Jump to content

I think I installed a virus


Recommended Posts

I recently received a msg through STEAM from someone I used to play counterstike with. It had a link to a vimeo page saying that some of my gameplay was in it, intrigued i clinked the link and it said I needed flash player so proceeded to clink the install button, AVG popped up with a detection and said it was removed but on booting up my pc i get a error named mcrtvclient.exe

 

Can anyone help me remove this problem?

Thank you in advance

Mick

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-07-2016
Ran by Mickey's (administrator) on MICKEY (26-07-2016 22:59:49)
Running from C:\Users\Mickey's\Downloads
Loaded Profiles: Mickey's (Available Profiles: Mickey's)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Users\Mickey's\Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(NVIDIA Corporation) C:\Users\Mickey's\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
(Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
(Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
(Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3820440 2016-04-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)
HKLM-x32\...\Run: [ghost] => C:\Users\Mickey's\Documents\GIGABYTE\AIVIA GHOST\ghostopen.exe [191488 2012-09-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24204648 2016-07-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2131344 2016-06-20] (Wondershare)
HKU\S-1-5-21-747868735-2588589844-2642923601-1000\...\Run: [AVG-Secure-Search-Update_0913b] => C:\Users\Mickey's\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid d065c05b39d947d3b2a66d16b258ebf5-ad1491be2ce6c122f6b66faa90e70c2decf7d34c --CMPID 0913b
HKU\S-1-5-21-747868735-2588589844-2642923601-1000\...\Run: [Comrade.exe] => G:\Comrade.exe
HKU\S-1-5-21-747868735-2588589844-2642923601-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-747868735-2588589844-2642923601-1000\...\Run: [AppleWebKit] => C:\Users\Mickey's\AppData\Roaming\lappclimtfldr\mcrtvclient.exe [34808 2011-10-07] (NetSupport Ltd)
HKU\S-1-5-21-747868735-2588589844-2642923601-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-747868735-2588589844-2642923601-1000\...\MountPoints2: {549729a5-cde7-11e5-9e62-bc5ff4bc0206} - F:\AutoRun.exe
HKU\S-1-5-21-747868735-2588589844-2642923601-1000\...\MountPoints2: {549729b3-cde7-11e5-9e62-bc5ff4bc0206} - F:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [43816 2015-04-26] (Apple Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2014-03-23]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-07-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 5.79.79.150 pagead2.googlesyndication.com
Tcpip\Parameters: [DhcpNameServer] 61.9.134.49 61.9.133.193
Tcpip\..\Interfaces\{2E6B0A17-CDB7-4380-B161-B06017E95B55}: [DhcpNameServer] 61.9.134.49 61.9.133.193
Tcpip\..\Interfaces\{46B320FA-D8B4-488E-897D-490E94E0CC3D}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{87FB9865-4B5F-4370-BF86-FAA30749FDA9}: [DhcpNameServer] 61.9.134.49 61.9.133.193

Internet Explorer:
==================
HKU\S-1-5-21-747868735-2588589844-2642923601-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-747868735-2588589844-2642923601-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-au/?pc=UE07&ocid=UE07DHP
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-17] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-17] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-747868735-2588589844-2642923601-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-747868735-2588589844-2642923601-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-07-21] ()

Chrome: 
=======
CHR HomePage: Default -> hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=AU&userid=08fb83b6-07e3-07d6-2ef5-62ad8acfa5c5&searchtype=hp&installDate=27/08/2013
CHR StartupUrls: Default -> ""
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Profile: C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-29]
CHR Extension: (DayZ Theme) - C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghjlgemheiifgmffahbkacgajijlimcc [2013-12-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3647384 2016-04-21] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [336152 2016-04-21] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1392648 2016-07-09] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-02] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-04-03] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-09-06] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-06-27] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [285152 2010-08-26] ()
S3 WsDrvInst; "E:\MobileTrans\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [299440 2016-01-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [296368 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [255920 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [300464 2015-08-04] (AVG Technologies CZ, s.r.o.)
R3 CMUSBDAC; C:\Windows\System32\DRIVERS\CMUSBDAC.sys [594944 2014-09-19] (C-MEDIA)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-31] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-08-17] (Echobit, LLC)
R3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
S3 GPUZ; C:\Windows\TEMP\GPUZ.sys [27008 2014-06-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 sxuptp; system32\DRIVERS\sxuptp.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-26 22:59 - 2016-07-26 22:59 - 02394112 _____ (Farbar) C:\Users\Mickey's\Downloads\FRST64.exe
2016-07-26 22:59 - 2016-07-26 22:59 - 00023564 _____ C:\Users\Mickey's\Downloads\FRST.txt
2016-07-26 22:59 - 2016-07-26 22:59 - 00000000 ____D C:\FRST
2016-07-26 22:45 - 2016-07-26 22:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-26 22:44 - 2016-07-26 22:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-26 22:44 - 2016-07-26 22:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-26 22:44 - 2016-07-26 22:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-26 22:44 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-07-26 22:44 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-26 22:44 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-07-26 22:42 - 2016-07-26 22:43 - 22851472 _____ (Malwarebytes ) C:\Users\Mickey's\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-22 19:19 - 2016-07-24 03:18 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-22 19:19 - 2016-07-22 19:19 - 00003888 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-07-22 19:16 - 2016-07-22 19:17 - 00000000 _RSHD C:\Users\Mickey's\AppData\Roaming\lappclimtfldr
2016-07-22 19:16 - 2016-07-22 19:17 - 00000000 _RSHD C:\Users\Mickey's\AppData\Roaming\ethpackrs
2016-07-22 19:16 - 2016-07-22 19:16 - 00587776 _____ (Igor Pavlov) C:\Users\Mickey's\AppData\Roaming\77kjf.exe
2016-07-22 19:16 - 2016-07-22 19:16 - 00587776 _____ (Igor Pavlov) C:\Users\Mickey's\AppData\Roaming\66z.exe
2016-07-22 19:16 - 2016-07-22 19:16 - 00118005 _____ (Browser Player) C:\Users\Mickey's\Downloads\install_flаshplayer_x86_x64_vspta_win7_10.exe
2016-07-22 19:16 - 2016-07-22 19:16 - 00000008 _____ C:\Users\Mickey's\AppData\Roaming\mxw.bin
2016-07-20 14:01 - 2016-07-20 14:01 - 00000000 ____D C:\Windows\EOONotify
2016-07-20 11:24 - 2016-07-20 11:24 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2016-07-20 11:24 - 2016-07-20 11:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2016-07-20 11:15 - 2016-07-20 11:15 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2016-07-20 10:38 - 2016-07-20 11:27 - 00000000 ____D C:\Users\Mickey's\AppData\Roaming\Wondershare
2016-07-20 10:38 - 2016-07-20 11:27 - 00000000 ____D C:\Users\Mickey's\.android
2016-07-20 10:38 - 2016-07-20 10:38 - 00000000 ____D C:\Users\Mickey's\AppData\Roaming\HMYGSetting
2016-07-20 10:38 - 2016-07-20 10:38 - 00000000 ____D C:\Users\Mickey's\AppData\Local\Wondershare
2016-07-20 10:38 - 2016-07-20 10:38 - 00000000 ____D C:\ProgramData\Wondershare
2016-07-13 17:54 - 2016-06-26 10:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-13 17:54 - 2016-06-26 10:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-13 17:54 - 2016-06-26 10:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-13 17:54 - 2016-06-26 10:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-13 17:54 - 2016-06-26 10:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-13 17:54 - 2016-06-26 10:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-13 17:54 - 2016-06-26 10:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-07-13 17:54 - 2016-06-26 05:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-07-13 17:54 - 2016-06-26 05:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-13 17:54 - 2016-06-26 05:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-13 17:54 - 2016-06-26 05:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-07-13 17:54 - 2016-06-26 05:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-07-13 17:54 - 2016-06-22 23:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-13 17:54 - 2016-06-18 04:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-13 17:54 - 2016-06-18 04:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-13 17:54 - 2016-06-18 04:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-13 17:54 - 2016-06-18 04:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-13 17:54 - 2016-06-18 04:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-13 17:54 - 2016-06-18 04:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-13 17:54 - 2016-06-15 01:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-13 17:54 - 2016-06-11 16:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-13 17:54 - 2016-06-11 14:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-13 17:54 - 2016-06-11 07:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-13 17:54 - 2016-06-11 07:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-07-13 17:54 - 2016-06-11 07:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-07-13 17:54 - 2016-06-11 07:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-13 17:54 - 2016-06-11 07:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-07-13 17:54 - 2016-06-11 07:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-13 17:54 - 2016-06-11 07:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-07-13 17:54 - 2016-06-11 07:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-13 17:54 - 2016-06-11 07:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-13 17:54 - 2016-06-11 07:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-07-13 17:54 - 2016-06-11 07:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-13 17:54 - 2016-06-11 07:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-13 17:54 - 2016-06-11 07:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-13 17:54 - 2016-06-11 07:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-07-13 17:54 - 2016-06-11 07:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-13 17:54 - 2016-06-11 07:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-07-13 17:54 - 2016-06-11 06:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-13 17:54 - 2016-06-11 06:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-13 17:54 - 2016-06-11 06:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-13 17:54 - 2016-06-11 06:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-13 17:54 - 2016-06-11 06:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-07-13 17:54 - 2016-06-11 06:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-07-13 17:54 - 2016-06-11 06:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-13 17:54 - 2016-06-11 06:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-13 17:54 - 2016-06-11 06:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-07-13 17:54 - 2016-06-11 06:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-13 17:54 - 2016-06-11 06:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-13 17:54 - 2016-06-11 06:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-13 17:54 - 2016-06-11 06:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-07-13 17:54 - 2016-06-11 06:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-13 17:54 - 2016-06-11 05:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-13 17:54 - 2016-06-11 05:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-13 17:54 - 2016-06-11 05:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-13 17:54 - 2016-06-11 05:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-13 17:54 - 2016-06-11 05:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-13 17:54 - 2016-06-11 04:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-07-13 17:54 - 2016-06-11 04:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-13 17:54 - 2016-06-11 04:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-13 17:54 - 2016-06-11 04:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-07-13 17:54 - 2016-06-11 04:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-13 17:54 - 2016-06-11 04:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-13 17:54 - 2016-06-11 04:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-13 17:54 - 2016-06-11 04:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-07-13 17:54 - 2016-06-11 04:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-13 17:54 - 2016-06-11 04:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-13 17:54 - 2016-06-11 04:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-13 17:54 - 2016-06-11 04:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-07-13 17:54 - 2016-06-11 04:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-13 17:54 - 2016-06-11 04:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-13 17:54 - 2016-06-11 04:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-07-13 17:54 - 2016-06-11 04:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-07-13 17:54 - 2016-06-11 04:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-07-13 17:54 - 2016-06-11 04:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-13 17:54 - 2016-06-11 04:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-13 17:54 - 2016-06-11 04:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-07-13 17:54 - 2016-06-11 04:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-13 17:54 - 2016-06-11 04:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-13 17:54 - 2016-06-11 04:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-13 17:54 - 2016-06-11 04:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-13 17:54 - 2016-06-11 04:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-07-13 17:54 - 2016-06-11 03:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-13 17:54 - 2016-06-11 03:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-13 17:54 - 2016-06-11 03:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-13 17:54 - 2016-06-11 03:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-12 19:18 - 2016-07-12 19:18 - 00111373 _____ C:\Users\Mickey's\Downloads\1.7.10-OreSheepMod-v3.1.0.jar
2016-07-12 19:12 - 2016-07-12 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-07 20:21 - 2016-07-07 20:21 - 00000000 ____D C:\Users\Mickey's\Desktop\Lets Play
2016-07-01 19:01 - 2016-07-01 19:02 - 00000000 ____D C:\Users\Mickey's\Desktop\Modded World

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-26 22:57 - 2016-05-02 21:26 - 00000908 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-07-26 22:57 - 2014-08-17 20:20 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-07-26 22:57 - 2014-03-23 14:58 - 00000000 ____D C:\Users\Mickey's\Documents\temp
2016-07-26 22:57 - 2013-08-01 20:07 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-26 22:57 - 2013-08-01 18:00 - 00000000 ____D C:\Windows\Panther
2016-07-26 22:57 - 2013-08-01 02:22 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-26 22:57 - 2009-07-14 15:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-26 22:31 - 2016-05-02 21:26 - 00000912 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-07-26 22:17 - 2013-08-01 20:07 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-26 21:46 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\tracing
2016-07-26 21:41 - 2009-07-14 14:45 - 00029968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-26 21:41 - 2009-07-14 14:45 - 00029968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-26 15:31 - 2016-06-12 17:08 - 00367629 _____ C:\IFRToolLog.txt
2016-07-26 15:22 - 2009-07-14 15:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-26 15:22 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\inf
2016-07-26 15:20 - 2013-08-18 15:53 - 00000000 ____D C:\ProgramData\MFAData
2016-07-26 02:03 - 2013-08-01 21:59 - 00000000 ____D C:\Users\Mickey's\AppData\Roaming\TS3Client
2016-07-24 19:46 - 2014-03-04 10:37 - 00000000 ____D C:\Users\Mickey's\AppData\Local\Arma 3
2016-07-24 15:04 - 2015-05-31 15:01 - 00000000 ____D C:\Users\Mickey's\AppData\Roaming\Curse Client
2016-07-22 19:19 - 2013-08-01 20:07 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-22 19:19 - 2013-08-01 20:07 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-22 19:19 - 2013-08-01 20:06 - 00000000 ____D C:\Users\Mickey's\AppData\Local\Adobe
2016-07-20 14:01 - 2015-04-06 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-20 14:01 - 2015-04-06 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-20 10:38 - 2013-08-01 02:04 - 00000000 ____D C:\Users\Mickey's
2016-07-17 12:22 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-17 00:23 - 2013-08-02 17:39 - 00000000 ____D C:\Users\Mickey's\AppData\Local\ElevatedDiagnostics
2016-07-15 21:44 - 2014-03-04 10:37 - 00000000 ____D C:\Users\Mickey's\Documents\Arma 3
2016-07-14 16:36 - 2016-02-13 12:24 - 00000000 ____D C:\Windows\rescache
2016-07-14 12:32 - 2015-07-15 20:09 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-14 12:32 - 2015-07-15 20:09 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-14 12:19 - 2009-07-14 14:45 - 00270560 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-14 05:59 - 2014-12-11 11:31 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-14 05:59 - 2011-04-12 18:28 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-14 03:03 - 2013-08-15 22:25 - 00000000 ____D C:\Windows\system32\MRT
2016-07-14 03:00 - 2013-08-02 18:12 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-13 16:08 - 2013-08-01 20:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-13 16:08 - 2013-08-01 20:07 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-12 19:12 - 2016-05-02 21:26 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-07-01 19:00 - 2015-04-01 20:23 - 00000000 ____D C:\Users\Mickey's\AppData\Local\ftblauncher

==================== Files in the root of some directories =======

2016-07-22 19:16 - 2016-07-22 19:16 - 0587776 _____ (Igor Pavlov) C:\Users\Mickey's\AppData\Roaming\66z.exe
2016-07-22 19:16 - 2016-07-22 19:16 - 0587776 _____ (Igor Pavlov) C:\Users\Mickey's\AppData\Roaming\77kjf.exe
2015-12-28 22:44 - 2015-12-28 22:44 - 0000132 _____ () C:\Users\Mickey's\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-09-07 11:29 - 2015-12-28 22:41 - 0000132 _____ () C:\Users\Mickey's\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-03-14 18:17 - 2016-05-04 13:05 - 0000300 _____ () C:\Users\Mickey's\AppData\Roaming\BreakingPoint_Login.ini
2014-03-14 18:19 - 2016-05-04 13:11 - 0001764 _____ () C:\Users\Mickey's\AppData\Roaming\BreakingPoint_Options.ini
2016-07-22 19:16 - 2016-07-22 19:16 - 0000008 _____ () C:\Users\Mickey's\AppData\Roaming\mxw.bin
2014-09-08 17:37 - 2014-09-08 17:37 - 0040448 ___SH () C:\Users\Mickey's\AppData\Roaming\Thumbs.db
2014-09-15 06:01 - 2015-12-29 10:44 - 0001456 _____ () C:\Users\Mickey's\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-06-12 19:11 - 2014-06-12 19:11 - 0000017 _____ () C:\Users\Mickey's\AppData\Local\resmon.resmoncfg
2016-06-12 17:03 - 2016-06-12 17:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Mickey's\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Mickey's\AppData\Local\Temp\ResetDevice.exe
C:\Users\Mickey's\AppData\Local\Temp\TsuE80497F6.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-17 11:44

==================== End of FRST.txt ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-07-2016
Ran by Mickey's (2016-07-26 23:00:03)
Running from C:\Users\Mickey's\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-07-31 16:04:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-747868735-2588589844-2642923601-500 - Administrator - Disabled)
Guest (S-1-5-21-747868735-2588589844-2642923601-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-747868735-2588589844-2642923601-1003 - Limited - Enabled)
Mickey's (S-1-5-21-747868735-2588589844-2642923601-1000 - Administrator - Enabled) => C:\Users\Mickey's

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A3Launcher version 0.0.0.9 (HKLM-x32\...\{E31045B4-9DB5-9EBD-44DF-BD4CFDE640DF}_is1) (Version: 0.0.0.9 - Maca134)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\Adobe Photoshop CS6) (Version: 13.0.0.0 - © The Computer Guy Tony)
AIVIA GHOST (HKLM-x32\...\{4E711815-5F4E-47F2-B1E1-C0B43A8D57F3}) (Version: 1.06.0000 - GIGABYTE)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6201 - AVG Technologies)
AVG 2015 (Version: 15.0.4627 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6201 - AVG Technologies) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BigPond Broadband Cable (HKLM-x32\...\{9C2D6495-AB6C-4f71-9A15-BB69329C1663}) (Version: 7.1 - Inteweave Pty Limited)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Breaking Point (HKLM-x32\...\Breaking Point 5.0.2.9) (Version: 5.0.2.9 - The Zombie Infection)
Breaking Point (x32 Version: 5.0.2.9 - The Zombie Infection) Hidden
CM Storm Havoc Gaming Mouse (HKLM-x32\...\{A9C8E687-9371-4283-A4D4-96E07C0A3597}) (Version: 1.1.3 - Cooler Master)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DayZLauncher version 0.0.0.7 (HKLM-x32\...\{E31045B4-9DB5-44DF-9EBD-BD4CFDE640FD}_is1) (Version: 0.0.0.7 - Maca134)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Drift Streets Japan (HKLM\...\Steam App 412880) (Version:  - JDM4iK)
Dropbox (HKLM-x32\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.39.1 - Dropbox, Inc.) Hidden
Far Cry 4 (HKLM-x32\...\Steam App 298110) (Version:  - Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FileParade Bundle (HKLM-x32\...\FileParade Bundle) (Version: 1.0.0.0 - FileParade Bundle) <==== ATTENTION
GameSpy Comrade (HKLM-x32\...\{894084B6-BC69-43B7-BF06-B93AECFEA520}) (Version: 2.1.1.214 - GameSpy)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.67.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.67.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.4.59.0 (HKLM\...\PROSetDX) (Version: 18.4.59.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
NBTExplorer (HKLM-x32\...\{70417A42-7BA4-4801-BE5E-2C095BDC3048}) (Version: 2.7.1.0 - Justin Aquadro)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
Play withSIX Windows client (HKU\S-1-5-21-747868735-2588589844-2642923601-1000\...\PlaywithSIX) (Version: 1.66.1166.5 - SIX Networks GmbH)
Project Reality: BF2 (HKLM\...\Project Reality: BF2 (pr)_is1) (Version: v1.2 - Project Reality)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.0 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
TP-LINK TL-WDN3800 Driver (HKLM-x32\...\{D2FAC054-7623-436B-9239-E4C8E752FA14}) (Version: 1.3.1 - TP-LINK)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Windows Driver Package - Atheros Communications Inc. (arusb_lhx) Net  (09/25/2008 3.1.0.101) (HKLM\...\B090418E214D6BD6EE18A512A8EE609225AC9279) (Version: 09/25/2008 3.1.0.101 - Atheros Communications Inc.)
Windows Driver Package - NETGEAR Inc. (RTL8187) Net  (12/01/2006 6.1258.1201.2006) (HKLM\...\5AF8BE22A56B38B1816F36BAC6A71F1277E45440) (Version: 12/01/2006 6.1258.1201.2006 - NETGEAR Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wolfenstein: The New Order (HKLM-x32\...\Steam App 201810) (Version:  - Machine Games)
Wondershare Helper Compact 2.5.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.0 - Wondershare)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BB649AA-A53D-4B49-B797-72FC5462A12E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-02] (Dropbox, Inc.)
Task: {1607B6BF-4A8D-4B96-8BD2-37A324EC1896} - System32\Tasks\{2DB5145A-54BE-4E13-B1C7-4BF4E3B73428} => pcalua.exe -a C:\Users\Mickey's\Desktop\ARMA2_OA_Build_108074.exe -d C:\Users\Mickey's\Desktop
Task: {1F23F22B-09EE-4CCE-A6D9-6D839852A209} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {1F3F3ECE-42DC-401E-9B07-05B4751CC3B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {240C930D-0D70-4641-ACB9-A5178D3FE7C8} - System32\Tasks\{643C4896-1902-4689-BA4F-53CF443C989F} => pcalua.exe -a "C:\Users\Mickey's\Downloads\BP_Installer (1).exe" -d C:\Users\Mickey's\Downloads
Task: {3EA0F619-9349-4AFE-82CE-A3877A4EB5DB} - System32\Tasks\{4FC6FF96-2048-4044-B82B-D47292E7C4BE} => pcalua.exe -a "C:\Program Files (x86)\GIGABYTE\OC_GURU II V1.67_B140605.exe" -d "C:\Program Files (x86)\GIGABYTE"
Task: {46C94F91-8403-453C-B846-921D6385C784} - System32\Tasks\Microsoft\Windows\Setup\EOONotify => C:\Windows\EOONotify\EOONotify.exe [2016-07-09] (Microsoft Corporation)
Task: {4D9C2FEA-60FC-4633-B1FC-D4466E65B0F9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {755C810D-A3D9-4F6A-96AD-57ACBAE05B5A} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {82B4CC78-8FCC-43E9-BAD7-D36AC757619C} - System32\Tasks\{DB6A1DE8-3987-490F-91A4-6AACE5E385AE} => pcalua.exe -a "C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\Expansion\beta\Setup_BattlEyeARMA2OA.exe" -d "C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\Expansion\beta"
Task: {8D3EB9F8-373D-4B6D-8540-FCFC7499B9A4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-22] (Adobe Systems Incorporated)
Task: {8E1ECC68-6DC8-4DD6-9EFF-8A79D8FD7432} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {8EFD0C74-FADE-45B4-819A-648704C27DEC} - System32\Tasks\{D86429CB-784D-4FA0-A02E-C7B15A1D6952} => pcalua.exe -a "G:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe" -d "G:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\BEsetup"
Task: {99C67B95-FFE5-45FA-AF1F-0F476DB54E07} - System32\Tasks\{FD636239-C63B-4466-B5A0-888E3EFE1177} => pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Microsoft\vcredist_x86.exe" -d "C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Microsoft\" -c /q
Task: {9E52475C-799B-415D-85D8-0F1BFB617C80} - System32\Tasks\{1F449F21-FAFF-4457-B4F5-A9D155354639} => pcalua.exe -a "C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ARMA2_OA_Build_112555.exe" -d "C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead"
Task: {B52284F3-3256-4F28-8CEC-C13F8DD3DD94} - System32\Tasks\{611A7BC4-50E6-42A3-B2C7-961E35731964} => pcalua.exe -a "C:\Users\Mickey's\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9BYOAD7O\JavaSetup8u91.exe" -d C:\Users\Mickey's\Desktop
Task: {C3399A15-822B-41DA-A8F5-0CD3B78115CB} - System32\Tasks\{08825A08-E24C-4BBC-8762-458599E245F6} => pcalua.exe -a "C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\BEsetup\setup_BattlEyeARMA2.exe" -d "C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\BEsetup"
Task: {D4CC7FC0-355D-4286-93A6-C033CAAD2C98} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-02] (Dropbox, Inc.)
Task: {DCFC237E-F232-47DD-80A7-CAF9A5BEAB34} - System32\Tasks\{A6962FF3-0FE8-4378-A1E9-D5521181CAC7} => pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Microsoft\vcredist_x64.exe" -d "C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Microsoft"
Task: {E06E03CB-42A7-4032-BB7B-BF8BE4C55FC3} - System32\Tasks\{06A989AB-B644-46AD-A352-917DA0D2D955} => pcalua.exe -a "C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe" -d "C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\BEsetup"
Task: {E475D3F0-DD09-403E-A400-D6736FE167B4} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {F8FB96AA-D0B4-4A1F-AFD6-3EF06EF4497E} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Mickey's\AppData\Local\Microsoft\Windows\GameExplorer\{FBF16FE5-B78B-4C17-903F-B65BDAC79E8F}\SupportTasks\0\Support.lnk -> hxxp://techsupport.ea.com/

==================== Loaded Modules (Whitelisted) ==============

2013-08-01 02:22 - 2016-06-03 13:26 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-04 20:25 - 2016-05-02 15:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-04 20:25 - 2016-05-02 15:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-04 20:25 - 2016-05-02 15:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-01-15 22:00 - 2016-05-02 15:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-07-05 00:05 - 2015-09-06 23:12 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-11-25 13:05 - 2010-08-26 16:48 - 00285152 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
2016-05-04 20:25 - 2016-05-02 15:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-04 20:25 - 2016-05-02 15:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-04 20:25 - 2016-05-02 15:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-01-15 22:00 - 2016-05-02 15:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-05-04 20:25 - 2016-05-02 15:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-04 20:25 - 2016-05-02 15:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2012-09-18 15:41 - 2012-09-18 15:41 - 00191488 _____ () C:\Users\Mickey's\Documents\GIGABYTE\AIVIA GHOST\GHOSTOPEN.exe
2013-12-20 14:54 - 2016-05-02 16:00 - 00167480 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2013-12-20 14:54 - 2016-05-02 16:01 - 00862776 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-11-25 13:05 - 2010-10-28 10:37 - 00368640 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2015-03-31 21:28 - 2016-05-02 16:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-07-20 10:38 - 2016-06-20 14:48 - 01506304 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-07-20 10:38 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-06-12 18:14 - 2014-09-28 16:59 - 00019872 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll
2012-11-16 20:43 - 2016-06-11 02:08 - 50601984 _____ () C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll
2014-08-17 14:12 - 2014-02-10 11:44 - 04592128 _____ () C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-08-17 14:12 - 2014-02-10 11:44 - 00112128 _____ () C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2016-06-12 17:07 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-747868735-2588589844-2642923601-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-747868735-2588589844-2642923601-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-747868735-2588589844-2642923601-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-747868735-2588589844-2642923601-1000\...\sony.com -> sony.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 12:34 - 2014-09-07 10:03 - 00000869 ____A C:\Windows\system32\Drivers\etc\hosts

5.79.79.150 pagead2.googlesyndication.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-747868735-2588589844-2642923601-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mickey's\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 61.9.134.49 - 61.9.133.193
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2738E9F3-DB34-4065-BF92-6F76AA63B16B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{A3D7D93A-5EED-4373-AF98-65E32E433A36}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8D5D5DB0-6395-4DB4-9A82-2B1F25AF300B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4F3127F0-F92C-4937-86D3-1603F5904E32}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E3372992-E164-4CB0-82D5-45F14DC9F1DD}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{3D396B1E-D177-4012-B8C8-659BA3851E00}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [TCP Query User{7DDD1019-9533-491E-89EE-9A18EE22323C}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaold.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaold.exe
FirewallRules: [UDP Query User{EBBCB406-B699-4ADB-A30A-95327089DDB4}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaold.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaold.exe
FirewallRules: [TCP Query User{FC80FB76-950C-4B3A-A835-BF58BF2417E9}C:\program files (x86)\steam\steamapps\common\arma2oa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma2oa.exe
FirewallRules: [UDP Query User{73A68530-06B8-4AA1-9217-0B4046D46F4C}C:\program files (x86)\steam\steamapps\common\arma2oa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma2oa.exe
FirewallRules: [TCP Query User{9C300027-D67E-4DC0-B264-0C6514160CA8}E:\steamlibrary\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe] => (Allow) E:\steamlibrary\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe
FirewallRules: [UDP Query User{EF430DDD-9AA4-4043-ABEF-BE35F714965F}E:\steamlibrary\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe] => (Allow) E:\steamlibrary\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe
FirewallRules: [TCP Query User{12C73A90-AE35-493C-AF71-8F1375D752EF}C:\users\mickey's\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\mickey's\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{B0FEC943-A752-4F49-AE14-47D0E2890E1B}C:\users\mickey's\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\mickey's\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [{42286D87-6681-4876-BF34-20399F299D40}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{FD709B68-6D6C-4BDD-B466-4B5EBA4EB59E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{BB4DEB8B-ACE3-4C5D-8F16-9575CB388600}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{538425F8-0A0F-41E0-9A22-E302B7DE2656}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{A06B494E-EA92-4CB9-A0DC-A7EF253A50E3}E:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) E:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{2FE2468F-5462-44BE-A174-B7F156FAD9B2}E:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) E:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{ED54B522-01AB-4629-B4EF-FE4191CF46B4}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8ECA4682-942A-4C6E-BBF6-ED686B9D9E99}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5D582AB9-7606-4E9E-836F-0A0AEDD398C1}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{CFE00A03-E5E2-408E-ACD7-AA75291CC0A0}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{9656C4CF-73FB-44E7-BBC9-BF0EA42CAFDB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AEC69670-7380-4C83-A6F0-7592FCF7D441}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{917095C6-5EE0-4B9A-BF0C-6287AA7BC4B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{82437509-9381-46F3-BEBC-EDA0F31646E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{E7375E64-5D7C-4E80-9253-D2C2C90EA422}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{8EFD9360-AB5E-4CD1-9D5C-8D29392D6DDB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [TCP Query User{78F6EEB3-83BE-417C-ADCA-CD4FB7192317}C:\users\mickey's\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\mickey's\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{BAEF75B8-74C0-4BC7-9748-B0D8CB4606A4}C:\users\mickey's\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\mickey's\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [{621A655F-F340-41E8-A86C-6196A7047F2F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{FE410510-ADD1-4293-BBF5-999D77113B04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{34BAB9FB-BAB9-4014-9060-CDB40CEAD046}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6299089C-9574-4FEB-8023-1F31814AB683}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{75ABC8C3-F7B1-4EE0-9EB5-8FF6C8E6B57C}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{D8763035-24A7-41F7-B1A8-95E2C9BCD60F}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{43509B76-1027-46FC-9308-0E71031E2500}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E357D3D9-53F1-444E-AF8C-B73BC5133450}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{265875D6-D291-4CB2-8B60-3BF47EA83293}] => (Allow) E:\SteamLibrary\SteamApps\common\NZA\bin\NZA.exe
FirewallRules: [{FAAD4D52-B2F6-4BE6-B474-CC676790E83A}] => (Allow) E:\SteamLibrary\SteamApps\common\NZA\bin\NZA.exe
FirewallRules: [{17D75D6A-87C2-46E3-A4DE-587954E3CDC1}] => (Allow) E:\SteamLibrary\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{D3F26D99-580A-4C5C-8EBE-88FCDC864D1E}] => (Allow) E:\SteamLibrary\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [TCP Query User{F62288FA-898A-43F1-AC55-2A52383888EC}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe
FirewallRules: [UDP Query User{F8086582-E9EB-4114-B994-18209A292C48}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe
FirewallRules: [{3DE9E11F-3507-4180-A67C-A2583162383E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{4410F531-C469-4892-8F77-7FAACB89E4C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{BBEAC0F0-48E4-4253-9627-7BBD59CC299C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{8AB1A307-AAD1-4453-8EB6-C3DCCBE0B943}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{624B1A4E-EFC1-43B0-808A-1C033552F755}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\Expansion\beta\Arma2OA.exe
FirewallRules: [{F16AAC9D-846C-4F21-B521-CABB2FB8B636}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\Expansion\beta\Arma2OA.exe
FirewallRules: [TCP Query User{3931C20A-FA31-4943-A275-B2A89E429EE1}E:\steamlibrary\steamapps\common\arma 3\breakingpoint.exe] => (Allow) E:\steamlibrary\steamapps\common\arma 3\breakingpoint.exe
FirewallRules: [UDP Query User{1E4B3D07-205E-445A-B90E-DEDCEF91EAE2}E:\steamlibrary\steamapps\common\arma 3\breakingpoint.exe] => (Allow) E:\steamlibrary\steamapps\common\arma 3\breakingpoint.exe
FirewallRules: [{765F0398-005C-47F2-B70D-62F7DE2A5ABD}] => (Allow) E:\SteamLibrary\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{72D9E1FC-AE01-47E9-9D89-02D3BD030A2C}] => (Allow) E:\SteamLibrary\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{96EDBB2F-CFF3-41F2-887C-4646F373C6CC}] => (Allow) E:\SteamLibrary\SteamApps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{508EA1C3-2FCD-43A0-A0A7-2EE5C3069021}] => (Allow) E:\SteamLibrary\SteamApps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{5B2F56BE-DB47-4B8B-8760-CBBB1A54968E}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{08AC0E1F-3D50-4783-92AD-500B157A3D26}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [TCP Query User{A2D07216-09D5-4FAC-8ACC-16AF15BF1330}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{528B2906-B8C5-4E63-B96B-11C92804A80C}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{08D45945-1660-4794-B383-738F5CC2BBCF}C:\program files (x86)\pfportchecker\pfportchecker.exe] => (Allow) C:\program files (x86)\pfportchecker\pfportchecker.exe
FirewallRules: [UDP Query User{1873E8AE-F718-4C5D-89E5-A8C9ADE37AA5}C:\program files (x86)\pfportchecker\pfportchecker.exe] => (Allow) C:\program files (x86)\pfportchecker\pfportchecker.exe
FirewallRules: [{6A26EE5A-8394-4BEC-B516-F940DCC90F52}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{8CD78A6D-D8FC-4B9D-B971-0F3F8D9776E7}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{8B6C5C64-42D1-47D5-B7B2-0560BAF43A41}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{12AAB8F9-A47E-4210-B4DC-E21F59091F78}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{C6642247-3197-4C77-B479-5835E1F1FEE4}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{7720C86B-94FD-4A81-8B27-2D067C034B93}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{E2C5F88A-3E0F-4311-8E0D-19BFDAA85AB2}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{1DBF13EE-3404-40F2-9B84-E4DFDAA62523}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{BFE95083-CD26-4481-A77E-23720CC069B3}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{4A401563-20A7-477B-BC27-C3A71F50C12A}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{F10AB20C-B45F-4EEE-AAB0-F20AC1EB6517}] => (Allow) LPort=25565
FirewallRules: [{A583D44C-145A-4901-97EE-8D7C8B61F05C}] => (Allow) E:\SteamLibrary\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{F776AB1F-3D36-40A2-99D7-01689B1C68DA}] => (Allow) E:\SteamLibrary\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{465F379A-F699-4335-9226-D5BE574B2CF5}] => (Allow) G:\Steam\SteamApps\common\Rust\legacy\rust.exe
FirewallRules: [{81D32C48-1071-4D2E-9C70-FFD38A2ACE7C}] => (Allow) G:\Steam\SteamApps\common\Rust\legacy\rust.exe
FirewallRules: [{854F58F8-87F1-4EE5-ACD3-E7B25A78F049}] => (Allow) G:\Steam\SteamApps\common\Rust\experimental\Rust.exe
FirewallRules: [{529F0128-FF8C-4FA3-B329-3D9191DCA651}] => (Allow) G:\Steam\SteamApps\common\Rust\experimental\Rust.exe
FirewallRules: [{E8A92C74-3C2B-47E7-859B-0F723D4CE64F}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{64EAC77F-15B1-4D82-AD26-A1AAF4E85FA2}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [{64274327-63A0-4CFB-AE58-FAEB1208CED2}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{EAA4213B-908B-439C-973F-BFF8FC45251C}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{B582BFA6-02BC-4996-8250-2D121E719891}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Block) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [UDP Query User{34A604F5-C540-4D0A-A5E1-EB4514C7BCE4}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Block) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [{C941722E-E5CF-46DC-8D71-D46503B03B10}] => (Allow) G:\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{67313E7A-7D2C-4EB0-84BC-700D5D435E8B}] => (Allow) G:\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{C7C42599-DF8D-47AF-9E54-406538186F42}] => (Allow) G:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{94FF6182-5EDD-427C-A36C-968F59C8C27B}] => (Allow) G:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{82E54798-315C-4FB2-ADE1-B83CE044AABD}] => (Allow) G:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{A03CA4E3-448E-49DB-B8C4-4F6578B4DAA5}] => (Allow) G:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{6C3B6FBC-702D-47E6-8395-7E618F51DE20}] => (Allow) G:\Steam\SteamApps\common\Rust\experimental\Rust.exe
FirewallRules: [{7BD08635-63CB-4C7F-9FFA-CA824CD8ACDA}] => (Allow) G:\Steam\SteamApps\common\Rust\experimental\Rust.exe
FirewallRules: [{A360867C-355C-4D58-B88B-6C24BFC14812}] => (Allow) G:\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{2151CBE1-F64D-4410-8B47-6865B132DCB8}] => (Allow) G:\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{79BC0840-79E5-45B5-B3BD-7611E5B60523}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{42FB3AB1-DEAA-41DC-AEF6-BE5C86E89AF3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{0DBD04E2-5E3C-4C6E-9261-05FC105892FC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{F84AE906-CEEF-409C-90F8-A202ED818DCB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{4BBDD4F1-9726-4637-8BCD-CC26749FB214}] => (Allow) G:\Steam\steamapps\common\Battlefield 2\prbf2.exe
FirewallRules: [{87E7B053-1B49-4559-81BF-893D899F4AB8}] => (Allow) G:\Steam\steamapps\common\Battlefield 2\mods\pr\bin\PRLauncher.exe
FirewallRules: [{C98E8E0E-FD73-46FE-9B70-3E2E22DD7CFD}] => (Allow) G:\Steam\steamapps\common\Battlefield 2\mods\pr\bin\PRUpdater.exe
FirewallRules: [{8981F6FD-5C5E-4B25-958E-BF2CFEA29168}] => (Allow) G:\Steam\steamapps\common\Battlefield 2\mods\pr\bin\PRMumble\PRMumble.exe
FirewallRules: [TCP Query User{AD35E902-1080-419E-A742-F6F9E58E9A22}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{85E7D8FD-B5FF-465B-967A-306CE8DCC9FF}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{B11E963E-E271-49D7-95F8-D5F22C04781F}] => (Allow) E:\SteamLibrary\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{9561222C-41DE-4DEB-8DBD-CF48C76B4CEE}] => (Allow) E:\SteamLibrary\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{F226F778-4DC0-4CAF-AE46-05C93AE4BAC4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1DF629A0-4820-4C77-8A72-6A9EB16853DF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{424B62CE-3023-4844-90CD-05F6004D52EA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{32288AE5-9960-4BBE-A671-66E3C5F81B2A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{22789FAC-5005-4C81-8373-8C5D1B184926}] => (Allow) E:\SteamLibrary\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{6F2A580D-4EEF-4B85-A9DE-1C6C09905791}] => (Allow) E:\SteamLibrary\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{717BC5F3-4FA6-4442-B3FE-A22016408336}] => (Allow) G:\Steam\SteamApps\common\Rust\legacy\rust.exe
FirewallRules: [{0C646020-6EBF-498B-BC12-A6D81D8D6BC6}] => (Allow) G:\Steam\SteamApps\common\Rust\legacy\rust.exe
FirewallRules: [{75E04179-7F22-4D27-998A-51AFD6941F1A}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{E4629D44-9E42-49F4-B246-2CD97E4294B6}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{7B705E52-69AB-471E-91FD-D200CC0EACEE}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{B9D63D9A-256A-475B-B5AD-EA7703D092FB}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{E6D470E6-472A-4CAE-9ED9-F1554985CD09}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{DD41FBAA-0CBC-4D89-ACE4-250E6932D1E9}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{387BE08F-8211-405F-91DE-6965D3433F5D}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{09EA1AE2-1FCD-4CE3-80ED-F44EEFA03802}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{2872E8DA-F149-4A88-A75B-6CDA1736ACEF}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{3F23DC5A-A753-4E9C-BC46-BA0663EB9963}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{F60104BB-C67F-4A14-8BBD-14828368E517}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{B98E9265-C498-448A-94F3-254DD0059FBA}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{55381C6D-9124-4070-8048-62690EF14130}C:\program files (x86)\a3launcher\a3launcher.exe] => (Allow) C:\program files (x86)\a3launcher\a3launcher.exe
FirewallRules: [UDP Query User{74306AE9-AD21-4B06-A9E6-531BDE4601E2}C:\program files (x86)\a3launcher\a3launcher.exe] => (Allow) C:\program files (x86)\a3launcher\a3launcher.exe
FirewallRules: [{A094F1D2-D45B-4336-906C-DB0FC5962698}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{03843268-61D1-4AE2-943D-EC1B44637301}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [TCP Query User{3D7040B1-2A2D-4D7A-9CF5-5589FE77B4D0}C:\users\mickey's\appdata\local\playwithsix\app-1.66.1166.5\play.exe] => (Allow) C:\users\mickey's\appdata\local\playwithsix\app-1.66.1166.5\play.exe
FirewallRules: [UDP Query User{FC44BA1C-8000-495E-914E-8F04B4818DAB}C:\users\mickey's\appdata\local\playwithsix\app-1.66.1166.5\play.exe] => (Allow) C:\users\mickey's\appdata\local\playwithsix\app-1.66.1166.5\play.exe
FirewallRules: [TCP Query User{271B5193-2B82-4A1E-9EAD-417EAA3C4EA9}G:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) G:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{C160009A-13F7-450C-A98D-AF40054BA8B4}G:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) G:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{5750BD67-90E2-4A5E-855C-CCDFF0FFBE51}E:\gta5.exe] => (Allow) E:\gta5.exe
FirewallRules: [UDP Query User{7FAD7B62-1A8B-4BC0-B3FE-DFD5A73E39BC}E:\gta5.exe] => (Allow) E:\gta5.exe
FirewallRules: [{543B1960-3003-4A45-8807-64298A808A29}] => (Allow) G:\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{7118A09F-C7F9-49F7-9B0F-4884A51C8CF4}] => (Allow) G:\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{E35AF8B7-FB65-452F-9008-41E920E24B4B}] => (Allow) G:\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{3E67DB22-2405-4A7F-8290-6FB36BA3E29D}] => (Allow) G:\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{015435B0-C81C-47E4-A158-AE48DEBEAE34}C:\users\mickey's\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\mickey's\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{B5B7D1B7-A89B-4A59-9F62-97B6EE7DB9E5}C:\users\mickey's\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\mickey's\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{7ECBC869-7BC5-4DB3-826F-3A8058A659AB}] => (Allow) G:\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{7D5C1E21-404D-4133-8FCB-75D31FBE38CB}] => (Allow) G:\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{E8F07D27-CFCE-4E06-9C5A-4FA42AD91834}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A3E01D39-0CA4-402C-9492-ADA92DE0AE4A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{59369058-C236-491B-BBAA-26783932F825}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DDDAD1FD-3057-46C1-B4F2-71EACA94D4CA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7D8F4887-269C-40F3-8A97-6CE66932C3F9}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{81A315B6-3A44-4F5F-9317-E8678BBAF560}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{3572194B-8EAE-4CA3-8769-BDFF2D6B6292}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{D32A526F-0954-49FB-8B1D-15DC8D61A665}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{785FC34D-BE03-4BE3-8355-205DF4E72C3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CEA166C0-A505-40FE-8A4C-41B0DA7C42BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D77ABF3C-0970-4A5D-9935-A7ECB98E9498}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{70B042C5-6B36-4059-B910-F94018AC161C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2BCA368F-7201-413B-BA2A-1CF1985E2198}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C3E3EAD8-D4DF-4483-80F2-455D24B9523C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{226B6084-7052-4066-8BC0-88A8C6FC51B5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{F0D67C78-735B-4907-8F87-A020D293ECE8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{2D3318E9-2BDA-4912-916D-738141361F75}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{48BE801D-187B-4E53-A740-C2A9E5A3129E}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{8AF6F4D8-A879-4E55-B3F2-91526948BC12}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{307578A1-424B-4FFC-BA6A-3A6657301F51}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [TCP Query User{C0795940-F9D6-496F-A506-6085860C0415}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{E959F464-E6F1-4CFA-8235-11B3CD66654E}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [TCP Query User{BAE544E8-CEC2-4EE6-B9D2-D9DC8C5DB076}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{A01B657C-C235-498F-AF98-966023F8884C}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{C61B9DBE-2789-4A54-ADB1-16DE9F5A5CEB}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{B2922266-AD7A-4C2A-B9AE-96033EBFCAC5}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{4079328E-2884-43F5-8C82-AE6CAC5AE304}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{13CF9708-3C2B-4768-9198-5CEA220DAE0B}] => (Allow) E:\SteamLibrary\SteamApps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [TCP Query User{FE7B5ABB-59F3-47D0-A3BD-380B52587157}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{487496F1-330D-4C75-9FFA-5B428E36BBC5}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [TCP Query User{DC2A4682-D0BC-4CD3-9817-ADF3343F37A5}C:\users\mickey's\appdata\local\temp\rar$exa0.428\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) C:\users\mickey's\appdata\local\temp\rar$exa0.428\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [UDP Query User{19BD6817-EE67-4851-B164-9AF35BCB6187}C:\users\mickey's\appdata\local\temp\rar$exa0.428\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) C:\users\mickey's\appdata\local\temp\rar$exa0.428\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [TCP Query User{A62CAA13-B507-4284-BF85-41D42B03B8FB}C:\users\mickey's\desktop\ts server\ts3server_win64.exe] => (Allow) C:\users\mickey's\desktop\ts server\ts3server_win64.exe
FirewallRules: [UDP Query User{8474E6EF-6DEA-4E79-9987-A1C5FE9A72CB}C:\users\mickey's\desktop\ts server\ts3server_win64.exe] => (Allow) C:\users\mickey's\desktop\ts server\ts3server_win64.exe
FirewallRules: [TCP Query User{54073EDF-ABE1-4BBA-B120-B57A0884B0CF}C:\users\mickey's\desktop\teamspeak\ts3server_win64.exe] => (Allow) C:\users\mickey's\desktop\teamspeak\ts3server_win64.exe
FirewallRules: [UDP Query User{C8FA0632-41ED-4CCD-8EA1-243A8A93A04F}C:\users\mickey's\desktop\teamspeak\ts3server_win64.exe] => (Allow) C:\users\mickey's\desktop\teamspeak\ts3server_win64.exe
FirewallRules: [{1C123DF0-4929-4F89-8A6E-DC9E4580C108}] => (Allow) G:\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{3F277DE7-0ACE-49B7-A1F8-3C539320FA3D}] => (Allow) G:\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{308243B3-2060-4F93-B8BD-D893BD4CD4E6}] => (Allow) G:\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{8F347A17-F46B-4748-B901-744BF30F2392}] => (Allow) G:\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{206D884D-5F99-45AB-84EC-E442DFBD2ECF}] => (Allow) G:\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{11FE57DA-EF69-4D47-A669-0A2D87C0EEF4}] => (Allow) G:\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [TCP Query User{0D1EB2B2-951B-412B-9BBF-7B3F81C8B5CF}C:\program files\java\jre1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\java.exe
FirewallRules: [UDP Query User{7C0FF78D-DA95-4C1D-A18A-3E175824A354}C:\program files\java\jre1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\java.exe
FirewallRules: [TCP Query User{A48C2A75-7984-494A-B6D5-A56A863B2497}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [UDP Query User{627FDFC5-B4C4-41DB-BCFD-CE17360D1F57}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [{E0B21540-C1DB-44F4-9D82-27B6E4CC5D5A}] => (Allow) E:\SteamLibrary\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{04392BB3-14AA-4383-A280-457E84D4D94F}] => (Allow) E:\SteamLibrary\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{34C232B9-34A1-4116-9E53-9D14EE45F628}C:\program files\java\jre1.8.0_73\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_73\bin\java.exe
FirewallRules: [UDP Query User{692D5399-BC53-459B-9021-22B95FA36D24}C:\program files\java\jre1.8.0_73\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_73\bin\java.exe
FirewallRules: [{968ECDED-7806-42BB-9B6F-79E57870D83A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{C58BDE83-85E0-4AD6-8244-26157C318062}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{525764FB-F02C-4285-8781-53F5CFABF0C0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{2A3AFF3B-FB03-45E4-89EA-DC41BC324144}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{3BCD1B87-BE5B-4A28-9C5C-50539D961001}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{87DF8710-F422-48F4-AEFF-A9FC0595FD1F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [TCP Query User{42FC8F1A-6177-4D8B-8474-B32EA845920D}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{34C40F76-C6DE-4FF1-8777-080B7A45998E}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{BCA70B40-9FE5-455D-8EAC-68303DC5D244}] => (Allow) E:\SteamLibrary\SteamApps\common\Drift Streets Japan Windows\Drift Streets Japan.exe
FirewallRules: [{6552FBD4-DF4F-4697-BEDA-1F17CE2B6DF8}] => (Allow) E:\SteamLibrary\SteamApps\common\Drift Streets Japan Windows\Drift Streets Japan.exe
FirewallRules: [{434F143E-7AE2-4044-ACAB-571085841301}] => (Allow) G:\Tom Clancy's The Division\TheDivision.exe
FirewallRules: [{8F0655A9-EB59-4688-8EDC-1A8078F39C2C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C18F1899-8CD2-4E1A-90AF-2E0F90C754E7}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{DB65C02D-FF36-4F7D-B8B2-2215E08D1DD6}C:\users\mickey's\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\mickey's\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{1A80874D-4543-4CF5-BA11-2DD2F8FE6255}C:\users\mickey's\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\mickey's\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{1DFB6DF6-DB7F-446A-BA26-637329BD31F9}] => (Allow) C:\Users\Mickey's\AppData\Roaming\lappclimtfldr\mcrtvclient.exe
FirewallRules: [{07AD26F7-0F4E-4A39-A384-7638ADB6B629}] => (Allow) C:\Users\Mickey's\AppData\Roaming\lappclimtfldr\mcrtvclient.exe
FirewallRules: [{AAFCD13A-C8FA-4D5E-97C4-07805D773CB0}] => (Allow) C:\Users\Mickey's\AppData\Roaming\ethpackrs\str.exe
FirewallRules: [{6EB81F9E-2671-4805-B526-817A815145D0}] => (Allow) C:\Users\Mickey's\AppData\Roaming\ethpackrs\str.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: N600 Wireless Dual Band PCI Express Adapter
Description: N600 Wireless Dual Band PCI Express Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TP-LINK
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/26/2016 10:59:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2016 03:17:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2016 07:32:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2016 01:57:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/23/2016 11:39:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2016 06:43:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2016 10:25:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/20/2016 02:29:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/20/2016 09:51:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/19/2016 12:00:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/26/2016 07:05:48 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (07/26/2016 03:15:35 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (07/24/2016 03:45:38 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (07/22/2016 04:48:50 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (07/21/2016 02:50:38 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (07/20/2016 11:40:06 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (07/20/2016 02:47:16 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (07/17/2016 07:19:27 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (07/16/2016 06:20:37 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (07/16/2016 03:14:02 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 19%
Total physical RAM: 16314.69 MB
Available physical RAM: 13054.45 MB
Total Virtual: 16508.16 MB
Available Virtual: 13057.37 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:6.23 GB) NTFS
Drive e: (Storage) (Fixed) (Total:1863.01 GB) (Free:1364.06 GB) NTFS
Drive g: (Games) (Fixed) (Total:232.88 GB) (Free:66.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: EA7F85AB)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: B0DAA8A6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E0715B8B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Sorry for delay.

adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan.
  • When finished, please click Cleaning.
  • Your PC should reboot now.
  • After reboot, logfile will be opened. Copy its content into your next reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

Link to post
Share on other sites

# AdwCleaner v5.201 - Logfile created 10/08/2016 at 17:06:47
# Updated 30/06/2016 by ToolsLib
# Database : 2016-08-09.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Mickey's - MICKEY
# Running from : C:\Users\Mickey's\Desktop\AdwCleaner.exe
# Option : Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

[-] File Deleted : C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_australia.trovit.com_0.localstorage
[-] File Deleted : C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_australia.trovit.com_0.localstorage-journal
[-] File Deleted : C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] File Deleted : C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_translator.babylon.com_0.localstorage
[-] File Deleted : C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_translator.babylon.com_0.localstorage-journal
[-] File Deleted : C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
[-] File Deleted : C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Key Deleted : HKCU\Software\AVG Nation toolbar
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKLM\SOFTWARE\AVG Nation toolbar
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.sidecubes.com

***** [ Web browsers ] *****

[-] [C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : amfclgbdpgndipgoegfpkkgobahigbcl
[-] [C:\Users\Mickey's\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : flpcjncodpafbgdpnkljologafpionhb

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3859 bytes] - [10/08/2016 17:06:47]
C:\AdwCleaner\AdwCleaner[S1].txt - [4059 bytes] - [10/08/2016 17:05:39]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4005 bytes] ##########
 

Link to post
Share on other sites

Okay, this will remove remaining malware.

 

FRST.gif Fix with Farbar Recovery Scan Tool

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif


icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finishes FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

fixlist.txt

Link to post
Share on other sites

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-08-2016 01
Ran by Mickey's (2016-08-12 15:57:47) Run:1
Running from C:\Users\Mickey's\Desktop
Loaded Profiles: Mickey's (Available Profiles: Mickey's)
Boot Mode: Normal
==============================================

fixlist content:
*****************
emptytemp:
Reboot:
HKU\S-1-5-21-747868735-2588589844-2642923601-1000\...\Run: [AppleWebKit] => C:\Users\Mickey's\AppData\Roaming\lappclimtfldr\mcrtvclient.exe [34808 2011-10-07] (NetSupport Ltd)
C:\Users\Mickey's\AppData\Roaming\lappclimtfldr
FirewallRules: [{1DFB6DF6-DB7F-446A-BA26-637329BD31F9}] => (Allow) C:\Users\Mickey's\AppData\Roaming\lappclimtfldr\mcrtvclient.exe
FirewallRules: [{07AD26F7-0F4E-4A39-A384-7638ADB6B629}] => (Allow) C:\Users\Mickey's\AppData\Roaming\lappclimtfldr\mcrtvclient.exe
FirewallRules: [{AAFCD13A-C8FA-4D5E-97C4-07805D773CB0}] => (Allow) C:\Users\Mickey's\AppData\Roaming\ethpackrs\str.exe
FirewallRules: [{6EB81F9E-2671-4805-B526-817A815145D0}] => (Allow) C:\Users\Mickey's\AppData\Roaming\ethpackrs\str.exe
C:\Users\Mickey's\AppData\Roaming\ethpackrs
2016-07-22 19:16 - 2016-07-22 19:16 - 00587776 _____ (Igor Pavlov) C:\Users\Mickey's\AppData\Roaming\77kjf.exe
2016-07-22 19:16 - 2016-07-22 19:16 - 00587776 _____ (Igor Pavlov) C:\Users\Mickey's\AppData\Roaming\66z.exe
2016-07-22 19:16 - 2016-07-22 19:16 - 00000008 _____ C:\Users\Mickey's\AppData\Roaming\mxw.bin
2016-07-20 10:38 - 2016-07-20 10:38 - 00000000 ____D C:\Users\Mickey's\AppData\Roaming\HMYGSetting

*****************

HKU\S-1-5-21-747868735-2588589844-2642923601-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AppleWebKit => value removed successfully
C:\Users\Mickey's\AppData\Roaming\lappclimtfldr => moved successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1DFB6DF6-DB7F-446A-BA26-637329BD31F9} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{07AD26F7-0F4E-4A39-A384-7638ADB6B629} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AAFCD13A-C8FA-4D5E-97C4-07805D773CB0} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EB81F9E-2671-4805-B526-817A815145D0} => value removed successfully
C:\Users\Mickey's\AppData\Roaming\ethpackrs => moved successfully
C:\Users\Mickey's\AppData\Roaming\77kjf.exe => moved successfully
C:\Users\Mickey's\AppData\Roaming\66z.exe => moved successfully
C:\Users\Mickey's\AppData\Roaming\mxw.bin => moved successfully
C:\Users\Mickey's\AppData\Roaming\HMYGSetting => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18104012 B
Java, Flash, Steam htmlcache => 284821873 B
Windows/system/drivers => 585612044 B
Edge => 0 B
Chrome => 455598684 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42321889 B
systemprofile32 => 78022 B
LocalService => 66228 B
NetworkService => 86532 B
Mickey's => 423042566 B
UpdatusUser => 0 B

RecycleBin => 0 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:57:56 ====

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.