltran.exe1
Faulting module path: beltran.exe2
Report Id: beltran.exe3

Error: (04/05/2016 08:34:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/05/2016 06:10:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: steamwebhelper.exe, version: 3.37.92.83, time stamp: 0x56fd763f
Faulting module name: libcef.dll, version: 3.2526.1348.0, time stamp: 0x56b87a6e
Exception code: 0x40000015
Fault offset: 0x01d429dc
Faulting process id: 0xbe8c
Faulting application start time: 0xsteamwebhelper.exe0
Faulting application path: steamwebhelper.exe1
Faulting module path: steamwebhelper.exe2
Report Id: steamwebhelper.exe3

Error: (04/05/2016 06:10:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: beltran.exe, version: 1.0.2.0, time stamp: 0x56fb1b0b
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18869, time stamp: 0x556366fd
Exception code: 0xe0434f4d
Fault offset: 0x000000000000b3dd
Faulting process id: 0xbc18
Faulting application start time: 0xbeltran.exe0
Faulting application path: beltran.exe1
Faulting module path: beltran.exe2
Report Id: beltran.exe3

Error: (04/05/2016 06:10:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: beltran.exe, version: 1.0.2.0, time stamp: 0x56fb1b0b
Faulting module name: ntdll.dll, version: 6.1.7601.18869, time stamp: 0x556366f2
Exception code: 0xc00000fd
Fault offset: 0x0000000000054f50
Faulting process id: 0x%9
Faulting application start time: 0xbeltran.exe0
Faulting application path: beltran.exe1
Faulting module path: beltran.exe2
Report Id: beltran.exe3


System errors:
=============
Error: (04/06/2016 05:21:33 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/06/2016 05:21:33 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/06/2016 05:21:29 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/06/2016 05:21:29 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/06/2016 04:30:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly. It has done this 2 time(s).

Error: (04/06/2016 04:30:14 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/06/2016 04:30:14 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/06/2016 04:30:09 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/06/2016 04:30:09 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/06/2016 04:24:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).


CodeIntegrity:
===================================
Date: 2016-02-26 09:09:03.339
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2016-02-26 09:09:03.335
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2016-02-26 09:09:03.332
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2016-02-26 09:09:03.278
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2016-02-26 09:09:02.388
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2016-02-26 09:09:02.384
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2016-02-26 09:09:02.379
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2016-02-26 09:09:02.325
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2016-02-26 09:09:00.094
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2016-02-26 09:09:00.090
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume1\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.


==================== Memory info ===========================

Processor: AMD FX(tm)-8320 Eight-Core Processor
Percentage of memory in use: 44%
Total physical RAM: 8148.73 MB
Available physical RAM: 4491.49 MB
Total Virtual: 10194.93 MB
Available Virtual: 6176.23 MB

==================== Drives ================================

Drive c: (Win7-AMDFX) (Fixed) (Total:910.16 GB) (Free:651.96 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:21.35 GB) (Free:3.21 GB) NTFS
Drive e: (DVD_ROM) (CDROM) (Total:4.37 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D1375EBC)
Partition 1: (Active) - (Size=910.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=21.4 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

Link to post
Share on other sites

[IMG] Fix with Farbar Recovery Scan Tool
 

[IMG] This fix was created for this user for use on that particular machine. [IMG]
[IMG] Running it on another one may cause damage and render the system unstable. [IMG]


Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
 

  • Right-click on [IMG] icon and select [IMG] Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.


Please attach it to your reply.

fixlist.txt

Link to post
Share on other sites

Okay, let's make a final check:

 

[IMG] Scan with Malwarebytes' Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.

  • Install the progam and select update.
  • Once updated, click the Settings tab, in the left panel choose Detection & Protection and tick Scan for rootkits.
  • In the same tab, under PUP and PUM detections make sure it is set to Treat detections as malware.
  • Click the Scan tab, choose Threat Scan is checked and click Start Scan.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.

Link to post
Share on other sites

  • 1 month later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.