Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows is unable to boot


  • This topic is locked This topic is locked
23 replies to this topic

#1 prescott1

prescott1

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 14 November 2015 - 06:40 AM

I recently scanned PC with hitmam pro and it deleted two .exe files, xNtKrnl.exe and xOsLoad.exe. After this I restarted windows but it was not able to boot anymore. There is loading screen says loading files then startup repair but when it restarts same thing goes. I tried restore option but it doesn't work. How to reinstall or restore removed files? Also can't go in safe mode.

Specs: Intel i7 4790k
16gb Ram
240 GB ssd Win
Win 7 64 Bit 

Thanks



BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:29 AM

Posted 14 November 2015 - 06:48 AM

Hello and welcome to the Malware Removal Logs area :)

My name is Alexstrasza and I will assist you with your problem. You can call me Alex :)

Before we begin, there are a few things I want to make sure you know:
  • I am currently in training, so my responses might be delayed. I will generally reply within 48 hours - if this is not possible, I will let you know.
  • Please do not run any tools without being instructed to, as this makes my job much harder in trying to figure out what you have done.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the Follow this topic button, and make sure a tick is in the receive notifications and is set to Instantly. Any replies should be made in this topic by clicking the Reply to this topic button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. Please inform me if you need more time.
  • Please stay with me until I have confirmed that you are clean. Absence of symptoms does not mean that the computer is clean.
Shall we begin then?

===

Is your Windows installation legit?

Since you cannot boot into Windows, please do this to gather some information about your computer.

On a clean machine, please download Farbar Recovery Scan Tool and save it to a flash drive.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html




To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
==========

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt


Select Command Prompt

==========


Once in the Command Prompt:
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Place a checkmark in List BCD.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
Regards,
Alex

#3 prescott1

prescott1
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 14 November 2015 - 07:26 AM

Hi alex
I am glad you can help me
I am here and reply in a few minutes after your reply.
Friend gave me this windows installation DVD, I think it is not legit copy.

Here is log text

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by SYSTEM on MININT-D19JL1O (14-11-2015 16:08:56)
Running from g:\
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [VMSnap3] => C:\Windows\VMSnap3.exe [49152 2006-07-18] (Vimicro)
HKLM\...\Run: [Domino] => C:\Windows\Domino.exe [49152 2006-07-04] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7640944 2014-12-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-12-01] (Intel Corporation)
HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [296960 2010-11-20] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\Gio\...\Run: [AdobeBridge] => [X]
HKU\Gio\...\Policies\Explorer: [] 
HKU\Gio\...\Policies\Explorer: [NofolderOptions] 0
HKU\Gio\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\Gio\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
Lsa: [Notification Packages] scecli ScSecAuth
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-03] (Autodesk Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-14] (Adobe Systems Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-27] ()
S2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-01-27] (ASUSTeK Computer Inc.)
S2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe [389944 2014-05-08] (ASUSTeK Computer Inc.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-06] (Autodesk, Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-06-03] (Futuremark)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-03-10] (Intel Corporation)
S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [154856 2015-09-28] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-14] ()
S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
S2 NSBU; C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\NSBU.exe [282016 2015-09-23] (Symantec Corporation)
S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] ()
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-12-03] ()
S2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-04-01] (CyberLink)
S2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [328992 2008-07-10] (SafeNet, Inc.)
S2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [226592 2008-07-10] (SafeNet, Inc)
S3 SumRandoVPNService; C:\Program Files (x86)\SumRando\SumRando\misc\vpnmanagesvc.exe [108144 2015-03-12] (SumRando)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 ScProxySrv; "C:\Program Files\Quick Heal\Quick Heal AntiVirus Pro\ScProxySrv.exe" [X]
S2 ScSecSvc; "C:\Program Files\Quick Heal\Quick Heal AntiVirus Pro\ScSecSvc.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-12-01] ()
S1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-19] (MCCI Corporation)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-02-15] ()
S1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\BASHDefs\20151102.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
S1 ccSet_NSBU; C:\Windows\system32\drivers\NSBUx64\1605040.018\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
S1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-10-17] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-10-17] (Symantec Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-11-13] ()
S1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\IPSDefs\20151112.001\IDSvia64.sys [767224 2015-10-20] (Symantec Corporation)
S4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-05-02] (ASUSTeK Computer Inc.)
S1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-02-15] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-11-13] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 MbswMailbox; C:\Program Files (x86)\ASUS\AI Suite III\690b33e1-0462-4e84-9bea-c7552b45432a.sys [17208 2015-04-17] ()
S3 NAVENG; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\VirusDefs\20151112.032\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\VirusDefs\20151112.032\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0032.sys [28768 2015-04-08] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 NPF; C:\Windows\SysWOW64\drivers\npf.sys [42512 2015-01-16] (CACE Technologies)
S0 oem-drv64; C:\Windows\System32\DRIVERS\oem-drv64.sys [42496 2015-11-13] (secr9tos)
S3 PPJoyBus; C:\Windows\System32\DRIVERS\PPJoyBus64.sys [20032 2009-11-03] (Deon van der Westhuysen)
S3 PPortJoystick; C:\Windows\System32\DRIVERS\PPortJoy64.sys [39488 2009-11-03] (Deon van der Westhuysen)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
S2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-10] (SafeNet, Inc.)
S1 SRTSP; C:\Windows\System32\Drivers\NSBUx64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NSBUx64\1605040.018\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
S0 SymEFASI; C:\Windows\System32\drivers\NSBUx64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-10-18] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NSBUx64\1605040.018\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NSBUx64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-01-23] (Spotflux, Inc.)
S3 tun3326; C:\Windows\System32\DRIVERS\tun3326.sys [32368 2013-03-22] (The OpenVPN Project)
S3 vvftav303; C:\Windows\System32\drivers\vvftav303.sys [308096 2007-06-23] (Vimicro Corporation)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2011-06-22] (Windows ® Win 7 DDK provider)
S3 ZSMC0303; C:\Windows\System32\Drivers\usbVM303.sys [1494656 2007-03-25] (Vimicro Corporation)
S1 bsfs; system32\DRIVERS\bsfs.sys [X]
S3 cpuz137; \??\C:\Users\Gio\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 ggc; system32\DRIVERS\ggc.sys [X]
S1 nethfdrv; \??\C:\Windows\system32\drivers\nethfdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WolfVision Video Capture II; system32\DRIVERS\WolfVZCamera2.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-14 16:08 - 2015-11-14 16:08 - 00000000 ____D C:\FRST
2015-11-13 08:50 - 2015-11-13 08:51 - 00043664 _____ C:\Windows\System32\Drivers\hitmanpro37.sys
2015-11-13 07:56 - 2015-11-13 07:56 - 11324802 _____ C:\Users\Gio\Downloads\Popcorn_Lobby.zip
2015-11-13 06:24 - 2015-11-13 06:25 - 53433992 _____ C:\Users\Gio\Downloads\Thinkbox_KrakatoaMX_2.4.1_x64.rar
2015-11-13 06:19 - 2015-11-13 06:19 - 00000000 ____H C:\ProgramData\cm-lock
2015-11-12 10:24 - 2015-11-12 10:24 - 00000000 ____D C:\Users\Gio\AppData\LocalLow\uTorrent
2015-11-12 09:14 - 2015-11-12 09:14 - 01517205 _____ C:\Users\Gio\Downloads\BerconMaps_3_04.zip
2015-11-12 01:32 - 2015-11-13 08:45 - 00000550 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-423546431-4035410846-4171816442-1000.job
2015-11-12 01:32 - 2015-11-13 07:11 - 00000646 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-423546431-4035410846-4171816442-1000.job
2015-11-12 01:32 - 2015-11-12 01:32 - 00003664 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-423546431-4035410846-4171816442-1000
2015-11-12 01:32 - 2015-11-12 01:32 - 00003568 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-423546431-4035410846-4171816442-1000
2015-11-12 01:32 - 2015-11-12 01:32 - 00000000 ____D C:\Users\Gio\AppData\Local\Citrix
2015-11-10 12:40 - 2015-11-10 12:40 - 00042962 _____ C:\Users\Gio\Downloads\Calculus I  with Professor Richard Delaware Online Course Video Lectures_1288506171.zip
2015-11-09 10:57 - 2015-11-09 10:57 - 00033185 _____ C:\Users\Gio\Downloads\Modelling the Audi R8.zip
2015-11-09 10:55 - 2015-11-09 10:55 - 00030879 _____ C:\Users\Gio\Downloads\Creating V-Ray Materials_Vol1.zip
2015-11-09 10:04 - 2015-11-09 10:04 - 00055348 _____ C:\Users\Gio\Downloads\[rutracker.org].t4608494.zip
2015-11-08 13:47 - 2015-11-08 13:57 - 867026989 _____ C:\Users\Gio\Downloads\HDRI-sun-clouds.rar
2015-11-08 13:44 - 2015-11-08 13:44 - 17433785 _____ C:\Users\Gio\Downloads\HDR_029_Sky_Cloudy_Free.zip
2015-11-08 12:56 - 2015-11-08 12:56 - 05261111 _____ C:\Users\Gio\Downloads\Kamen.zip
2015-11-08 12:01 - 2015-11-08 12:01 - 509023497 _____ C:\Users\Gio\Downloads\3ds.zip
2015-11-07 11:26 - 2015-11-07 11:26 - 00766693 _____ C:\Users\Gio\Downloads\Genetica Texture Pack 4 - Planet & Terrain.zip
2015-11-07 11:26 - 2015-11-07 11:26 - 00030148 _____ C:\Users\Gio\Downloads\Texture Pack 001 - JPEG.torrent
2015-11-07 10:06 - 2015-11-07 10:06 - 00064347 _____ C:\Users\Gio\Downloads\[rutracker.org]tutor.zip
2015-11-07 10:06 - 2015-11-07 10:06 - 00031094 _____ C:\Users\Gio\Downloads\[rutracker.org]tutor1.zip
2015-11-07 09:54 - 2015-11-07 09:54 - 00094168 _____ C:\Users\Gio\Downloads\[rutracker.org]tutor2.zip
2015-11-07 09:54 - 2015-11-07 09:54 - 00045879 _____ C:\Users\Gio\Downloads\[rutracker.org]tutor3.zip
2015-11-07 09:54 - 2015-11-07 09:54 - 00012784 _____ C:\Users\Gio\Downloads\[rutracker.org]tutor5.zip
2015-11-07 09:52 - 2015-11-07 09:52 - 00073409 _____ C:\Users\Gio\Downloads\[rutracker.org]tutor6.zip
2015-11-07 09:36 - 2015-11-07 09:36 - 00109127 _____ C:\Users\Gio\Downloads\[rutracker.org]tutor7.zip
2015-11-07 09:35 - 2015-11-07 09:35 - 00012944 _____ C:\Users\Gio\Downloads\[rutracker.org]tutor8.zip
2015-11-07 09:32 - 2015-11-07 09:32 - 00016374 _____ C:\Users\Gio\Downloads\[rutracker.org]lectur1.rar
2015-11-07 09:30 - 2015-11-07 09:30 - 00020529 _____ C:\Users\Gio\Downloads\[rutracker.org]lectur2.rar
2015-11-07 09:27 - 2015-11-07 09:27 - 00017070 _____ C:\Users\Gio\Downloads\[rutracker.org]lectur3.rar
2015-11-07 09:27 - 2015-11-07 09:27 - 00016190 _____ C:\Users\Gio\Downloads\[rutracker.org]lectur4.rar
2015-11-07 09:26 - 2015-11-07 09:26 - 00175012 _____ C:\Users\Gio\Downloads\[rutracker.org]lectur5.rar
2015-11-07 09:26 - 2015-11-07 09:26 - 00050862 _____ C:\Users\Gio\Downloads\[rutracker.org]lectur6.rar
2015-11-07 09:26 - 2015-11-07 09:26 - 00013455 _____ C:\Users\Gio\Downloads\[rutracker.org]lectur7.rar
2015-11-07 07:36 - 2015-11-07 07:36 - 02471028 _____ C:\Users\Gio\Downloads\final-scene.zip
2015-11-07 07:36 - 2015-11-07 07:36 - 01854694 _____ C:\Users\Gio\Downloads\glass-liquid-final-vray3.zip
2015-11-07 03:29 - 2015-11-07 03:29 - 00029613 _____ C:\Users\Gio\Downloads\vray.interior.lighting.rar
2015-11-04 14:37 - 2015-11-04 15:23 - 04047696 _____ C:\Users\Gio\Documents\Proeqt1.pln
2015-11-04 14:37 - 2015-11-04 15:21 - 04055184 _____ C:\Users\Gio\Documents\Proeqt1.bpn
2015-11-04 05:15 - 2015-11-05 09:37 - 00000000 ____D C:\Users\Gio\AppData\Local\VirtualStore
2015-11-04 05:15 - 2015-11-04 05:15 - 00000118 _____ C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-04 04:16 - 2015-11-04 04:16 - 03700400 _____ C:\Users\Gio\Documents\Proeqt.pln
2015-11-04 02:27 - 2015-11-12 02:47 - 00000000 ____D C:\Users\Gio\Graphisoft
2015-11-04 02:27 - 2015-11-12 00:58 - 00000000 ____D C:\Users\Gio\Documents\BIMx
2015-11-04 02:27 - 2015-11-04 02:27 - 00000000 ____D C:\Users\Gio\AppData\Roaming\Graphisoft
2015-11-04 02:27 - 2015-11-04 02:27 - 00000000 ____D C:\Users\Gio\AppData\Local\Graphisoft
2015-11-04 02:26 - 2015-11-04 02:26 - 00001191 _____ C:\Users\Public\Desktop\BIMx for ArchiCAD 18.lnk
2015-11-04 02:26 - 2015-11-04 02:26 - 00001016 _____ C:\Users\Public\Desktop\ArchiCAD 18.lnk
2015-11-04 02:26 - 2015-11-04 02:26 - 00000000 ____D C:\ProgramData\CodeMeter
2015-11-04 02:26 - 2015-11-04 02:26 - 00000000 ____D C:\Program Files\CodeMeter
2015-11-04 02:26 - 2015-11-04 02:26 - 00000000 ____D C:\Program Files (x86)\CodeMeter
2015-11-04 02:25 - 2015-11-04 02:25 - 00008108 _____ C:\Windows\vpd.properties
2015-11-04 02:25 - 2015-11-04 02:25 - 00000000 ____D C:\Program Files\GRAPHISOFT
2015-11-04 02:18 - 2015-11-04 02:26 - 00000000 ____D C:\Users\Gio\AppData\Roaming\Install.GS
2015-11-04 02:18 - 2013-08-06 16:19 - 00595618 _____ C:\Users\Gio\AppData\Local\libcurl-4.dll
2015-11-04 02:18 - 2010-06-05 09:00 - 00042496 _____ (Open Source Software community project) C:\Users\Gio\AppData\Local\pthreadGC2-w64.dll
2015-11-04 02:05 - 2015-11-04 02:05 - 00012742 _____ C:\Users\Gio\Downloads\Graphisoft-ArchiCAD-18
2015-11-02 10:49 - 2015-11-02 10:49 - 00020578 _____ C:\Users\Gio\Downloads\Software
2015-10-31 15:09 - 2015-10-31 15:10 - 40442559 _____ C:\Users\Gio\Downloads\D8_FumeFX_Looper.rar
2015-10-31 14:27 - 2015-10-31 14:27 - 12260023 _____ C:\Users\Gio\Downloads\YUDO.TV_C4D_PROJECTS.rar
2015-10-31 08:33 - 2015-10-31 08:33 - 15085792 _____ C:\Users\Gio\Downloads\Tiner_Shaders.rar
2015-10-30 13:44 - 2015-10-30 13:44 - 00002720 _____ C:\Users\Gio\Downloads\3D Artist - Issue 83 2015
2015-10-29 09:50 - 2015-10-29 09:50 - 02349405 _____ C:\Users\Gio\Downloads\Polymodeling_chapter5_files.zip
2015-10-27 08:33 - 2015-10-27 08:33 - 00055945 _____ C:\Users\Gio\Downloads\[rutracker.org]3d_artist15.zip
2015-10-27 08:33 - 2015-10-27 08:33 - 00013833 _____ C:\Users\Gio\Downloads\[rutracker.org]3d_artist16.zip
2015-10-27 08:29 - 2015-10-27 08:29 - 00171841 _____ C:\Users\Gio\Downloads\[rutracker.org]3d_artist17.zip
2015-10-27 08:17 - 2015-10-27 08:17 - 00024962 _____ C:\Users\Gio\Downloads\[kat.cr]digital3d_artist18.zip
2015-10-27 08:04 - 2015-10-27 08:04 - 00018013 _____ C:\Users\Gio\Downloads\[rutracker.org]modeling.zip
2015-10-27 08:04 - 2015-10-27 08:04 - 00016005 _____ C:\Users\Gio\Downloads\[rutracker.org]modeling1.zip
2015-10-27 08:02 - 2015-10-27 08:02 - 00013572 _____ C:\Users\Gio\Downloads\grant-warwick-mastering-vray-lessons-10.torrent
2015-10-27 07:59 - 2015-10-27 07:59 - 00155805 _____ C:\Users\Gio\Downloads\3dmotive-organic-polypainting-in-zbrush-vol-1
2015-10-27 07:59 - 2015-10-27 07:59 - 00093650 _____ C:\Users\Gio\Downloads\zbrushworkshops-female-face-sculpting-with-steve-lord
2015-10-27 07:59 - 2015-10-27 07:59 - 00036241 _____ C:\Users\Gio\Downloads\methods-for-creating-a-low-poly-portrait-in-illustrator
2015-10-27 07:57 - 2015-10-27 07:57 - 00119216 _____ C:\Users\Gio\Downloads\cubebrush-high-poly-character-design
2015-10-27 07:57 - 2015-10-27 07:57 - 00020463 _____ C:\Users\Gio\Downloads\hazardousarts-sculpting.torrent
2015-10-27 07:56 - 2015-10-27 07:56 - 00038934 _____ C:\Users\Gio\Downloads\trey-ratcliffs-complete-hdr-tutorial
2015-10-27 07:55 - 2015-10-27 07:55 - 00699278 _____ C:\Users\Gio\Downloads\gumroad-likeness-sculpting-by-frank-tzeng
2015-10-27 07:55 - 2015-10-27 07:55 - 00021482 _____ C:\Users\Gio\Downloads\gumroad-josh-p.-crockett-introduction-to-creature-sculpting-grey-alien
2015-10-27 07:45 - 2015-10-27 07:45 - 00706133 _____ C:\Users\Gio\Downloads\uartsy-character-pipeline-for-games
2015-10-27 07:44 - 2015-10-27 07:44 - 00062155 _____ C:\Users\Gio\Downloads\uroki_3d_modelirovaniya_ot_killerivanov
2015-10-27 07:44 - 2015-10-27 07:44 - 00048182 _____ C:\Users\Gio\Downloads\the-gnomon-workshop-efficient-cinematic-lighting-2
2015-10-27 07:43 - 2015-10-27 07:43 - 00021563 _____ C:\Users\Gio\Downloads\[rutracker.org].t4999313.torrent
2015-10-27 07:43 - 2015-10-27 07:43 - 00017479 _____ C:\Users\Gio\Downloads\[rutracker.org].t4928485.torrent
2015-10-27 07:42 - 2015-10-27 07:42 - 00020573 _____ C:\Users\Gio\Downloads\[rutracker.org].t5076014.torrent
2015-10-27 07:40 - 2015-10-27 07:40 - 00021491 _____ C:\Users\Gio\Downloads\[rutracker.org].t5047143.torrent
2015-10-27 07:39 - 2015-10-27 07:39 - 00071998 _____ C:\Users\Gio\Downloads\[rutracker.org].t1122621.torrent
2015-10-27 07:38 - 2015-10-27 07:38 - 00022277 _____ C:\Users\Gio\Downloads\[rutracker.org].t5041889.torrent
2015-10-27 07:31 - 2015-10-27 07:31 - 00022106 _____ C:\Users\Gio\Downloads\[rutracker.org].t4560852.torrent
2015-10-27 07:31 - 2015-10-27 07:31 - 00020921 _____ C:\Users\Gio\Downloads\[rutracker.org].t4560949.torrent
2015-10-27 07:31 - 2015-10-27 07:31 - 00017320 _____ C:\Users\Gio\Downloads\[rutracker.org].t4561531.torrent
2015-10-27 07:31 - 2015-10-27 07:31 - 00017077 _____ C:\Users\Gio\Downloads\[rutracker.org].t4560878.torrent
2015-10-27 07:31 - 2015-10-27 07:31 - 00016590 _____ C:\Users\Gio\Downloads\[rutracker.org].t4561559.torrent
2015-10-23 08:39 - 2015-10-23 08:39 - 00014772 _____ C:\Users\Gio\Downloads\45B4DF5ADC488ECB3B1E7AE033C5670BCA6CD67B.torrent
2015-10-23 02:21 - 2015-10-23 02:21 - 04507385 _____ C:\Users\Gio\Downloads\WinRAR 5.21 + Patch 5.x.x.32-64bit.MrSzzS 2015!!.zip
2015-10-23 02:06 - 2015-10-23 05:48 - 00000000 ____D C:\Program Files\Marvelous Designer 5 Personal
2015-10-23 02:06 - 2015-10-23 02:06 - 00000959 _____ C:\Users\Public\Desktop\Marvelous Designer 5 Personal.lnk
2015-10-23 02:06 - 2015-10-23 02:06 - 00000000 ____D C:\Users\Public\Documents\MD5
2015-10-21 13:15 - 2015-10-21 13:15 - 00023202 _____ C:\Users\Gio\Downloads\[videotuts.ru]_Digital-Tutors  Creative Development Mixed Modeling Techniques in 3ds Max 2012
2015-10-21 12:10 - 2015-10-21 12:10 - 04274261 _____ C:\Users\Gio\Downloads\5SRW-Program-Brochure (1).zip
2015-10-20 05:44 - 2015-10-20 05:44 - 00026261 _____ C:\Users\Gio\Downloads\elephorm-3-d-studio-max-vol-3-eclairage-materiaux-et-rendu
2015-10-20 05:43 - 2015-10-20 05:43 - 00015448 _____ C:\Users\Gio\Downloads\viscorbel-creating-v-ray-materials-vol3.torrent
2015-10-20 05:39 - 2015-10-20 05:39 - 00059078 _____ C:\Users\Gio\Downloads\v-ray-art-v-ray-interior-training-by-stanislav-orekhov.torrent
2015-10-20 05:24 - 2015-10-20 05:24 - 00033198 _____ C:\Users\Gio\Downloads\[rutracker.org].t3999589.torrent
2015-10-20 05:24 - 2015-10-20 05:24 - 00027241 _____ C:\Users\Gio\Downloads\[rutracker.org].t4073144.torrent
2015-10-20 05:24 - 2015-10-20 05:24 - 00020342 _____ C:\Users\Gio\Downloads\[rutracker.org].t3938438.torrent
2015-10-20 05:24 - 2015-10-20 05:24 - 00016973 _____ C:\Users\Gio\Downloads\[rutracker.org].t3986380.torrent
2015-10-20 05:24 - 2015-10-20 05:24 - 00014965 _____ C:\Users\Gio\Downloads\[rutracker.org].t3815552.torrent
2015-10-20 05:23 - 2015-10-20 05:23 - 00030944 _____ C:\Users\Gio\Downloads\[rutracker.org].t4058431.torrent
2015-10-20 05:23 - 2015-10-20 05:23 - 00022806 _____ C:\Users\Gio\Downloads\[rutracker.org].t4147448.torrent
2015-10-20 05:23 - 2015-10-20 05:23 - 00022690 _____ C:\Users\Gio\Downloads\[rutracker.org].t4121743.torrent
2015-10-20 05:23 - 2015-10-20 05:23 - 00015320 _____ C:\Users\Gio\Downloads\[rutracker.org].t4177951.torrent
2015-10-20 05:22 - 2015-10-20 05:22 - 00017408 _____ C:\Users\Gio\Downloads\[rutracker.org].t4220929.torrent
2015-10-20 05:22 - 2015-10-20 05:22 - 00015323 _____ C:\Users\Gio\Downloads\[rutracker.org].t4277151.torrent
2015-10-20 05:21 - 2015-10-20 05:21 - 00030418 _____ C:\Users\Gio\Downloads\[rutracker.org].t4348781.torrent
2015-10-20 05:21 - 2015-10-20 05:21 - 00021216 _____ C:\Users\Gio\Downloads\[rutracker.org].t4384900.torrent
2015-10-20 05:21 - 2015-10-20 05:21 - 00021050 _____ C:\Users\Gio\Downloads\[rutracker.org].t4481321.torrent
2015-10-20 05:21 - 2015-10-20 05:21 - 00018124 _____ C:\Users\Gio\Downloads\[rutracker.org].t4412708.torrent
2015-10-20 05:21 - 2015-10-20 05:21 - 00018070 _____ C:\Users\Gio\Downloads\[rutracker.org].t4624618.torrent
2015-10-20 05:20 - 2015-10-20 05:20 - 00012363 _____ C:\Users\Gio\Downloads\[rutracker.org].t4978416.torrent
2015-10-20 05:19 - 2015-10-20 05:19 - 00014461 _____ C:\Users\Gio\Downloads\[rutracker.org].t5003450.torrent
2015-10-19 14:19 - 2015-10-19 14:19 - 00002560 _____ C:\Users\Gio\Desktop\Norton Security with Backup.lnk
2015-10-19 11:42 - 2015-10-19 11:42 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security with Backup
2015-10-18 10:30 - 2015-10-18 10:30 - 03634193 _____ C:\Users\Gio\Downloads\Vray_grass.rar
2015-10-18 08:13 - 2015-10-19 11:42 - 00003240 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-10-18 08:13 - 2015-10-19 11:42 - 00002448 _____ C:\Users\Public\Desktop\Norton Security with Backup.LNK
2015-10-18 08:13 - 2015-10-18 13:32 - 00111344 _____ (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2015-10-18 08:13 - 2015-10-18 13:32 - 00008214 _____ C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
2015-10-18 08:13 - 2015-10-18 08:13 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-10-18 08:12 - 2015-10-19 11:42 - 00000000 ____D C:\Windows\System32\Drivers\NSBUx64
2015-10-18 08:12 - 2015-10-18 08:12 - 00000000 ____D C:\Program Files (x86)\Norton Security with Backup
2015-10-18 08:09 - 2015-10-18 08:10 - 129868680 _____ (Symantec Corporation) C:\Users\Gio\Downloads\NSBU-TW-22.5.0-EN-US.exe
2015-10-18 07:09 - 2015-10-18 07:16 - 84314641 _____ C:\Users\Gio\Downloads\ajl6a.Norton.Security.with.Backup.2015.22.5.4.24..Trial.ResetterFL.rar
2015-10-18 06:52 - 2015-10-18 06:52 - 01201328 _____ (Symantec Corporation) C:\Users\Gio\Downloads\AutoDetectPkg.exe
2015-10-18 06:38 - 2015-10-18 06:38 - 00000000 ____D C:\Windows\System32\Drivers\NSTx64
2015-10-18 06:38 - 2015-10-18 06:38 - 00000000 ____D C:\Program Files (x86)\Norton Identity Safe
2015-10-17 10:47 - 2015-10-17 10:47 - 00017700 _____ C:\Users\Gio\Downloads\sculpting-integration-concepts-for-3ds-max-and-mudbox
2015-10-17 10:45 - 2015-10-17 10:45 - 00021145 _____ C:\Users\Gio\Downloads\unleashing-the-power-of-v-ray
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-03-01 11:10 - 2014-12-01 12:58 - 00003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F91393ED-EBB5-497D-BF10-C3273B42CC9C}
2015-11-13 18:50 - 2015-09-27 11:47 - 00000000 ____D C:\Games
2015-11-13 18:40 - 2014-12-01 10:32 - 00000000 ____D C:\users\Gio
2015-11-13 18:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2015-11-13 16:58 - 2010-11-20 23:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-13 08:47 - 2015-02-07 06:55 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2015-11-13 08:31 - 2014-12-01 10:44 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-13 08:25 - 2015-02-09 12:16 - 00000000 ____D C:\Users\Gio\AppData\Local\CrashDumps
2015-11-13 06:26 - 2009-07-13 20:45 - 00026352 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-13 06:26 - 2009-07-13 20:45 - 00026352 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-13 06:25 - 2009-07-13 21:13 - 00792464 _____ C:\Windows\System32\PerfStringBackup.INI
2015-11-13 06:22 - 2014-12-01 10:35 - 01206264 _____ C:\Windows\WindowsUpdate.log
2015-11-13 06:19 - 2015-09-11 04:48 - 00002436 _____ C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5_user.job
2015-11-13 06:19 - 2015-09-11 04:48 - 00002436 _____ C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.job
2015-11-13 06:19 - 2014-12-01 18:28 - 00042496 _____ (secr9tos) C:\Windows\System32\Drivers\oem-drv64.sys
2015-11-13 06:19 - 2014-12-01 10:44 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-13 06:19 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-13 06:19 - 2009-07-13 20:51 - 00071188 _____ C:\Windows\setupact.log
2015-11-12 18:20 - 2014-12-01 15:16 - 00000000 ____D C:\Users\Gio\AppData\Roaming\uTorrent
2015-11-12 18:00 - 2014-12-01 15:42 - 00000000 ____D C:\Users\Gio\AppData\Local\Adobe
2015-11-11 07:35 - 2014-12-01 10:44 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-11 06:50 - 2010-11-20 19:47 - 11353598 _____ C:\Windows\PFRO.log
2015-11-09 10:31 - 2015-04-30 03:47 - 00004483 _____ C:\Users\Gio\Desktop\New Text Document (2).txt
2015-11-07 11:45 - 2015-07-27 05:53 - 00001456 _____ C:\Users\Gio\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-11-05 07:33 - 2014-12-01 13:01 - 00003826 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1417467685
2015-11-05 07:33 - 2014-12-01 13:01 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-04 05:33 - 2014-12-03 11:20 - 00000000 ____D C:\Users\Gio\AppData\Roaming\DMCache
2015-11-04 05:27 - 2015-08-29 13:10 - 00000000 ____D C:\Users\Gio\Documents\SCANIA Truck Driving Simulator
2015-11-04 02:27 - 2014-12-01 12:03 - 00000000 ____D C:\Users\Gio\AppData\Roaming\MAXON
2015-11-03 16:17 - 2015-02-07 06:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-03 15:15 - 2015-01-15 10:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-03 13:24 - 2015-07-15 07:42 - 00000000 ____D C:\Users\Gio\ARIAConverted
2015-11-02 15:36 - 2015-01-26 04:18 - 00000000 ____D C:\Users\Gio\Documents\Euro Truck Simulator 2
2015-11-01 15:57 - 2014-12-03 11:20 - 00000000 ___HD C:\Users\Gio\Downloads\Video
2015-10-31 08:13 - 2014-12-01 15:17 - 00000000 ____D C:\Users\Gio\AppData\Roaming\Skype
2015-10-30 05:58 - 2015-05-10 06:18 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-27 07:15 - 2015-02-25 05:12 - 00000000 ____D C:\Windows\pss
2015-10-27 07:13 - 2015-03-14 13:10 - 00000000 ____D C:\Users\Gio\.VirtualBox
2015-10-27 07:13 - 2015-02-01 06:10 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-27 07:13 - 2014-12-12 22:35 - 00000000 ___RD C:\Users\Gio\Creative Cloud Files
2015-10-27 07:12 - 2015-06-28 12:55 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-10-23 02:22 - 2014-12-01 12:02 - 00000000 ____D C:\Program Files\WinRAR
2015-10-23 02:04 - 2014-12-03 11:20 - 00000000 ____D C:\Users\Gio\Downloads\Compressed
2015-10-22 07:48 - 2015-08-21 04:52 - 00000000 ____D C:\Users\Gio\Downloads\Adobe After Effects Auto-Save
2015-10-21 05:02 - 2014-12-04 10:40 - 00000000 ____D C:\Users\Gio\AppData\Local\Akamai
2015-10-19 11:38 - 2014-12-03 11:20 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2015-10-18 08:12 - 2014-12-01 10:46 - 00000000 ____D C:\ProgramData\Norton
 
Some files in TEMP:
====================
C:\Users\Gio\AppData\Local\Temp\_is4A4B.exe
 
 
==================== Known DLLs (Whitelisted) =========================
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
nointegritychecks: ==> "IntegrityChecks" is disabled. <===== ATTENTION
 
==================== EXE Association (Whitelisted) =============
 
 
==================== Restore Points =========================
 
Restore point date: 2015-11-13 08:54
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
resumeobject            {f545a331-79ca-11e4-9040-a36a18e11033}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
loadoptions             DDISABLE_INTEGRITY_CHECKS
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
nointegritychecks       Yes
testsigning             No
osdevice                partition=C:
systemroot              \Windows
kernel                  xNtKrnl.exe
resumeobject            {f545a331-79ca-11e4-9040-a36a18e11033}
nx                      OptIn
custom:26000027         Yes
 
Windows Boot Loader
-------------------
identifier              {current}
device                  ramdisk=[C:]\Recovery\f545a333-79ca-11e4-9040-a36a18e11033\Winre.wim,{f545a334-79ca-11e4-9040-a36a18e11033}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\f545a333-79ca-11e4-9040-a36a18e11033\Winre.wim,{f545a334-79ca-11e4-9040-a36a18e11033}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {f545a331-79ca-11e4-9040-a36a18e11033}
device                  partition=C:
path                    \Windows\System32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {f545a334-79ca-11e4-9040-a36a18e11033}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\f545a333-79ca-11e4-9040-a36a18e11033\boot.sdi
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 7%
Total physical RAM: 16261.03 MB
Available physical RAM: 15061.13 MB
Total Virtual: 16259.23 MB
Available Virtual: 15084.64 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.79 GB) (Free:3.24 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (New Volume) (Fixed) (Total:433.17 GB) (Free:3.76 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Media) (Fixed) (Total:498.34 GB) (Free:1.11 GB) NTFS
Drive f: (20.12.Ult.Eng) (CDROM) (Total:4 GB) (Free:0 GB) UDF
Drive g: (IOANE) (Removable) (Total:14.52 GB) (Free:14.52 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 1A31AD76)
Partition 1: (Active) - (Size=232.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2E36CC17)
Partition 1: (Active) - (Size=433.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=498.3 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 14.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=14.5 GB) - (Type=0C)
 
 
LastRegBack: 2015-11-10 10:19
 
==================== End of FRST.txt ============================


#4 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:29 AM

Posted 15 November 2015 - 11:10 AM

Hello prescott1,

Before we proceed, I will have to let you know that your Windows installation is not legit, and it is what caused the problem with HitmanPro. To avoid this problem in the future you will need to purchase a legit copy of Windows.

Pirated software

Bleeping Computer does not allow the use of pirated software.

The practice of using keygenshacking toolscracking toolswareztorrents or any pirated software is not only considered illegal activity, but it is a serious security risk which can turn a computer into a virus honeypot or zombie.
 
When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible, and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.
 
If you want to read on then the full post is here.

I will help you repair your machine, but please remember that this is a one-time deal. After that I will refuse further assistance.

===

Fix with Farbar Recovery Scan Tool in Recovery Environment

Enter the Command Prompt from System Recovery Options using Advanced Boot Options or the Windows installation disk.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html


To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
==========

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt


Select Command Prompt

==========

Once in the Command Prompt:
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • Press Fix just once and wait.
  • A log named Fixlog.txt will be created in the flash drive. Please post that into your next reply.
Let me know if you are able to boot into Windows after this - if you do, please create a new set of FRST logs. Remember to place checkmarks in List BCD and Addition.txt before clicking Scan!

Regards,
Alex

Edited by Alexstrasza, 15 November 2015 - 11:27 AM.


#5 prescott1

prescott1
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 15 November 2015 - 11:30 AM

I know this is not good idea to install illegal software in PC worth few grands.
I will read topic you mentioned.

Windows is unable to boot.
Here is log files.

 

 
Fixlog:
 
Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by SYSTEM (2015-11-15 20:22:11) Run:1
Running from g:\
Boot Mode: Recovery
==============================================
 
fixlist content:
*****************
S0 oem-drv64; C:\Windows\System32\DRIVERS\oem-drv64.sys [42496 2015-11-13] (secr9tos)
BCDEDIT /deletevalue {default} kernel
*****************
 
oem-drv64 => service removed successfully
BCDEDIT /deletevalue {default} kernel => Error: No automatic fix found for this entry.
 
==== End of Fixlog 20:22:11 ====
 
 
 
Scanlog:
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by SYSTEM on MININT-H6TAU57 (15-11-2015 20:23:27)
Running from g:\
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [VMSnap3] => C:\Windows\VMSnap3.exe [49152 2006-07-18] (Vimicro)
HKLM\...\Run: [Domino] => C:\Windows\Domino.exe [49152 2006-07-04] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7640944 2014-12-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-12-01] (Intel Corporation)
HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [296960 2010-11-20] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\Gio\...\Run: [AdobeBridge] => [X]
HKU\Gio\...\Policies\Explorer: [] 
HKU\Gio\...\Policies\Explorer: [NofolderOptions] 0
HKU\Gio\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\Gio\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
Lsa: [Notification Packages] scecli ScSecAuth
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-03] (Autodesk Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-14] (Adobe Systems Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-27] ()
S2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-01-27] (ASUSTeK Computer Inc.)
S2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe [389944 2014-05-08] (ASUSTeK Computer Inc.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-06] (Autodesk, Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-06-03] (Futuremark)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-03-10] (Intel Corporation)
S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [154856 2015-09-28] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-14] ()
S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
S2 NSBU; C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\NSBU.exe [282016 2015-09-23] (Symantec Corporation)
S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] ()
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-12-03] ()
S2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-04-01] (CyberLink)
S2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [328992 2008-07-10] (SafeNet, Inc.)
S2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [226592 2008-07-10] (SafeNet, Inc)
S3 SumRandoVPNService; C:\Program Files (x86)\SumRando\SumRando\misc\vpnmanagesvc.exe [108144 2015-03-12] (SumRando)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 ScProxySrv; "C:\Program Files\Quick Heal\Quick Heal AntiVirus Pro\ScProxySrv.exe" [X]
S2 ScSecSvc; "C:\Program Files\Quick Heal\Quick Heal AntiVirus Pro\ScSecSvc.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-12-01] ()
S1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-19] (MCCI Corporation)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-02-15] ()
S1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\BASHDefs\20151102.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
S1 ccSet_NSBU; C:\Windows\system32\drivers\NSBUx64\1605040.018\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
S1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-10-17] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-10-17] (Symantec Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-11-13] ()
S1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\IPSDefs\20151112.001\IDSvia64.sys [767224 2015-10-20] (Symantec Corporation)
S4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-05-02] (ASUSTeK Computer Inc.)
S1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-02-15] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-11-13] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 MbswMailbox; C:\Program Files (x86)\ASUS\AI Suite III\690b33e1-0462-4e84-9bea-c7552b45432a.sys [17208 2015-04-17] ()
S3 NAVENG; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\VirusDefs\20151112.032\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\VirusDefs\20151112.032\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0032.sys [28768 2015-04-08] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 NPF; C:\Windows\SysWOW64\drivers\npf.sys [42512 2015-01-16] (CACE Technologies)
S3 PPJoyBus; C:\Windows\System32\DRIVERS\PPJoyBus64.sys [20032 2009-11-03] (Deon van der Westhuysen)
S3 PPortJoystick; C:\Windows\System32\DRIVERS\PPortJoy64.sys [39488 2009-11-03] (Deon van der Westhuysen)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
S2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-10] (SafeNet, Inc.)
S1 SRTSP; C:\Windows\System32\Drivers\NSBUx64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NSBUx64\1605040.018\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
S0 SymEFASI; C:\Windows\System32\drivers\NSBUx64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-10-18] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NSBUx64\1605040.018\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NSBUx64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-01-23] (Spotflux, Inc.)
S3 tun3326; C:\Windows\System32\DRIVERS\tun3326.sys [32368 2013-03-22] (The OpenVPN Project)
S3 vvftav303; C:\Windows\System32\drivers\vvftav303.sys [308096 2007-06-23] (Vimicro Corporation)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2011-06-22] (Windows ® Win 7 DDK provider)
S3 ZSMC0303; C:\Windows\System32\Drivers\usbVM303.sys [1494656 2007-03-25] (Vimicro Corporation)
S1 bsfs; system32\DRIVERS\bsfs.sys [X]
S3 cpuz137; \??\C:\Users\Gio\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 ggc; system32\DRIVERS\ggc.sys [X]
S1 nethfdrv; \??\C:\Windows\system32\drivers\nethfdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WolfVision Video Capture II; system32\DRIVERS\WolfVZCamera2.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-14 16:08 - 2015-11-15 20:23 - 00000000 ____D C:\FRST
2015-11-13 08:50 - 2015-11-13 08:51 - 00043664 _____ C:\Windows\System32\Drivers\hitmanpro37.sys
2015-11-13 07:56 - 2015-11-13 07:56 - 11324802 _____ C:\Users\Gio\Downloads\Popcorn_Lobby.zip
2015-11-13 06:24 - 2015-11-13 06:25 - 53433992 _____ C:\Users\Gio\Downloads\Thinkbox_KrakatoaMX_2.4.1_x64.rar
2015-11-13 06:19 - 2015-11-13 06:19 - 00000000 ____H C:\ProgramData\cm-lock
2015-11-12 10:24 - 2015-11-12 10:24 - 00000000 ____D C:\Users\Gio\AppData\LocalLow\uTorrent
2015-11-12 09:14 - 2015-11-12 09:14 - 01517205 _____ C:\Users\Gio\Downloads\BerconMaps_3_04.zip
2015-11-12 01:32 - 2015-11-13 08:45 - 00000550 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-423546431-4035410846-4171816442-1000.job
2015-11-12 01:32 - 2015-11-13 07:11 - 00000646 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-423546431-4035410846-4171816442-1000.job
2015-11-12 01:32 - 2015-11-12 01:32 - 00003664 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-423546431-4035410846-4171816442-1000
2015-11-12 01:32 - 2015-11-12 01:32 - 00003568 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-423546431-4035410846-4171816442-1000
2015-11-12 01:32 - 2015-11-12 01:32 - 00000000 ____D C:\Users\Gio\AppData\Local\Citrix
2015-11-10 12:40 - 2015-11-10 12:40 - 00042962 _____ C:\Users\Gio\Downloads\Calculus I  with Professor Richard Delaware Online Course Video Lectures_1288506171.torrent
2015-11-09 10:57 - 2015-11-09 10:57 - 00033185 _____ C:\Users\Gio\Downloads\[videotuts.ru]_Modelling the Audi R8.torrent
2015-11-09 10:55 - 2015-11-09 10:55 - 00030879 _____ C:\Users\Gio\Downloads\[videotuts.ru]_Viscorbel - Creating V-Ray Materials_Vol1.torrent
2015-11-09 10:04 - 2015-11-09 10:04 - 00055348 _____ C:\Users\Gio\Downloads\[rutracker.org].t4608494.torrent
2015-11-08 13:47 - 2015-11-08 13:57 - 867026989 _____ C:\Users\Gio\Downloads\HDRI-sun-clouds.rar
2015-11-08 13:44 - 2015-11-08 13:44 - 17433785 _____ C:\Users\Gio\Downloads\HDR_029_Sky_Cloudy_Free.zip
2015-11-08 12:56 - 2015-11-08 12:56 - 05261111 _____ C:\Users\Gio\Downloads\Kamen.zip
2015-11-08 12:01 - 2015-11-08 12:01 - 509023497 _____ C:\Users\Gio\Downloads\3ds.zip
2015-11-07 11:26 - 2015-11-07 11:26 - 00766693 _____ C:\Users\Gio\Downloads\Genetica Texture Pack 4 - Planet & Terrain.zip
2015-11-07 11:26 - 2015-11-07 11:26 - 00030148 _____ C:\Users\Gio\Downloads\Texture Pack 001 - JPEG.torrent
2015-11-07 10:06 - 2015-11-07 10:06 - 00064347 _____ C:\Users\Gio\Downloads\[rutracker.org].t4418813.torrent
2015-11-07 10:06 - 2015-11-07 10:06 - 00031094 _____ C:\Users\Gio\Downloads\[rutracker.org].t4258100.torrent
2015-11-07 09:54 - 2015-11-07 09:54 - 00094168 _____ C:\Users\Gio\Downloads\[rutracker.org].t4094770.torrent
2015-11-07 09:54 - 2015-11-07 09:54 - 00045879 _____ C:\Users\Gio\Downloads\[rutracker.org].t3387637.torrent
2015-11-07 09:54 - 2015-11-07 09:54 - 00012784 _____ C:\Users\Gio\Downloads\[rutracker.org].t4084723.torrent
2015-11-07 09:52 - 2015-11-07 09:52 - 00073409 _____ C:\Users\Gio\Downloads\[rutracker.org].t4112378.torrent
2015-11-07 09:36 - 2015-11-07 09:36 - 00109127 _____ C:\Users\Gio\Downloads\[rutracker.org].t4783335.torrent
2015-11-07 09:35 - 2015-11-07 09:35 - 00012944 _____ C:\Users\Gio\Downloads\[rutracker.org].t2211268.torrent
2015-11-07 09:32 - 2015-11-07 09:32 - 00016374 _____ C:\Users\Gio\Downloads\[rutracker.org].t4867445.torrent
2015-11-07 09:30 - 2015-11-07 09:30 - 00020529 _____ C:\Users\Gio\Downloads\[rutracker.org].t4881761.torrent
2015-11-07 09:27 - 2015-11-07 09:27 - 00017070 _____ C:\Users\Gio\Downloads\[rutracker.org].t5004248.torrent
2015-11-07 09:27 - 2015-11-07 09:27 - 00016190 _____ C:\Users\Gio\Downloads\[rutracker.org].t5004443.torrent
2015-11-07 09:26 - 2015-11-07 09:26 - 00175012 _____ C:\Users\Gio\Downloads\[rutracker.org].t5095159.torrent
2015-11-07 09:26 - 2015-11-07 09:26 - 00050862 _____ C:\Users\Gio\Downloads\[rutracker.org].t5093599.torrent
2015-11-07 09:26 - 2015-11-07 09:26 - 00013455 _____ C:\Users\Gio\Downloads\[rutracker.org].t5003979.torrent
2015-11-07 07:36 - 2015-11-07 07:36 - 02471028 _____ C:\Users\Gio\Downloads\final-scene.zip
2015-11-07 07:36 - 2015-11-07 07:36 - 01854694 _____ C:\Users\Gio\Downloads\glass-liquid-final-vray3.zip
2015-11-07 03:29 - 2015-11-07 03:29 - 00029613 _____ C:\Users\Gio\Downloads\[kat.cr]aleso3d.vray.interior.lighting.torrent
2015-11-04 14:37 - 2015-11-04 15:23 - 04047696 _____ C:\Users\Gio\Documents\Proeqt1.pln
2015-11-04 14:37 - 2015-11-04 15:21 - 04055184 _____ C:\Users\Gio\Documents\Proeqt1.bpn
2015-11-04 05:15 - 2015-11-05 09:37 - 00000000 ____D C:\Users\Gio\AppData\Local\VirtualStore
2015-11-04 05:15 - 2015-11-04 05:15 - 00000118 _____ C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-04 04:16 - 2015-11-04 04:16 - 03700400 _____ C:\Users\Gio\Documents\Proeqt.pln
2015-11-04 02:27 - 2015-11-12 02:47 - 00000000 ____D C:\Users\Gio\Graphisoft
2015-11-04 02:27 - 2015-11-12 00:58 - 00000000 ____D C:\Users\Gio\Documents\BIMx
2015-11-04 02:27 - 2015-11-04 02:27 - 00000000 ____D C:\Users\Gio\AppData\Roaming\Graphisoft
2015-11-04 02:27 - 2015-11-04 02:27 - 00000000 ____D C:\Users\Gio\AppData\Local\Graphisoft
2015-11-04 02:26 - 2015-11-04 02:26 - 00001191 _____ C:\Users\Public\Desktop\BIMx for ArchiCAD 18.lnk
2015-11-04 02:26 - 2015-11-04 02:26 - 00001016 _____ C:\Users\Public\Desktop\ArchiCAD 18.lnk
2015-11-04 02:26 - 2015-11-04 02:26 - 00000000 ____D C:\ProgramData\CodeMeter
2015-11-04 02:26 - 2015-11-04 02:26 - 00000000 ____D C:\Program Files\CodeMeter
2015-11-04 02:26 - 2015-11-04 02:26 - 00000000 ____D C:\Program Files (x86)\CodeMeter
2015-11-04 02:25 - 2015-11-04 02:25 - 00008108 _____ C:\Windows\vpd.properties
2015-11-04 02:25 - 2015-11-04 02:25 - 00000000 ____D C:\Program Files\GRAPHISOFT
2015-11-04 02:18 - 2015-11-04 02:26 - 00000000 ____D C:\Users\Gio\AppData\Roaming\Install.GS
2015-11-04 02:18 - 2013-08-06 16:19 - 00595618 _____ C:\Users\Gio\AppData\Local\libcurl-4.dll
2015-11-04 02:18 - 2010-06-05 09:00 - 00042496 _____ (Open Source Software community project) C:\Users\Gio\AppData\Local\pthreadGC2-w64.dll
2015-11-04 02:05 - 2015-11-04 02:05 - 00012742 _____ C:\Users\Gio\Downloads\Graphisoft-ArchiCAD-18.torrent
2015-11-02 10:49 - 2015-11-02 10:49 - 00020578 _____ C:\Users\Gio\Downloads\torrent_4866762 %5B7tor.org%5D.torrent
2015-10-31 15:09 - 2015-10-31 15:10 - 40442559 _____ C:\Users\Gio\Downloads\D8_FumeFX_Looper.rar
2015-10-31 14:27 - 2015-10-31 14:27 - 12260023 _____ C:\Users\Gio\Downloads\YUDO.TV_C4D_PROJECTS.rar
2015-10-31 08:33 - 2015-10-31 08:33 - 15085792 _____ C:\Users\Gio\Downloads\Tiner_Shaders.rar
2015-10-30 13:44 - 2015-10-30 13:44 - 00002720 _____ C:\Users\Gio\Downloads\3D Artist - Issue 83 2015 (True PDF) ---[www.bts.to]--- .torrent
2015-10-29 09:50 - 2015-10-29 09:50 - 02349405 _____ C:\Users\Gio\Downloads\Polymodeling_chapter5_files.zip
2015-10-27 08:33 - 2015-10-27 08:33 - 00055945 _____ C:\Users\Gio\Downloads\[rutracker.org].t4548643.torrent
2015-10-27 08:33 - 2015-10-27 08:33 - 00013833 _____ C:\Users\Gio\Downloads\[rutracker.org].t4540133.torrent
2015-10-27 08:29 - 2015-10-27 08:29 - 00171841 _____ C:\Users\Gio\Downloads\[rutracker.org].t4635219.torrent
2015-10-27 08:17 - 2015-10-27 08:17 - 00024962 _____ C:\Users\Gio\Downloads\[kat.cr]digital.tutors.mixed.modeling.techniques.in.3ds.max.2012.sum1.here.torrent
2015-10-27 08:04 - 2015-10-27 08:04 - 00018013 _____ C:\Users\Gio\Downloads\[rutracker.org].t4312296.torrent
2015-10-27 08:04 - 2015-10-27 08:04 - 00016005 _____ C:\Users\Gio\Downloads\[rutracker.org].t4800584.torrent
2015-10-27 08:02 - 2015-10-27 08:02 - 00013572 _____ C:\Users\Gio\Downloads\grant-warwick-mastering-vray-lessons-10.torrent
2015-10-27 07:59 - 2015-10-27 07:59 - 00155805 _____ C:\Users\Gio\Downloads\3dmotive-organic-polypainting-in-zbrush-vol-1.torrent
2015-10-27 07:59 - 2015-10-27 07:59 - 00093650 _____ C:\Users\Gio\Downloads\zbrushworkshops-female-face-sculpting-with-steve-lord.torrent
2015-10-27 07:59 - 2015-10-27 07:59 - 00036241 _____ C:\Users\Gio\Downloads\methods-for-creating-a-low-poly-portrait-in-illustrator.torrent
2015-10-27 07:57 - 2015-10-27 07:57 - 00119216 _____ C:\Users\Gio\Downloads\cubebrush-high-poly-character-design.torrent
2015-10-27 07:57 - 2015-10-27 07:57 - 00020463 _____ C:\Users\Gio\Downloads\hazardousarts-sculpting.torrent
2015-10-27 07:56 - 2015-10-27 07:56 - 00038934 _____ C:\Users\Gio\Downloads\trey-ratcliffs-complete-hdr-tutorial.torrent
2015-10-27 07:55 - 2015-10-27 07:55 - 00699278 _____ C:\Users\Gio\Downloads\gumroad-likeness-sculpting-by-frank-tzeng.torrent
2015-10-27 07:55 - 2015-10-27 07:55 - 00021482 _____ C:\Users\Gio\Downloads\gumroad-josh-p.-crockett-introduction-to-creature-sculpting-grey-alien.torrent
2015-10-27 07:45 - 2015-10-27 07:45 - 00706133 _____ C:\Users\Gio\Downloads\uartsy-character-pipeline-for-games.torrent
2015-10-27 07:44 - 2015-10-27 07:44 - 00062155 _____ C:\Users\Gio\Downloads\uroki_3d_modelirovaniya_ot_killerivanov.torrent
2015-10-27 07:44 - 2015-10-27 07:44 - 00048182 _____ C:\Users\Gio\Downloads\the-gnomon-workshop-efficient-cinematic-lighting-2.torrent
2015-10-27 07:43 - 2015-10-27 07:43 - 00021563 _____ C:\Users\Gio\Downloads\[rutracker.org].t4999313.torrent
2015-10-27 07:43 - 2015-10-27 07:43 - 00017479 _____ C:\Users\Gio\Downloads\[rutracker.org].t4928485.torrent
2015-10-27 07:42 - 2015-10-27 07:42 - 00020573 _____ C:\Users\Gio\Downloads\[rutracker.org].t5076014.torrent
2015-10-27 07:40 - 2015-10-27 07:40 - 00021491 _____ C:\Users\Gio\Downloads\[rutracker.org].t5047143.torrent
2015-10-27 07:39 - 2015-10-27 07:39 - 00071998 _____ C:\Users\Gio\Downloads\[rutracker.org].t1122621.torrent
2015-10-27 07:38 - 2015-10-27 07:38 - 00022277 _____ C:\Users\Gio\Downloads\[rutracker.org].t5041889.torrent
2015-10-27 07:31 - 2015-10-27 07:31 - 00022106 _____ C:\Users\Gio\Downloads\[rutracker.org].t4560852.torrent
2015-10-27 07:31 - 2015-10-27 07:31 - 00020921 _____ C:\Users\Gio\Downloads\[rutracker.org].t4560949.torrent
2015-10-27 07:31 - 2015-10-27 07:31 - 00017320 _____ C:\Users\Gio\Downloads\[rutracker.org].t4561531.torrent
2015-10-27 07:31 - 2015-10-27 07:31 - 00017077 _____ C:\Users\Gio\Downloads\[rutracker.org].t4560878.torrent
2015-10-27 07:31 - 2015-10-27 07:31 - 00016590 _____ C:\Users\Gio\Downloads\[rutracker.org].t4561559.torrent
2015-10-23 08:39 - 2015-10-23 08:39 - 00014772 _____ C:\Users\Gio\Downloads\45B4DF5ADC488ECB3B1E7AE033C5670BCA6CD67B.torrent
2015-10-23 02:21 - 2015-10-23 02:21 - 04507385 _____ C:\Users\Gio\Downloads\WinRAR 5.21 + Patch 5.x.x.32-64bit.MrSzzS 2015!!.zip
2015-10-23 02:06 - 2015-10-23 05:48 - 00000000 ____D C:\Program Files\Marvelous Designer 5 Personal
2015-10-23 02:06 - 2015-10-23 02:06 - 00000959 _____ C:\Users\Public\Desktop\Marvelous Designer 5 Personal.lnk
2015-10-23 02:06 - 2015-10-23 02:06 - 00000000 ____D C:\Users\Public\Documents\MD5
2015-10-21 13:15 - 2015-10-21 13:15 - 00023202 _____ C:\Users\Gio\Downloads\[videotuts.ru]_Digital-Tutors  Creative Development Mixed Modeling Techniques in 3ds Max 2012.torrent
2015-10-21 12:10 - 2015-10-21 12:10 - 04274261 _____ C:\Users\Gio\Downloads\5SRW-Program-Brochure (1).zip
2015-10-20 05:44 - 2015-10-20 05:44 - 00026261 _____ C:\Users\Gio\Downloads\elephorm-3-d-studio-max-vol-3-eclairage-materiaux-et-rendu.torrent
2015-10-20 05:43 - 2015-10-20 05:43 - 00015448 _____ C:\Users\Gio\Downloads\viscorbel-creating-v-ray-materials-vol3.torrent
2015-10-20 05:39 - 2015-10-20 05:39 - 00059078 _____ C:\Users\Gio\Downloads\v-ray-art-v-ray-interior-training-by-stanislav-orekhov.torrent
2015-10-20 05:24 - 2015-10-20 05:24 - 00033198 _____ C:\Users\Gio\Downloads\[rutracker.org].t3999589.torrent
2015-10-20 05:24 - 2015-10-20 05:24 - 00027241 _____ C:\Users\Gio\Downloads\[rutracker.org].t4073144.torrent
2015-10-20 05:24 - 2015-10-20 05:24 - 00020342 _____ C:\Users\Gio\Downloads\[rutracker.org].t3938438.torrent
2015-10-20 05:24 - 2015-10-20 05:24 - 00016973 _____ C:\Users\Gio\Downloads\[rutracker.org].t3986380.torrent
2015-10-20 05:24 - 2015-10-20 05:24 - 00014965 _____ C:\Users\Gio\Downloads\[rutracker.org].t3815552.torrent
2015-10-20 05:23 - 2015-10-20 05:23 - 00030944 _____ C:\Users\Gio\Downloads\[rutracker.org].t4058431.torrent
2015-10-20 05:23 - 2015-10-20 05:23 - 00022806 _____ C:\Users\Gio\Downloads\[rutracker.org].t4147448.torrent
2015-10-20 05:23 - 2015-10-20 05:23 - 00022690 _____ C:\Users\Gio\Downloads\[rutracker.org].t4121743.torrent
2015-10-20 05:23 - 2015-10-20 05:23 - 00015320 _____ C:\Users\Gio\Downloads\[rutracker.org].t4177951.torrent
2015-10-20 05:22 - 2015-10-20 05:22 - 00017408 _____ C:\Users\Gio\Downloads\[rutracker.org].t4220929.torrent
2015-10-20 05:22 - 2015-10-20 05:22 - 00015323 _____ C:\Users\Gio\Downloads\[rutracker.org].t4277151.torrent
2015-10-20 05:21 - 2015-10-20 05:21 - 00030418 _____ C:\Users\Gio\Downloads\[rutracker.org].t4348781.torrent
2015-10-20 05:21 - 2015-10-20 05:21 - 00021216 _____ C:\Users\Gio\Downloads\[rutracker.org].t4384900.torrent
2015-10-20 05:21 - 2015-10-20 05:21 - 00021050 _____ C:\Users\Gio\Downloads\[rutracker.org].t4481321.torrent
2015-10-20 05:21 - 2015-10-20 05:21 - 00018124 _____ C:\Users\Gio\Downloads\[rutracker.org].t4412708.torrent
2015-10-20 05:21 - 2015-10-20 05:21 - 00018070 _____ C:\Users\Gio\Downloads\[rutracker.org].t4624618.torrent
2015-10-20 05:20 - 2015-10-20 05:20 - 00012363 _____ C:\Users\Gio\Downloads\[rutracker.org].t4978416.torrent
2015-10-20 05:19 - 2015-10-20 05:19 - 00014461 _____ C:\Users\Gio\Downloads\[rutracker.org].t5003450.torrent
2015-10-19 14:19 - 2015-10-19 14:19 - 00002560 _____ C:\Users\Gio\Desktop\Norton Security with Backup.lnk
2015-10-19 11:42 - 2015-10-19 11:42 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security with Backup
2015-10-18 10:30 - 2015-10-18 10:30 - 03634193 _____ C:\Users\Gio\Downloads\Vray_grass.rar
2015-10-18 08:13 - 2015-10-19 11:42 - 00003240 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-10-18 08:13 - 2015-10-19 11:42 - 00002448 _____ C:\Users\Public\Desktop\Norton Security with Backup.LNK
2015-10-18 08:13 - 2015-10-18 13:32 - 00111344 _____ (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2015-10-18 08:13 - 2015-10-18 13:32 - 00008214 _____ C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
2015-10-18 08:13 - 2015-10-18 08:13 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-10-18 08:12 - 2015-10-19 11:42 - 00000000 ____D C:\Windows\System32\Drivers\NSBUx64
2015-10-18 08:12 - 2015-10-18 08:12 - 00000000 ____D C:\Program Files (x86)\Norton Security with Backup
2015-10-18 08:09 - 2015-10-18 08:10 - 129868680 _____ (Symantec Corporation) C:\Users\Gio\Downloads\NSBU-TW-22.5.0-EN-US.exe
2015-10-18 07:09 - 2015-10-18 07:16 - 84314641 _____ C:\Users\Gio\Downloads\ajl6a.Norton.Security.with.Backup.2015.22.5.4.24..Trial.ResetterFL.rar
2015-10-18 06:52 - 2015-10-18 06:52 - 01201328 _____ (Symantec Corporation) C:\Users\Gio\Downloads\AutoDetectPkg.exe
2015-10-18 06:38 - 2015-10-18 06:38 - 00000000 ____D C:\Windows\System32\Drivers\NSTx64
2015-10-18 06:38 - 2015-10-18 06:38 - 00000000 ____D C:\Program Files (x86)\Norton Identity Safe
2015-10-17 10:47 - 2015-10-17 10:47 - 00017700 _____ C:\Users\Gio\Downloads\sculpting-integration-concepts-for-3ds-max-and-mudbox-[torrentino].torrent
2015-10-17 10:45 - 2015-10-17 10:45 - 00021145 _____ C:\Users\Gio\Downloads\unleashing-the-power-of-v-ray-[torrentino].torrent
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-03-01 11:10 - 2014-12-01 12:58 - 00003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F91393ED-EBB5-497D-BF10-C3273B42CC9C}
2015-11-13 18:50 - 2015-09-27 11:47 - 00000000 ____D C:\Games
2015-11-13 18:40 - 2014-12-01 10:32 - 00000000 ____D C:\users\Gio
2015-11-13 18:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2015-11-13 16:58 - 2010-11-20 23:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-13 08:47 - 2015-02-07 06:55 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2015-11-13 08:31 - 2014-12-01 10:44 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-13 08:25 - 2015-02-09 12:16 - 00000000 ____D C:\Users\Gio\AppData\Local\CrashDumps
2015-11-13 06:26 - 2009-07-13 20:45 - 00026352 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-13 06:26 - 2009-07-13 20:45 - 00026352 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-13 06:25 - 2009-07-13 21:13 - 00792464 _____ C:\Windows\System32\PerfStringBackup.INI
2015-11-13 06:22 - 2014-12-01 10:35 - 01206264 _____ C:\Windows\WindowsUpdate.log
2015-11-13 06:19 - 2015-09-11 04:48 - 00002436 _____ C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5_user.job
2015-11-13 06:19 - 2015-09-11 04:48 - 00002436 _____ C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.job
2015-11-13 06:19 - 2014-12-01 18:28 - 00042496 _____ (secr9tos) C:\Windows\System32\Drivers\oem-drv64.sys
2015-11-13 06:19 - 2014-12-01 10:44 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-13 06:19 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-13 06:19 - 2009-07-13 20:51 - 00071188 _____ C:\Windows\setupact.log
2015-11-12 18:20 - 2014-12-01 15:16 - 00000000 ____D C:\Users\Gio\AppData\Roaming\uTorrent
2015-11-12 18:00 - 2014-12-01 15:42 - 00000000 ____D C:\Users\Gio\AppData\Local\Adobe
2015-11-11 07:35 - 2014-12-01 10:44 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-11 06:50 - 2010-11-20 19:47 - 11353598 _____ C:\Windows\PFRO.log
2015-11-09 10:31 - 2015-04-30 03:47 - 00004483 _____ C:\Users\Gio\Desktop\New Text Document (2).txt
2015-11-07 11:45 - 2015-07-27 05:53 - 00001456 _____ C:\Users\Gio\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-11-05 07:33 - 2014-12-01 13:01 - 00003826 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1417467685
2015-11-05 07:33 - 2014-12-01 13:01 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-04 05:33 - 2014-12-03 11:20 - 00000000 ____D C:\Users\Gio\AppData\Roaming\DMCache
2015-11-04 05:27 - 2015-08-29 13:10 - 00000000 ____D C:\Users\Gio\Documents\SCANIA Truck Driving Simulator
2015-11-04 02:27 - 2014-12-01 12:03 - 00000000 ____D C:\Users\Gio\AppData\Roaming\MAXON
2015-11-03 16:17 - 2015-02-07 06:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-03 15:15 - 2015-01-15 10:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-03 13:24 - 2015-07-15 07:42 - 00000000 ____D C:\Users\Gio\ARIAConverted
2015-11-02 15:36 - 2015-01-26 04:18 - 00000000 ____D C:\Users\Gio\Documents\Euro Truck Simulator 2
2015-11-01 15:57 - 2014-12-03 11:20 - 00000000 ___HD C:\Users\Gio\Downloads\Video
2015-10-31 08:13 - 2014-12-01 15:17 - 00000000 ____D C:\Users\Gio\AppData\Roaming\Skype
2015-10-30 05:58 - 2015-05-10 06:18 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-27 07:15 - 2015-02-25 05:12 - 00000000 ____D C:\Windows\pss
2015-10-27 07:13 - 2015-03-14 13:10 - 00000000 ____D C:\Users\Gio\.VirtualBox
2015-10-27 07:13 - 2015-02-01 06:10 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-27 07:13 - 2014-12-12 22:35 - 00000000 ___RD C:\Users\Gio\Creative Cloud Files
2015-10-27 07:12 - 2015-06-28 12:55 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-10-23 02:22 - 2014-12-01 12:02 - 00000000 ____D C:\Program Files\WinRAR
2015-10-23 02:04 - 2014-12-03 11:20 - 00000000 ____D C:\Users\Gio\Downloads\Compressed
2015-10-22 07:48 - 2015-08-21 04:52 - 00000000 ____D C:\Users\Gio\Downloads\Adobe After Effects Auto-Save
2015-10-21 05:02 - 2014-12-04 10:40 - 00000000 ____D C:\Users\Gio\AppData\Local\Akamai
2015-10-19 11:38 - 2014-12-03 11:20 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2015-10-18 08:12 - 2014-12-01 10:46 - 00000000 ____D C:\ProgramData\Norton
 
Some files in TEMP:
====================
C:\Users\Gio\AppData\Local\Temp\_is4A4B.exe
 
 
==================== Known DLLs (Whitelisted) =========================
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
nointegritychecks: ==> "IntegrityChecks" is disabled. <===== ATTENTION
 
==================== EXE Association (Whitelisted) =============
 
 
==================== Restore Points =========================
 
Restore point date: 2015-11-13 08:54
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
resumeobject            {f545a331-79ca-11e4-9040-a36a18e11033}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
loadoptions             DDISABLE_INTEGRITY_CHECKS
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
nointegritychecks       Yes
testsigning             No
osdevice                partition=C:
systemroot              \Windows
kernel                  xNtKrnl.exe
resumeobject            {f545a331-79ca-11e4-9040-a36a18e11033}
nx                      OptIn
custom:26000027         Yes
 
Windows Boot Loader
-------------------
identifier              {current}
device                  ramdisk=[C:]\Recovery\f545a333-79ca-11e4-9040-a36a18e11033\Winre.wim,{f545a334-79ca-11e4-9040-a36a18e11033}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\f545a333-79ca-11e4-9040-a36a18e11033\Winre.wim,{f545a334-79ca-11e4-9040-a36a18e11033}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {f545a331-79ca-11e4-9040-a36a18e11033}
device                  partition=C:
path                    \Windows\System32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {f545a334-79ca-11e4-9040-a36a18e11033}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\f545a333-79ca-11e4-9040-a36a18e11033\boot.sdi
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 7%
Total physical RAM: 16261.03 MB
Available physical RAM: 15067.56 MB
Total Virtual: 16259.23 MB
Available Virtual: 15080.41 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.79 GB) (Free:3.23 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (New Volume) (Fixed) (Total:433.17 GB) (Free:3.76 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Media) (Fixed) (Total:498.34 GB) (Free:1.11 GB) NTFS
Drive f: (20.12.Ult.Eng) (CDROM) (Total:4 GB) (Free:0 GB) UDF
Drive g: (IOANE) (Removable) (Total:14.52 GB) (Free:14.52 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 1A31AD76)
Partition 1: (Active) - (Size=232.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2E36CC17)
Partition 1: (Active) - (Size=433.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=498.3 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 14.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=14.5 GB) - (Type=0C)
 
 
LastRegBack: 2015-11-10 10:19
 
==================== End of FRST.txt ============================

 


#6 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:29 AM

Posted 15 November 2015 - 11:33 AM

Hi there,

I made an error in the fixlist - please download the one attached to this post and repeat the steps.

Regards,
Alex

#7 prescott1

prescott1
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 15 November 2015 - 11:42 AM

Windows started successfully. Thank you very much.
You are hero. Thank you for your time and work again.

 

Here is fixlog
 

Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by SYSTEM (2015-11-15 20:37:30) Run:2
Running from g:\
Boot Mode: Recovery
==============================================
 
fixlist content:
*****************
cmd: BCDEDIT /deletevalue {default} kernel
*****************
 
 
=========  BCDEDIT /deletevalue {default} kernel =========
 
The operation completed successfully.
 
========= End of CMD: =========
 
 
==== End of Fixlog 20:37:30 ====


#8 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:29 AM

Posted 15 November 2015 - 11:43 AM

Hello,

Please create a new set of FRST logs in Normal Mode with List BCD and Addition.txt checked :)

Regards,
Alex

#9 prescott1

prescott1
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 15 November 2015 - 12:00 PM

There are logs

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Gio (administrator) on GIO-PC (15-11-2015 20:46:13)
Running from H:\
Loaded Profiles: Gio (Available Profiles: Gio)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\nsbu.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\nsbu.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Vimicro) C:\Windows\vmsnap3.exe
() C:\Windows\Domino.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUpd.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [VMSnap3] => C:\Windows\VMSnap3.exe [49152 2006-07-18] (Vimicro)
HKLM\...\Run: [Domino] => C:\Windows\Domino.exe [49152 2006-07-04] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7640944 2014-12-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-12-01] (Intel Corporation)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Policies\Explorer: [NofolderOptions] 0
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1193352 2014-02-08] (Autodesk, Inc.)
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
Lsa: [Notification Packages] scecli ScSecAuth
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2011-05-30] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2015-11-04]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog9 01 C:\Windows\SysWOW64\sslsp105.dll [74352 2015-03-12] (SumRando)
Winsock: Catalog9 02 C:\Windows\SysWOW64\sslsp105.dll [74352 2015-03-12] (SumRando)
Winsock: Catalog9 13 C:\Windows\SysWOW64\sslsp105.dll [74352 2015-03-12] (SumRando)
Winsock: Catalog9-x64 01 C:\Windows\system32\sslsp105.dll [75888 2015-03-12] (SumRando)
Winsock: Catalog9-x64 02 C:\Windows\system32\sslsp105.dll [75888 2015-03-12] (SumRando)
Winsock: Catalog9-x64 13 C:\Windows\system32\sslsp105.dll [75888 2015-03-12] (SumRando)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{4F3C3288-F1E6-4E98-AD7F-B6047FB19713}: [NameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{9DB78E5B-565D-40BE-9F00-43B3473D9F85}: [NameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{AA476EBD-85D2-4719-9E47-A68FC2EEE0F5}: [DhcpNameServer] 192.168.100.1
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
URLSearchHook: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> DefaultScope {B9A62B51-034F-4746-9AC1-ECA278687F5A} URL = hxxps://uk.search.yahoo.com/search?fr=mcafee&type=B010GB0D20141202&p={searchTerms}
SearchScopes: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NSBU&chn=oem&geo=GB&ver=22&locale=en_GB&gct=sb&qsrc=2869
SearchScopes: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> {B9A62B51-034F-4746-9AC1-ECA278687F5A} URL = hxxps://uk.search.yahoo.com/search?fr=mcafee&type=B010GB0D20141202&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2011-07-06] (Internet Download Manager, Tonec Inc.)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2011-07-06] (Internet Download Manager, Tonec Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Gio\AppData\Roaming\Mozilla\Firefox\Profiles\fzt6e8c5.default-1441970820133
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll [2014-12-02] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2015-07-10] (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-423546431-4035410846-4171816442-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Gio\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-12] (Citrix Online)
FF Plugin HKU\S-1-5-21-423546431-4035410846-4171816442-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-18] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Gio\AppData\Roaming\Mozilla\Firefox\Profiles\fzt6e8c5.default-1441970820133\searchplugins\McSiteAdvisor.xml [2015-11-13]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-01-03]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-09-07]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.0.124\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.0.124\coFFAddon [2015-11-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2015-05-10] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn => not found
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.0.124\coFFAddon
FF HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Gio\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Gio\AppData\Roaming\IDM\idmmzcc5 [2014-12-03] [not signed]
FF HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Gio\AppData\Roaming\IDM\idmmzcc5
 
Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Norton Security Toolbar) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-10-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-09]
CHR Extension: (Block site) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2015-07-28]
CHR Extension: (SiteAdvisor) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-02]
CHR Extension: (Color Piano!) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh [2015-07-27]
CHR Extension: (Norton Identity Safe) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-10-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Internet Download Manager PRO) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodeniaihllgjlnaphebjhloddeidefi [2015-11-14]
CHR Extension: (Gmail) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-10-02]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] -  <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-10-02]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] -  <not found>
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-01-28] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe [389944 2014-05-08] (ASUSTeK Computer Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2015-01-25] (Macrovision Europe Ltd.) [File not signed]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-06-03] (Futuremark)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-03-10] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [154856 2015-09-28] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R2 NSBU; C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\NSBU.exe [282016 2015-09-24] (Symantec Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-12-03] ()
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-04-01] (CyberLink)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [328992 2008-07-11] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [226592 2008-07-11] (SafeNet, Inc)
S3 SumRandoVPNService; C:\Program Files (x86)\SumRando\SumRando\misc\vpnmanagesvc.exe [108144 2015-03-12] (SumRando) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 ScProxySrv; "C:\Program Files\Quick Heal\Quick Heal AntiVirus Pro\ScProxySrv.exe" [X]
S2 ScSecSvc; "C:\Program Files\Quick Heal\Quick Heal AntiVirus Pro\ScSecSvc.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-12-01] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-02-15] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\BASHDefs\20151102.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R1 ccSet_NSBU; C:\Windows\system32\drivers\NSBUx64\1605040.018\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-10-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-10-17] (Symantec Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-11-13] ()
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\IPSDefs\20151112.001\IDSvia64.sys [767224 2015-10-20] (Symantec Corporation)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-05-03] (ASUSTeK Computer Inc.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-02-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-11-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 MbswMailbox; C:\Program Files (x86)\ASUS\AI Suite III\690b33e1-0462-4e84-9bea-c7552b45432a.sys [17208 2015-04-17] ()
R3 NAVENG; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\VirusDefs\20151112.032\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\VirusDefs\20151112.032\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0032.sys [28768 2015-04-08] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 NPF; C:\Windows\SysWOW64\drivers\npf.sys [42512 2015-01-16] (CACE Technologies)
S3 PPJoyBus; C:\Windows\System32\DRIVERS\PPJoyBus64.sys [20032 2009-11-04] (Deon van der Westhuysen)
S3 PPortJoystick; C:\Windows\System32\DRIVERS\PPortJoy64.sys [39488 2009-11-04] (Deon van der Westhuysen)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\NSBUx64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSBUx64\1605040.018\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSBUx64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-10-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSBUx64\1605040.018\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSBUx64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-01-23] (Spotflux, Inc.)
R3 tun3326; C:\Windows\System32\DRIVERS\tun3326.sys [32368 2013-03-22] (The OpenVPN Project)
R3 vvftav303; C:\Windows\System32\drivers\vvftav303.sys [308096 2007-06-23] (Vimicro Corporation)
R2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2011-06-23] (Windows ® Win 7 DDK provider)
R3 ZSMC0303; C:\Windows\System32\Drivers\usbVM303.sys [1494656 2007-03-25] (Vimicro Corporation)
S1 bsfs; system32\DRIVERS\bsfs.sys [X]
S3 cpuz137; \??\C:\Users\Gio\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 ggc; system32\DRIVERS\ggc.sys [X]
S1 nethfdrv; \??\C:\Windows\system32\drivers\nethfdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WolfVision Video Capture II; system32\DRIVERS\WolfVZCamera2.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-15 00:08 - 2015-11-15 20:46 - 00000000 ____D C:\FRST
2015-11-13 16:50 - 2015-11-13 16:51 - 00043664 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2015-11-13 15:56 - 2015-11-13 15:56 - 11324802 _____ C:\Users\Gio\Downloads\Popcorn_Lobby.zip
2015-11-13 14:24 - 2015-11-13 14:25 - 53433992 _____ C:\Users\Gio\Downloads\Thinkbox_KrakatoaMX_2.4.1_x64.rar
2015-11-13 14:19 - 2015-11-13 14:19 - 00000000 ____H C:\ProgramData\cm-lock
2015-11-12 18:24 - 2015-11-12 18:24 - 00000000 ____D C:\Users\Gio\AppData\LocalLow\uTorrent
2015-11-12 17:14 - 2015-11-12 17:14 - 01517205 _____ C:\Users\Gio\Downloads\BerconMaps_3_04.zip
2015-11-12 09:32 - 2015-11-15 20:45 - 00000550 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-423546431-4035410846-4171816442-1000.job
2015-11-12 09:32 - 2015-11-13 15:11 - 00000646 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-423546431-4035410846-4171816442-1000.job
2015-11-12 09:32 - 2015-11-12 09:32 - 00003664 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-423546431-4035410846-4171816442-1000
2015-11-12 09:32 - 2015-11-12 09:32 - 00003568 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-423546431-4035410846-4171816442-1000
2015-11-12 09:32 - 2015-11-12 09:32 - 00000000 ____D C:\Users\Gio\AppData\Local\Citrix
2015-11-10 20:40 - 2015-11-10 20:40 - 00042962 _____ C:\Users\Gio\Downloads\Calculus I  with Professor Richard Delaware Online Course Video Lectures_1288506171.torrent
2015-11-09 18:57 - 2015-11-09 18:57 - 00033185 _____ C:\Users\Gio\Downloads\[videotuts.ru]_Modelling the Audi R8.torrent
2015-11-09 18:55 - 2015-11-09 18:55 - 00030879 _____ C:\Users\Gio\Downloads\[videotuts.ru]_Viscorbel - Creating V-Ray Materials_Vol1.torrent
2015-11-09 18:04 - 2015-11-09 18:04 - 00055348 _____ C:\Users\Gio\Downloads\[rutracker.org].t4608494.torrent
2015-11-08 21:47 - 2015-11-08 21:57 - 867026989 _____ C:\Users\Gio\Downloads\HDRI-sun-clouds.rar
2015-11-08 21:44 - 2015-11-08 21:44 - 17433785 _____ C:\Users\Gio\Downloads\HDR_029_Sky_Cloudy_Free.zip
2015-11-08 20:56 - 2015-11-08 20:56 - 05261111 _____ C:\Users\Gio\Downloads\Kamen.zip
2015-11-08 20:01 - 2015-11-08 20:01 - 509023497 _____ C:\Users\Gio\Downloads\3ds.zip
2015-11-07 19:26 - 2015-11-07 19:26 - 00766693 _____ C:\Users\Gio\Downloads\Genetica Texture Pack 4 - Planet & Terrain.zip
2015-11-07 19:26 - 2015-11-07 19:26 - 00030148 _____ C:\Users\Gio\Downloads\Texture Pack 001 - JPEG.torrent
2015-11-07 18:06 - 2015-11-07 18:06 - 00064347 _____ C:\Users\Gio\Downloads\[rutracker.org].t4418813.torrent
2015-11-07 18:06 - 2015-11-07 18:06 - 00031094 _____ C:\Users\Gio\Downloads\[rutracker.org].t4258100.torrent
2015-11-07 17:54 - 2015-11-07 17:54 - 00094168 _____ C:\Users\Gio\Downloads\[rutracker.org].t4094770.torrent
2015-11-07 17:54 - 2015-11-07 17:54 - 00045879 _____ C:\Users\Gio\Downloads\[rutracker.org].t3387637.torrent
2015-11-07 17:54 - 2015-11-07 17:54 - 00012784 _____ C:\Users\Gio\Downloads\[rutracker.org].t4084723.torrent
2015-11-07 17:52 - 2015-11-07 17:52 - 00073409 _____ C:\Users\Gio\Downloads\[rutracker.org].t4112378.torrent
2015-11-07 17:36 - 2015-11-07 17:36 - 00109127 _____ C:\Users\Gio\Downloads\[rutracker.org].t4783335.torrent
2015-11-07 17:35 - 2015-11-07 17:35 - 00012944 _____ C:\Users\Gio\Downloads\[rutracker.org].t2211268.torrent
2015-11-07 17:32 - 2015-11-07 17:32 - 00016374 _____ C:\Users\Gio\Downloads\[rutracker.org].t4867445.torrent
2015-11-07 17:30 - 2015-11-07 17:30 - 00020529 _____ C:\Users\Gio\Downloads\[rutracker.org].t4881761.torrent
2015-11-07 17:27 - 2015-11-07 17:27 - 00017070 _____ C:\Users\Gio\Downloads\[rutracker.org].t5004248.torrent
2015-11-07 17:27 - 2015-11-07 17:27 - 00016190 _____ C:\Users\Gio\Downloads\[rutracker.org].t5004443.torrent
2015-11-07 17:26 - 2015-11-07 17:26 - 00175012 _____ C:\Users\Gio\Downloads\[rutracker.org].t5095159.torrent
2015-11-07 17:26 - 2015-11-07 17:26 - 00050862 _____ C:\Users\Gio\Downloads\[rutracker.org].t5093599.torrent
2015-11-07 17:26 - 2015-11-07 17:26 - 00013455 _____ C:\Users\Gio\Downloads\[rutracker.org].t5003979.torrent
2015-11-07 15:36 - 2015-11-07 15:36 - 02471028 _____ C:\Users\Gio\Downloads\final-scene.zip
2015-11-07 15:36 - 2015-11-07 15:36 - 01854694 _____ C:\Users\Gio\Downloads\glass-liquid-final-vray3.zip
2015-11-07 11:29 - 2015-11-07 11:29 - 00029613 _____ C:\Users\Gio\Downloads\[kat.cr]aleso3d.vray.interior.lighting.torrent
2015-11-04 22:37 - 2015-11-04 23:23 - 04047696 _____ C:\Users\Gio\Documents\Proeqt1.pln
2015-11-04 22:37 - 2015-11-04 23:21 - 04055184 _____ C:\Users\Gio\Documents\Proeqt1.bpn
2015-11-04 13:15 - 2015-11-05 17:37 - 00000000 ____D C:\Users\Gio\AppData\Local\VirtualStore
2015-11-04 13:15 - 2015-11-04 13:15 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-04 12:16 - 2015-11-04 12:16 - 03700400 _____ C:\Users\Gio\Documents\Proeqt.pln
2015-11-04 10:27 - 2015-11-12 10:47 - 00000000 ____D C:\Users\Gio\Graphisoft
2015-11-04 10:27 - 2015-11-12 08:58 - 00000000 ____D C:\Users\Gio\Documents\BIMx
2015-11-04 10:27 - 2015-11-04 10:27 - 00000000 ____D C:\Users\Gio\AppData\Roaming\Graphisoft
2015-11-04 10:27 - 2015-11-04 10:27 - 00000000 ____D C:\Users\Gio\AppData\Local\Graphisoft
2015-11-04 10:26 - 2015-11-04 10:26 - 00001191 _____ C:\Users\Public\Desktop\BIMx for ArchiCAD 18.lnk
2015-11-04 10:26 - 2015-11-04 10:26 - 00001016 _____ C:\Users\Public\Desktop\ArchiCAD 18.lnk
2015-11-04 10:26 - 2015-11-04 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter
2015-11-04 10:26 - 2015-11-04 10:26 - 00000000 ____D C:\ProgramData\CodeMeter
2015-11-04 10:26 - 2015-11-04 10:26 - 00000000 ____D C:\Program Files\CodeMeter
2015-11-04 10:26 - 2015-11-04 10:26 - 00000000 ____D C:\Program Files (x86)\CodeMeter
2015-11-04 10:25 - 2015-11-04 10:25 - 00008108 _____ C:\Windows\vpd.properties
2015-11-04 10:25 - 2015-11-04 10:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRAPHISOFT
2015-11-04 10:25 - 2015-11-04 10:25 - 00000000 ____D C:\Program Files\GRAPHISOFT
2015-11-04 10:18 - 2015-11-04 10:26 - 00000000 ____D C:\Users\Gio\AppData\Roaming\Install.GS
2015-11-04 10:18 - 2013-08-07 00:19 - 00595618 _____ C:\Users\Gio\AppData\Local\libcurl-4.dll
2015-11-04 10:18 - 2010-06-05 17:00 - 00042496 _____ (Open Source Software community project) C:\Users\Gio\AppData\Local\pthreadGC2-w64.dll
2015-11-04 10:05 - 2015-11-04 10:05 - 00012742 _____ C:\Users\Gio\Downloads\Graphisoft-ArchiCAD-18.torrent
2015-11-02 18:49 - 2015-11-02 18:49 - 00020578 _____ C:\Users\Gio\Downloads\torrent_4866762 %5B7tor.org%5D.torrent
2015-10-31 23:09 - 2015-10-31 23:10 - 40442559 _____ C:\Users\Gio\Downloads\D8_FumeFX_Looper.rar
2015-10-31 22:27 - 2015-10-31 22:27 - 12260023 _____ C:\Users\Gio\Downloads\YUDO.TV_C4D_PROJECTS.rar
2015-10-31 16:33 - 2015-10-31 16:33 - 15085792 _____ C:\Users\Gio\Downloads\Tiner_Shaders.rar
2015-10-30 21:44 - 2015-10-30 21:44 - 00002720 _____ C:\Users\Gio\Downloads\3D Artist - Issue 83 2015 (True PDF) ---[www.bts.to]--- .torrent
2015-10-29 17:50 - 2015-10-29 17:50 - 02349405 _____ C:\Users\Gio\Downloads\Polymodeling_chapter5_files.zip
2015-10-27 16:33 - 2015-10-27 16:33 - 00055945 _____ C:\Users\Gio\Downloads\[rutracker.org].t4548643.torrent
2015-10-27 16:33 - 2015-10-27 16:33 - 00013833 _____ C:\Users\Gio\Downloads\[rutracker.org].t4540133.torrent
2015-10-27 16:29 - 2015-10-27 16:29 - 00171841 _____ C:\Users\Gio\Downloads\[rutracker.org].t4635219.torrent
2015-10-27 16:17 - 2015-10-27 16:17 - 00024962 _____ C:\Users\Gio\Downloads\[kat.cr]digital.tutors.mixed.modeling.techniques.in.3ds.max.2012.sum1.here.torrent
2015-10-27 16:04 - 2015-10-27 16:04 - 00018013 _____ C:\Users\Gio\Downloads\[rutracker.org].t4312296.torrent
2015-10-27 16:04 - 2015-10-27 16:04 - 00016005 _____ C:\Users\Gio\Downloads\[rutracker.org].t4800584.torrent
2015-10-27 16:02 - 2015-10-27 16:02 - 00013572 _____ C:\Users\Gio\Downloads\grant-warwick-mastering-vray-lessons-10.torrent
2015-10-27 15:59 - 2015-10-27 15:59 - 00155805 _____ C:\Users\Gio\Downloads\3dmotive-organic-polypainting-in-zbrush-vol-1.torrent
2015-10-27 15:59 - 2015-10-27 15:59 - 00093650 _____ C:\Users\Gio\Downloads\zbrushworkshops-female-face-sculpting-with-steve-lord.torrent
2015-10-27 15:59 - 2015-10-27 15:59 - 00036241 _____ C:\Users\Gio\Downloads\methods-for-creating-a-low-poly-portrait-in-illustrator.torrent
2015-10-27 15:57 - 2015-10-27 15:57 - 00119216 _____ C:\Users\Gio\Downloads\cubebrush-high-poly-character-design.torrent
2015-10-27 15:57 - 2015-10-27 15:57 - 00020463 _____ C:\Users\Gio\Downloads\hazardousarts-sculpting.torrent
2015-10-27 15:56 - 2015-10-27 15:56 - 00038934 _____ C:\Users\Gio\Downloads\trey-ratcliffs-complete-hdr-tutorial.torrent
2015-10-27 15:55 - 2015-10-27 15:55 - 00699278 _____ C:\Users\Gio\Downloads\gumroad-likeness-sculpting-by-frank-tzeng.torrent
2015-10-27 15:55 - 2015-10-27 15:55 - 00021482 _____ C:\Users\Gio\Downloads\gumroad-josh-p.-crockett-introduction-to-creature-sculpting-grey-alien.torrent
2015-10-27 15:45 - 2015-10-27 15:45 - 00706133 _____ C:\Users\Gio\Downloads\uartsy-character-pipeline-for-games.torrent
2015-10-27 15:44 - 2015-10-27 15:44 - 00062155 _____ C:\Users\Gio\Downloads\uroki_3d_modelirovaniya_ot_killerivanov.torrent
2015-10-27 15:44 - 2015-10-27 15:44 - 00048182 _____ C:\Users\Gio\Downloads\the-gnomon-workshop-efficient-cinematic-lighting-2.torrent
2015-10-27 15:43 - 2015-10-27 15:43 - 00021563 _____ C:\Users\Gio\Downloads\[rutracker.org].t4999313.torrent
2015-10-27 15:43 - 2015-10-27 15:43 - 00017479 _____ C:\Users\Gio\Downloads\[rutracker.org].t4928485.torrent
2015-10-27 15:42 - 2015-10-27 15:42 - 00020573 _____ C:\Users\Gio\Downloads\[rutracker.org].t5076014.torrent
2015-10-27 15:40 - 2015-10-27 15:40 - 00021491 _____ C:\Users\Gio\Downloads\[rutracker.org].t5047143.torrent
2015-10-27 15:39 - 2015-10-27 15:39 - 00071998 _____ C:\Users\Gio\Downloads\[rutracker.org].t1122621.torrent
2015-10-27 15:38 - 2015-10-27 15:38 - 00022277 _____ C:\Users\Gio\Downloads\[rutracker.org].t5041889.torrent
2015-10-27 15:31 - 2015-10-27 15:31 - 00022106 _____ C:\Users\Gio\Downloads\[rutracker.org].t4560852.torrent
2015-10-27 15:31 - 2015-10-27 15:31 - 00020921 _____ C:\Users\Gio\Downloads\[rutracker.org].t4560949.torrent
2015-10-27 15:31 - 2015-10-27 15:31 - 00017320 _____ C:\Users\Gio\Downloads\[rutracker.org].t4561531.torrent
2015-10-27 15:31 - 2015-10-27 15:31 - 00017077 _____ C:\Users\Gio\Downloads\[rutracker.org].t4560878.torrent
2015-10-27 15:31 - 2015-10-27 15:31 - 00016590 _____ C:\Users\Gio\Downloads\[rutracker.org].t4561559.torrent
2015-10-23 16:39 - 2015-10-23 16:39 - 00014772 _____ C:\Users\Gio\Downloads\45B4DF5ADC488ECB3B1E7AE033C5670BCA6CD67B.torrent
2015-10-23 10:06 - 2015-10-23 13:48 - 00000000 ____D C:\Program Files\Marvelous Designer 5 Personal
2015-10-23 10:06 - 2015-10-23 10:06 - 00000959 _____ C:\Users\Public\Desktop\Marvelous Designer 5 Personal.lnk
2015-10-23 10:06 - 2015-10-23 10:06 - 00000000 ____D C:\Users\Public\Documents\MD5
2015-10-23 10:06 - 2015-10-23 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marvelous Designer 5 Personal
2015-10-21 21:15 - 2015-10-21 21:15 - 00023202 _____ C:\Users\Gio\Downloads\[videotuts.ru]_Digital-Tutors  Creative Development Mixed Modeling Techniques in 3ds Max 2012.torrent
2015-10-21 20:10 - 2015-10-21 20:10 - 04274261 _____ C:\Users\Gio\Downloads\5SRW-Program-Brochure (1).zip
2015-10-20 13:44 - 2015-10-20 13:44 - 00026261 _____ C:\Users\Gio\Downloads\elephorm-3-d-studio-max-vol-3-eclairage-materiaux-et-rendu.torrent
2015-10-20 13:43 - 2015-10-20 13:43 - 00015448 _____ C:\Users\Gio\Downloads\viscorbel-creating-v-ray-materials-vol3.torrent
2015-10-20 13:39 - 2015-10-20 13:39 - 00059078 _____ C:\Users\Gio\Downloads\v-ray-art-v-ray-interior-training-by-stanislav-orekhov.torrent
2015-10-20 13:24 - 2015-10-20 13:24 - 00033198 _____ C:\Users\Gio\Downloads\[rutracker.org].t3999589.torrent
2015-10-20 13:24 - 2015-10-20 13:24 - 00027241 _____ C:\Users\Gio\Downloads\[rutracker.org].t4073144.torrent
2015-10-20 13:24 - 2015-10-20 13:24 - 00020342 _____ C:\Users\Gio\Downloads\[rutracker.org].t3938438.torrent
2015-10-20 13:24 - 2015-10-20 13:24 - 00016973 _____ C:\Users\Gio\Downloads\[rutracker.org].t3986380.torrent
2015-10-20 13:24 - 2015-10-20 13:24 - 00014965 _____ C:\Users\Gio\Downloads\[rutracker.org].t3815552.torrent
2015-10-20 13:23 - 2015-10-20 13:23 - 00030944 _____ C:\Users\Gio\Downloads\[rutracker.org].t4058431.torrent
2015-10-20 13:23 - 2015-10-20 13:23 - 00022806 _____ C:\Users\Gio\Downloads\[rutracker.org].t4147448.torrent
2015-10-20 13:23 - 2015-10-20 13:23 - 00022690 _____ C:\Users\Gio\Downloads\[rutracker.org].t4121743.torrent
2015-10-20 13:23 - 2015-10-20 13:23 - 00015320 _____ C:\Users\Gio\Downloads\[rutracker.org].t4177951.torrent
2015-10-20 13:22 - 2015-10-20 13:22 - 00017408 _____ C:\Users\Gio\Downloads\[rutracker.org].t4220929.torrent
2015-10-20 13:22 - 2015-10-20 13:22 - 00015323 _____ C:\Users\Gio\Downloads\[rutracker.org].t4277151.torrent
2015-10-20 13:21 - 2015-10-20 13:21 - 00030418 _____ C:\Users\Gio\Downloads\[rutracker.org].t4348781.torrent
2015-10-20 13:21 - 2015-10-20 13:21 - 00021216 _____ C:\Users\Gio\Downloads\[rutracker.org].t4384900.torrent
2015-10-20 13:21 - 2015-10-20 13:21 - 00021050 _____ C:\Users\Gio\Downloads\[rutracker.org].t4481321.torrent
2015-10-20 13:21 - 2015-10-20 13:21 - 00018124 _____ C:\Users\Gio\Downloads\[rutracker.org].t4412708.torrent
2015-10-20 13:21 - 2015-10-20 13:21 - 00018070 _____ C:\Users\Gio\Downloads\[rutracker.org].t4624618.torrent
2015-10-20 13:20 - 2015-10-20 13:20 - 00012363 _____ C:\Users\Gio\Downloads\[rutracker.org].t4978416.torrent
2015-10-20 13:19 - 2015-10-20 13:19 - 00014461 _____ C:\Users\Gio\Downloads\[rutracker.org].t5003450.torrent
2015-10-19 22:19 - 2015-10-19 22:19 - 00002560 _____ C:\Users\Gio\Desktop\Norton Security with Backup.lnk
2015-10-19 19:42 - 2015-10-19 19:42 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security with Backup
2015-10-18 18:30 - 2015-10-18 18:30 - 03634193 _____ C:\Users\Gio\Downloads\Vray_grass.rar
2015-10-18 16:13 - 2015-10-19 19:42 - 00003240 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-10-18 16:13 - 2015-10-19 19:42 - 00002448 _____ C:\Users\Public\Desktop\Norton Security with Backup.LNK
2015-10-18 16:13 - 2015-10-18 21:32 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-10-18 16:13 - 2015-10-18 21:32 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-10-18 16:13 - 2015-10-18 16:13 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-10-18 16:12 - 2015-10-19 19:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security with Backup
2015-10-18 16:12 - 2015-10-19 19:42 - 00000000 ____D C:\Windows\system32\Drivers\NSBUx64
2015-10-18 16:12 - 2015-10-18 16:12 - 00000000 ____D C:\Program Files (x86)\Norton Security with Backup
2015-10-18 16:09 - 2015-10-18 16:10 - 129868680 _____ (Symantec Corporation) C:\Users\Gio\Downloads\NSBU-TW-22.5.0-EN-US.exe
2015-10-18 15:09 - 2015-10-18 15:16 - 84314641 _____ C:\Users\Gio\Downloads\ajl6a.Norton.Security.with.Backup.2015.22.5.4.24..Trial.ResetterFL.rar
2015-10-18 14:52 - 2015-10-18 14:52 - 01201328 _____ (Symantec Corporation) C:\Users\Gio\Downloads\AutoDetectPkg.exe
2015-10-18 14:38 - 2015-10-18 14:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
2015-10-18 14:38 - 2015-10-18 14:38 - 00000000 ____D C:\Windows\system32\Drivers\NSTx64
2015-10-18 14:38 - 2015-10-18 14:38 - 00000000 ____D C:\Program Files (x86)\Norton Identity Safe
2015-10-17 18:47 - 2015-10-17 18:47 - 00017700 _____ C:\Users\Gio\Downloads\sculpting-integration-concepts-for-3ds-max-and-mudbox-[torrentino].torrent
2015-10-17 18:45 - 2015-10-17 18:45 - 00021145 _____ C:\Users\Gio\Downloads\unleashing-the-power-of-v-ray-[torrentino].torrent
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-03-01 19:10 - 2014-12-01 20:58 - 00003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F91393ED-EBB5-497D-BF10-C3273B42CC9C}
2015-11-15 20:43 - 2014-12-01 21:01 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-15 20:43 - 2009-07-14 05:13 - 00792464 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-15 20:41 - 2014-12-01 18:35 - 01209760 _____ C:\Windows\WindowsUpdate.log
2015-11-15 20:38 - 2015-09-11 12:48 - 00002436 _____ C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5_user.job
2015-11-15 20:38 - 2015-09-11 12:48 - 00002436 _____ C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.job
2015-11-15 20:38 - 2015-02-07 14:55 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-15 20:38 - 2014-12-01 18:44 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-15 20:38 - 2014-12-01 18:32 - 00000000 ____D C:\Users\Gio
2015-11-15 20:38 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-15 20:38 - 2009-07-14 04:51 - 00071244 _____ C:\Windows\setupact.log
2015-11-14 02:50 - 2015-09-27 19:47 - 00000000 ____D C:\Games
2015-11-14 02:40 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\registration
2015-11-14 00:58 - 2010-11-21 07:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-13 16:31 - 2014-12-01 18:44 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-13 16:25 - 2015-02-09 20:16 - 00000000 ____D C:\Users\Gio\AppData\Local\CrashDumps
2015-11-13 14:26 - 2009-07-14 04:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-13 14:26 - 2009-07-14 04:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-13 14:19 - 2014-12-02 02:28 - 00042496 _____ (secr9tos) C:\Windows\system32\Drivers\oem-drv64.sys
2015-11-13 02:20 - 2014-12-01 23:16 - 00000000 ____D C:\Users\Gio\AppData\Roaming\uTorrent
2015-11-13 02:00 - 2014-12-01 23:42 - 00000000 ____D C:\Users\Gio\AppData\Local\Adobe
2015-11-11 15:35 - 2014-12-01 18:44 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-11 14:50 - 2010-11-21 03:47 - 11353598 _____ C:\Windows\PFRO.log
2015-11-09 18:31 - 2015-04-30 11:47 - 00004483 _____ C:\Users\Gio\Desktop\New Text Document (2).txt
2015-11-07 19:45 - 2015-07-27 13:53 - 00001456 _____ C:\Users\Gio\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-11-05 15:33 - 2014-12-01 21:01 - 00003826 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1417467685
2015-11-04 13:33 - 2014-12-03 19:20 - 00000000 ____D C:\Users\Gio\AppData\Roaming\DMCache
2015-11-04 13:27 - 2015-08-29 21:10 - 00000000 ____D C:\Users\Gio\Documents\SCANIA Truck Driving Simulator
2015-11-04 10:27 - 2014-12-01 20:03 - 00000000 ____D C:\Users\Gio\AppData\Roaming\MAXON
2015-11-04 00:17 - 2015-02-07 14:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-03 23:15 - 2015-01-15 18:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-03 21:24 - 2015-07-15 15:42 - 00000000 ____D C:\Users\Gio\ARIAConverted
2015-11-02 23:36 - 2015-01-26 12:18 - 00000000 ____D C:\Users\Gio\Documents\Euro Truck Simulator 2
2015-11-01 23:57 - 2014-12-03 19:20 - 00000000 ___HD C:\Users\Gio\Downloads\Video
2015-11-01 12:37 - 2015-05-10 14:18 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2015-10-31 16:13 - 2014-12-01 23:17 - 00000000 ____D C:\Users\Gio\AppData\Roaming\Skype
2015-10-30 13:58 - 2015-05-10 14:18 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-27 15:15 - 2015-02-25 13:12 - 00000000 ____D C:\Windows\pss
2015-10-27 15:13 - 2015-03-14 21:10 - 00000000 ____D C:\Users\Gio\.VirtualBox
2015-10-27 15:13 - 2015-02-01 14:10 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-27 15:13 - 2014-12-13 06:35 - 00000000 ___RD C:\Users\Gio\Creative Cloud Files
2015-10-27 15:12 - 2015-06-28 20:55 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-10-23 10:22 - 2014-12-01 20:02 - 00000000 ____D C:\Program Files\WinRAR
2015-10-23 10:04 - 2014-12-03 19:20 - 00000000 ____D C:\Users\Gio\Downloads\Compressed
2015-10-22 15:48 - 2015-08-21 12:52 - 00000000 ____D C:\Users\Gio\Downloads\Adobe After Effects Auto-Save
2015-10-22 09:53 - 2015-06-28 21:04 - 00001219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk
2015-10-21 13:02 - 2014-12-04 18:40 - 00000000 ____D C:\Users\Gio\AppData\Local\Akamai
2015-10-19 19:38 - 2014-12-03 19:20 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2015-10-18 16:12 - 2014-12-01 18:46 - 00000000 ____D C:\ProgramData\Norton
 
==================== Files in the root of some directories =======
 
2015-04-13 11:48 - 2015-04-13 22:39 - 0092881 _____ () C:\Users\Gio\AppData\Roaming\13_04_2015.htm
2015-04-13 23:08 - 2015-04-14 22:58 - 1226323 _____ () C:\Users\Gio\AppData\Roaming\14_04_2015.htm
2015-04-14 23:00 - 2015-04-15 22:48 - 0723329 _____ () C:\Users\Gio\AppData\Roaming\15_04_2015.htm
2015-04-15 23:25 - 2015-04-16 22:24 - 0453909 _____ () C:\Users\Gio\AppData\Roaming\16_04_2015.htm
2015-04-17 09:12 - 2015-04-17 10:03 - 0002459 _____ () C:\Users\Gio\AppData\Roaming\17_04_2015.htm
2014-12-11 14:44 - 2015-09-12 11:28 - 0000132 _____ () C:\Users\Gio\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-01-09 21:54 - 2015-06-30 18:04 - 0065615 _____ () C:\Users\Gio\AppData\Roaming\Camdata.ini
2015-01-09 21:54 - 2015-06-30 18:04 - 0000408 _____ () C:\Users\Gio\AppData\Roaming\CamLayout.ini
2015-01-09 21:54 - 2015-06-30 18:04 - 0000408 _____ () C:\Users\Gio\AppData\Roaming\CamShapes.ini
2015-01-16 17:27 - 2015-06-30 18:04 - 0004549 _____ () C:\Users\Gio\AppData\Roaming\CamStudio.cfg
2015-01-09 14:11 - 2015-06-30 18:03 - 0000096 _____ () C:\Users\Gio\AppData\Roaming\version2.xml
2015-07-27 13:53 - 2015-11-07 19:45 - 0001456 _____ () C:\Users\Gio\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-11-04 10:18 - 2013-08-07 00:19 - 0595618 _____ () C:\Users\Gio\AppData\Local\libcurl-4.dll
2015-02-15 18:49 - 2015-02-15 18:49 - 0000000 ___SH () C:\Users\Gio\AppData\Local\LumaEmu
2015-11-04 10:18 - 2010-06-05 17:00 - 0042496 _____ (Open Source Software community project) C:\Users\Gio\AppData\Local\pthreadGC2-w64.dll
2014-12-03 19:19 - 2014-12-12 12:05 - 0007604 _____ () C:\Users\Gio\AppData\Local\Resmon.ResmonCfg
2015-03-14 21:09 - 2015-03-14 21:09 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2015-11-13 14:19 - 2015-11-13 14:19 - 0000000 ____H () C:\ProgramData\cm-lock
2014-12-01 19:03 - 2014-12-01 19:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-12 11:39 - 2014-12-12 11:39 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-08-18 17:12 - 2015-08-18 17:12 - 0000016 _____ () C:\ProgramData\mntemp
 
Some files in TEMP:
====================
C:\Users\Gio\AppData\Local\Temp\_is4A4B.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
nointegritychecks: ==> "IntegrityChecks" is disabled. <===== ATTENTION
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {f545a331-79ca-11e4-9040-a36a18e11033}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
loadoptions             DDISABLE_INTEGRITY_CHECKS
inherit                 {bootloadersettings}
recoverysequence        {f545a333-79ca-11e4-9040-a36a18e11033}
recoveryenabled         Yes
nointegritychecks       Yes
testsigning             No
osdevice                partition=C:
systemroot              \Windows
resumeobject            {f545a331-79ca-11e4-9040-a36a18e11033}
nx                      OptIn
custom:26000027         Yes
 
Windows Boot Loader
-------------------
identifier              {f545a333-79ca-11e4-9040-a36a18e11033}
device                  ramdisk=[C:]\Recovery\f545a333-79ca-11e4-9040-a36a18e11033\Winre.wim,{f545a334-79ca-11e4-9040-a36a18e11033}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\f545a333-79ca-11e4-9040-a36a18e11033\Winre.wim,{f545a334-79ca-11e4-9040-a36a18e11033}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {f545a331-79ca-11e4-9040-a36a18e11033}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {f545a334-79ca-11e4-9040-a36a18e11033}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\f545a333-79ca-11e4-9040-a36a18e11033\boot.sdi
 
 
 
LastRegBack: 2015-11-10 18:19
 
==================== End of FRST.txt ============================
 
 
 
 
 
 
 
addition
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Gio (2015-11-15 20:46:36)
Running from H:\
Windows 7 Ultimate Service Pack 1 (X64) (2014-12-01 18:32:30)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-423546431-4035410846-4171816442-500 - Administrator - Disabled)
Gio (S-1-5-21-423546431-4035410846-4171816442-1000 - Administrator - Enabled) => C:\Users\Gio
Guest (S-1-5-21-423546431-4035410846-4171816442-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security with Backup (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security with Backup (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security with Backup (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{12d6e0d7-21d5-4755-9da2-70352c6f7558}) (Version: 1.5.915.0 - Futuremark)
3DMark (Version: 1.5.915.0 - Futuremark) Hidden
A4 TECH PC Camera H (HKLM\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D303B}) (Version:  - )
A4 TECH PC Camera H (HKLM-x32\...\{CE3B8E96-B0AF-4871-9178-1519B58E3A93}) (Version: 2007.11.12 - Vimicro)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2014 (HKLM-x32\...\{766255CE-D156-11E3-8DBC-A136EB52ACCF}) (Version: 14.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe InDesign CC (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5 64-bit (HKLM\...\{6C1A010F-9108-4162-A26F-9FEC4AC0F0F0}) (Version: 5.0.1 - Adobe)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 7.1 - PainteR)
Age of Empires III v1.14 / 1.06 / 1.03 / [RUS/ENG] RePack by R.G. Revenants (HKLM-x32\...\{7F4F8D5D-9EB9-45DF-A475-30F615FFA85B}}_R.G.Revenants_is1) (Version:  - )
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.80 - ASUSTeK Computer Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
ANDY OS (HKLM-x32\...\Andy OS) (Version: 1.1 - andyroid.net)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArchiCAD 18 INT (HKLM\...\001FFF2FFF18FF00FF0701F01F02F000-R1) (Version: 18.0 - GRAPHISOFT)
ARIA Engine v1.8.2.2 (HKLM\...\ARIA Engine_is1) (Version: v1.8.2.2 - Plogue Art et Technologie, Inc)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ASUS PC Diagnostics (HKLM-x32\...\{D709005F-D8DC-42A8-8435-5AE880ECAF82}) (Version: 1.3.7 - ASUSTeK Computer Inc.)
AutoCAD 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - English (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.0.27.1100 - Autodesk)
Autodesk 3ds Max 2015 (HKLM\...\Autodesk 3ds Max 2015) (Version: 17.0.630.0 - Autodesk)
Autodesk 3ds Max 2015 (Version: 17.0.630.0 - Autodesk) Hidden
Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.159.0 - Autodesk)
Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk)
Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2015 (HKLM\...\{9167CA34-4E48-49E3-8892-3C439739D2D3}) (Version: 17.0 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk ReCap (Version: 1.3.1.39 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.107.0 - Autodesk) Hidden
AVS Video Editor 7.0 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.0.1.258 - Online Media Technologies Ltd.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.1.731 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Batman Arkham Origins (Initiation & Cold Cold Heart) (HKLM-x32\...\{D1F2AE32-7AAE-4D91-9193-171200F18E2F}) (Version: 6.0 - Black Box)
Battlefield Bad Company 2 (HKLM-x32\...\Battlefield Bad Company 2_is1) (Version:  - )
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Blender (HKLM\...\{BBE9D9F0-3F77-4E26-9E10-1AFB56D41363}) (Version: 2.76.0 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Burger Shop (HKLM-x32\...\Burger Shop_is1) (Version:  - )
Burger Shop 2 (HKLM-x32\...\Burger Shop 2) (Version: 1.0.0.1 - iWin.com)
Bus Driver (HKLM-x32\...\BFG-Bus Driver) (Version:  - )
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.00 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG2400 series User Registration (HKLM-x32\...\Canon MG2400 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden
CinemaP-1.9cV11.09 (HKLM-x32\...\CinemaP-1.9cV11.09) (Version: 1.36.01.22 - Cinema PlusV11.09) <==== ATTENTION
Cities XXL (HKLM-x32\...\Cities XXL_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Citrix Online Launcher (HKLM-x32\...\{E5F6D26D-E180-4547-A865-565EAB61000C}) (Version: 1.0.362 - Citrix)
City Car Driving 1.2.2 (HKLM-x32\...\{CC457F3D-5CDE-4CE8-9685-90A4EDE81374}_is1) (Version:  - Forward Development)
CodeMeter Runtime Kit v5.10a (HKLM\...\{CADFF08A-A157-474F-B6A8-8F26F81F7ABE}) (Version: 5.10.1224.501 - WIBU-SYSTEMS AG)
Cold Fear, версия 1.0 (HKLM-x32\...\Cold Fear_is1) (Version: 1.0 - Ubisoft Entertainment)
ColdFear (HKLM-x32\...\{2C14901F-ED9D-40B5-8FE5-1BAF3D31F73B}) (Version: 1.00.0000 - Ubisoft)
Combat Arms - Line of Sight (HKLM-x32\...\Combat Arms - Line of Sight) (Version:  - )
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - RU (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Crashday Forever Build 3 (HKLM-x32\...\Crashday Forever Build 3) (Version: Build 3 - °¤AcTiViSioN¤°)
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
CyberLink PowerDirector 13 (HKLM-x32\...\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}) (Version: 13.0.2604.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0 - CyberLink Corp.)
Daylight (HKLM-x32\...\Daylight_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Dino Crisis 2 (HKLM-x32\...\Dino Crisis 2_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, SeRaph1)
discoDSP Discovery v2.4 (HKLM-x32\...\discoDSP Discovery v2.4_is1) (Version: 2.4 - discoDSP)
Driver (HKLM-x32\...\Driver) (Version:  - )
Driver.San Francisco.v 1.04.1114 (HKLM-x32\...\Driver.San Francisco.v 1.04.1114_is1) (Version: Driver.San Francisco.v 1.04.1114 - GREK93)
Driving Simulator 2012 Version 1.64 (HKLM-x32\...\Driving Simulator 2012_is1) (Version: 1.64 - astragon Software GmbH)
East West EWQLSO Gold Edition (HKLM-x32\...\East West EWQLSO Gold Edition) (Version:  - )
Edirol Super Quartet v1.52 TALiO (HKLM-x32\...\Edirol Super Quartet v1.52 TALiO) (Version:  - )
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.6.6.2133 - Steinberg Media Technologies GmbH)
Euro Truck Simulator 2 v1.1.1 (HKLM-x32\...\{3DD29525-FAD0-47A5-93D2-EB304F1A0E87}_is1) (Version:  - )
FIFA 11 (HKLM-x32\...\FIFA 11_is1) (Version:  - REXE)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
FumeFX 3.5.4 R2015 64-bit (HKLM-x32\...\{B6AB7067-3ADE-4BB2-A98A-A3DCA6C251A3}) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{AFBB2F94-A43D-46AD-8F77-66ACB3C71EDF}) (Version: 4.39.552.0 - Futuremark)
GameRanger (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\GameRanger) (Version:  - GameRanger Technologies)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.64.5211 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GoToMeeting 7.4.2.3880 (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\GoToMeeting) (Version: 7.4.2.3880 - CitrixOnline)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Graphisoft ArchiCAD 18 3006 (HKLM-x32\...\Graphisoft ArchiCAD 18 3006) (Version: 3006 - Graphisoft)
GT Interactive - Driver Demo (HKLM-x32\...\GT Interactive - Driver Demo) (Version:  - )
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Gross Beat (HKLM-x32\...\IL Gross Beat) (Version:  - Image-Line bvba)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.17 - Intel® Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - )
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Jane's Advanced Strike Fighters (HKLM-x32\...\Jane's Advanced Strike Fighters_is1) (Version: Jane's Advanced Strike Fighters - Fenixx--Repack--(17.11.2011))
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Jurassic Park - Operation Genesis (HKLM-x32\...\Jurassic Park - Operation Genesis_is1) (Version:  - )
K-Lite Codec Pack 7.5.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.5.0 - )
Krakatoa MX 2.3 64-bit (HKLM\...\{80A527A9-9249-4C03-ADB4-B8941A897CD1}) (Version: 2.3.1.56082 - Thinkbox Software)
Let's Sing (HKLM-x32\...\TGV0c1Npbmc=_is1) (Version: 1 - )
Linplug CM-505 v1.01 (HKLM-x32\...\Linplug CM-505 v1.01) (Version:  - )
Mafia II, 1.2 (HKLM-x32\...\Mafia II_is1) (Version: 1.2 - Shepards)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Marvelous Designer 5 Personal (HKLM-x32\...\Marvelous Designer 5 Personal) (Version:  - CLO Virtual Fashion Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.283 - McAfee, Inc.)
Metal Gear Solid V Ground Zeroes, âåðñèÿ 1.0 (HKLM-x32\...\Metal Gear Solid V Ground Zeroes_is1) (Version: 1.0 - =×óâàê=)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mirror's Edge.v 1.0.1.0 (HKLM-x32\...\Mirror's Edge.v 1.0.1.0_is1) (Version: Mirror's Edge.v 1.0.1.0 - Repack by Fenixx (05.02.2014))
Mortal Kombat X Update 20150709 (HKLM-x32\...\TW9ydGFsS29tYmF0WA==_is1) (Version: 1 - )
Mortal Kombat X, версия 1.0 (HKLM-x32\...\Mortal Kombat X_is1) (Version: 1.0 - =Чувак=)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.3.0.6464 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Need for Speed 4 High Stakes (HKLM-x32\...\{3ECDDB80-DB1D-11D4-8B30-000021015D1C}) (Version:  - )
Need for Speed 5 Porsche Unleashed (HKLM-x32\...\{4CA7F8A0-DB20-11D4-8B30-000021015D1C}) (Version:  - )
Need for Speed™ Undercover (HKLM-x32\...\Need for Speed™ Undercover_is1) (Version:  - )
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.0 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials V for Windows (HKLM-x32\...\NewBlue Video Essentials V for Windows) (Version: 3.0 - NewBlue)
Next Car Game Technology Sneak Peek 2.0 (HKLM-x32\...\Next Car Game Technology Sneak Peek) (Version:  - Bugbear Entertainment)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)
Norton Security with Backup (HKLM-x32\...\NSBU) (Version: 22.5.4.24 - Symantec Corporation)
Novation Bass-Station VSTi v1.10 (HKLM-x32\...\Novation Bass-Station VSTi v1.10) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com)
Opera Stable 33.0.1990.58 (HKLM-x32\...\Opera 33.0.1990.58) (Version: 33.0.1990.58 - Opera Software)
Oracle VM VirtualBox 4.3.20 (HKLM\...\{86401870-7AB7-4A8D-8AD6-12B27DF2E6E3}) (Version: 4.3.20 - Oracle Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Phoenix FD for 3ds Max 2015 for x64 (HKLM\...\Phoenix FD for 3ds Max 2015 for x64) (Version: 2.20.00 - Chaos Software Ltd)
Plogue sforzando v1.822 (HKLM\...\__ARIA_1014___is1) (Version: v1.822 - Plogue)
POV-Ray for Windows v3.7 (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\POV-Ray for Windows v3.7) (Version: 3.7 - Persistence of Vision Raytracer Pty. Ltd.)
PPJoy Joystick Driver 0.8.4.5 (HKLM-x32\...\PPJoy Joystick Driver) (Version: 0.8.4.5 - Deon van der Westhuysen)
Prison Break The Conspiracy (HKLM-x32\...\Prison Break The Conspiracy_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.108.1 - proDAD GmbH)
Project CARS v1.1 / RePack by (HKLM-x32\...\Project CARS_is1) (Version:  - )
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
RayFire 1.65 - 3ds Max 2016 (HKLM-x32\...\RayFire) (Version: 1.65 - 3ds Max 2016 - Mir Vadim)
RE:Vision Effects Twixtor AE (HKLM\...\Twixtor AE 6.1.0_is1) (Version: 6.1.0 - Team V.R)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.6.0 - Red Giant, LLC)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
rFactor (remove only) (HKLM-x32\...\rFactor) (Version:  - )
Richard Burns Rally (HKLM-x32\...\{92C7D009-A464-4948-A980-7A3E28CB2F49}) (Version: 1.00.000 - )
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
SCANIA Truck Driving Simulator 1.0.0 (HKLM-x32\...\SCANIA Truck Driving Simulator) (Version: 1.0.0 - SCS Software)
Sentinel Protection Installer 7.5.0 (HKLM-x32\...\{A5A63519-F5C2-4F4A-849A-F28A1AB3D522}) (Version: 7.5.0 - SafeNet, Inc.)
Shaun White Snowboarding (HKLM-x32\...\{2E52FB79-7F60-4AD7-B946-5ED18B4F274E}) (Version: 1.00 - Ubisoft)
SimLab SolidWorks Importer 6.0 for 3ds Max x64 (HKLM\...\{CC694521-C1B7-4186-8A90-8FAE19C08CFD}) (Version: 6.0 - SimLab Soft)
Singularity (HKLM-x32\...\Singularity_is1) (Version:  - Новый Диск)
SketchUp Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden
Spicy Guitar  (64 bits) (HKLM-x32\...\KeolabSpicyGuitar64b_is1) (Version:  - Keolab)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.20.9.4533 - Enigma Software Group, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Cubase LE AI Elements 7 64bit (HKLM\...\{67E7C608-D0EA-4273-B374-50ABE42FBE08}) (Version: 7.0.6 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Sugar Bytes Effectrix 1.4.2 (HKLM\...\Effectrix_is1) (Version: 1.4.2 - Sugar Bytes)
Sugar Bytes Guitarist Library 1.0 (HKLM-x32\...\Guitarist Library_is1) (Version: 1.0 - Sugar Bytes)
Sugar Bytes Robotronic 1.3 (HKLM\...\Robotronic_is1) (Version: 1.3 - Sugar Bytes)
Sugar Bytes Turnado 1.5 (HKLM\...\Turnado_is1) (Version: 1.5 - Sugar Bytes)
Sugar Bytes Vogue 1.3.1 (HKLM\...\Vogue_is1) (Version: 1.3.1 - Sugar Bytes)
Sugar Bytes WOW 1.2 (HKLM\...\WOW_is1) (Version: 1.2 - Sugar Bytes)
SumRando (HKLM-x32\...\SumRandoSumRando) (Version: 1.0.0.172 - SumRando)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Sylenth1 v2.21 (HKLM\...\Sylenth1_is1) (Version:  - )
Synapse Scorpion v4.0 (HKLM-x32\...\Synapse Scorpion v4.0) (Version:  - )
Synthesia (HKLM-x32\...\Synthesia) (Version: 9 - Synthesia LLC)
TeamPlayer 2.2.0 (HKLM-x32\...\TeamPlayer_is1) (Version: 2.2.0 - WunderWorks)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Test Drive Ferrari Racing Legends (HKLM-x32\...\Test Drive Ferrari Racing Legends_is1) (Version:  - )
Toon Boom Animate Pro 2 (HKLM-x32\...\{46ADAC53-F1D2-41B4-B57C-DF43C70904FB}) (Version: 7.9.1 - Toon Boom Animation)
Trapcode Suite v12.1.9 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 12.1.9 - Red Giant, LLC)
TVP Animation 9.5 Professional Edition (remove only) (HKLM-x32\...\TVP Animation 9 Pro) (Version:  - )
TVPaint Animation 10 Pro v10.0.16 (HKLM-x32\...\TVPaint Animation 10 Pro v10.0.1610.0.16) (Version: 10.0.16 - Friends in War)
UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\UnityWebPlayer) (Version: 4.6.0f3 - Unity Technologies ApS)
V-Ray for 3dsmax 2015 for x64 (HKLM\...\V-Ray for 3dsmax 2015 for x64) (Version: 3.00.07 - Chaos Software Ltd)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.11 - NCH Software)
WebcamMax (HKLM-x32\...\WebcamMax) (Version: 7.5.8.8.MultiLanguage - )
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
WinRAR 5.20 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.4 - win.rar GmbH)
Аrdamаx Kеylogger 4.3.9 (HKLM-x32\...\Аrdamаx Kеylogger 4.3.9) (Version:  - )
ВАЛЛ-И (HKLM-x32\...\ВАЛЛ-И_is1) (Version: 1.0 - GUGUCHA)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{83B0E426-D4EE-11D4-BEDF-BAB7F1EEA455}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\addflow4.ocx (Lassalle Technologies)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Gio\AppData\Local\Citrix\GoToMeeting\3880\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
 
==================== Restore Points =========================
 
13-11-2015 16:54:23 Checkpoint by HitmanPro
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 02:34 - 2015-09-30 22:47 - 00001392 ____N C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 anchorfree.net
127.0.0.1 rss2search.com
127.0.0.1 techbrowsing.com
127.0.0.1 box.anchorfree.net
127.0.0.1 www.mefeedia.com
127.0.0.3 www.anchorfree.net
127.0.0.2 www.mefeedia.com
127.0.0.1 anchorfree.us
127.0.0.1 a433.com
127.0.0.3 anchorfree.net
127.0.0.1 rpt.anchorfree.net
127.0.0.1 delivery.anchorfree.us/land.php
127.0.0.1 hsselite.com
127.0.0.1 www.hsselite.com127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
127.0.0.1                   na1r.services.adobe.com
127.0.0.1                   hlrcv.stage.adobe.com
0.0.0.1 mssplus.mcafee.com
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0293C085-91A2-482F-91FF-91B358264D14} - System32\Tasks\G2MUpdateTask-S-1-5-21-423546431-4035410846-4171816442-1000 => C:\Users\Gio\AppData\Local\Citrix\GoToMeeting\3880\g2mupdate.exe [2015-11-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {05D4B7B5-DAC0-4BB8-8636-EE693BEBE4F4} - System32\Tasks\Opera scheduled Autoupdate 1417467685 => C:\Program Files (x86)\Opera\launcher.exe [2015-10-30] (Opera Software)
Task: {14CE6AF7-D33D-43D8-9249-A70E49E66877} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {1E045EFB-AF82-43DC-BC84-BF5E4F479AC1} - System32\Tasks\Norton Security with Backup\Norton Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {4735F17D-03C4-4CD8-B568-093B45D00C39} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {4A3B9FEF-63CD-4769-8A02-93DB387AD993} - \LaunchSignup -> No File <==== ATTENTION
Task: {5811CE22-1926-4901-98DA-BA318FB40DF5} - System32\Tasks\ASUS\i-Setup185311 => C:\Windows\Intel_Chipset_Win7-8-8-1_V10016\AsusSetup.exe [2014-12-01] (ASUSTeK Computer Inc.)
Task: {586FC3DB-9ADE-4A95-92FD-EB43A43EA45B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5F280624-B65A-48EE-B85D-0F6461C7C8C5} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2014-03-27] ()
Task: {6A526F91-9E2C-45D8-98A2-1959842FF50C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {6F04F64F-1478-4E2B-8B5E-A1D0EFE956D9} - System32\Tasks\{17F40C2C-7314-47EB-AC2D-CB1CCEF9C767} => pcalua.exe -a "E:\s\Image Line Gross Beat 1.0.1\grossbeat_install.exe" -d "E:\s\Image Line Gross Beat 1.0.1"
Task: {710F117B-920C-436B-A05B-E1DB89A178E8} - System32\Tasks\{B048AEEA-BC9B-41BA-9B21-0836A4BB5417} => c:\program files (x86)\opera\launcher.exe [2015-10-30] (Opera Software)
Task: {773AF888-CFEF-436D-8485-7703C674AAD3} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2014-05-03] (TODO: <Company name>)
Task: {77E35024-1DB9-4DB7-8408-6F0F5EE7ADA6} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-01-10] (ASUSTeK Computer Inc.)
Task: {894E1C4A-5090-4D67-A7A1-4840BBA6415A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\WSCStub.exe [2015-09-24] (Symantec Corporation)
Task: {8CC26450-B3A4-44EA-8C1F-631878C45692} - System32\Tasks\{4A0D3DEC-FE2C-41E4-8062-44AEDD549E32} => c:\program files (x86)\opera\launcher.exe [2015-10-30] (Opera Software)
Task: {91C25A1E-8EE5-428B-B081-5C7D7445BD0E} - System32\Tasks\{E23A209F-322A-4CE5-BD7C-41A7F0F29CAC} => D:\Games\Need for Speed 4 High Stakes\nfshs.exe [1999-05-26] (Electronic Arts, Inc.)
Task: {92CCD290-2AF3-4E61-9B2E-6723E507071A} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-05-09] (ASUSTeK Computer Inc.)
Task: {93E20DA9-DF20-4692-8997-95BE6D03EF78} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-05-04] ()
Task: {979B811B-CB9A-448B-9E94-FCA5A298166E} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {99CF9D89-8059-4A93-AFB5-C04CCE43DBC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {9D64AF71-F5AE-4568-8B0E-8054EC7FE0E0} - System32\Tasks\AdobeAAMUpdater-1.0-Gio-PC-Gio => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04] (Adobe Systems Incorporated)
Task: {A6C1B173-0FBA-4371-B582-E8ABC2B4B2C7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AE744A52-3036-48EB-A921-A20A7E297EFA} - System32\Tasks\G2MUploadTask-S-1-5-21-423546431-4035410846-4171816442-1000 => C:\Users\Gio\AppData\Local\Citrix\GoToMeeting\3880\g2mupload.exe [2015-11-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {AF3FA76A-6C08-4D01-B5DC-6FEB36148A8D} - System32\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5 => C:\Program Files (x86)\CinemaP-1.9cV11.09\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.exe <==== ATTENTION
Task: {B331C41F-4CF6-4676-B742-A7858165E02B} - System32\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5_user => C:\Program Files (x86)\CinemaP-1.9cV11.09\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.exe <==== ATTENTION
Task: {D08519BD-9195-47F0-B9B9-005FBB35996A} - System32\Tasks\Norton Security with Backup\Norton Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {E67F08B6-3B9A-4C5B-88E5-BE098E02D6C0} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {F4725DEB-3FB0-4CBB-A1F1-4A73466AACF5} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.job => C:\Program Files (x86)\CinemaP-1.9cV11.09\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5_user.job => C:\Program Files (x86)\CinemaP-1.9cV11.09\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-423546431-4035410846-4171816442-1000.job => C:\Users\Gio\AppData\Local\Citrix\GoToMeeting\3880\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-423546431-4035410846-4171816442-1000.job => C:\Users\Gio\AppData\Local\Citrix\GoToMeeting\3880\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-09-11 18:02 - 2015-09-11 18:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-12-04 15:24 - 2014-05-04 20:57 - 01270584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2014-12-04 15:24 - 2014-03-27 19:33 - 01430328 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2014-01-28 03:16 - 2014-01-28 03:16 - 00936728 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-03-27 15:27 - 2013-05-14 09:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-12-03 22:49 - 2014-12-03 22:49 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-10 15:22 - 2015-03-10 15:22 - 00391784 _____ () C:\Windows\system32\igfxTray.exe
2014-12-03 20:03 - 2006-07-04 14:16 - 00049152 _____ () C:\Windows\Domino.exe
2014-12-04 15:24 - 2014-04-11 09:53 - 01045304 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
2014-12-04 15:24 - 2014-04-11 10:53 - 00037176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
2014-12-04 15:23 - 2014-05-08 14:09 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
2014-12-02 14:47 - 2014-09-04 03:41 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-12-02 14:47 - 2014-09-04 03:41 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00859136 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00801280 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
2014-12-04 15:23 - 2014-05-08 14:09 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2014-12-04 15:23 - 2014-05-08 14:09 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2014-12-04 15:24 - 2014-05-09 14:09 - 04066816 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2014-12-04 15:24 - 2014-02-25 16:53 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2014-12-04 15:24 - 2014-05-08 14:09 - 00827392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2014-12-04 15:24 - 2014-05-03 03:33 - 00053248 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.17\Exeio.dll
2014-12-04 15:24 - 2014-05-03 03:33 - 00278528 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.17\Vender.dll
2014-12-04 15:23 - 2014-01-28 03:16 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2014-12-04 15:24 - 2014-03-27 19:32 - 05778096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2014-12-04 15:24 - 2014-02-24 17:49 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2014-12-04 15:23 - 2015-11-15 20:38 - 00034960 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2014-12-01 19:10 - 2014-01-28 03:16 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2014-12-04 15:24 - 2013-11-20 10:10 - 00662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
2014-12-04 15:24 - 2013-07-02 10:40 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll
2014-12-04 15:24 - 2014-04-10 15:23 - 00643584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMiniMsg.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:1663E41B
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:466F9D5D
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Gio\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Andy => C:\Program Files\Andy\HandyAndy.exe
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: WebcamMaxAutoRun => "C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{0D9C987A-D6A6-4E95-BD80-7C15AE800E0A}C:\users\gio\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gio\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{2E3247A4-BAC2-4A11-8BCE-BF7926D52783}C:\users\gio\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gio\appdata\local\akamai\netsession_win.exe
FirewallRules: [{312AC3D4-CB38-4D2D-9433-66379BEC1FC7}] => (Block) C:\users\gio\appdata\local\akamai\netsession_win.exe
FirewallRules: [{89B16F54-DFF0-4424-94BE-839B58DB41A6}] => (Block) C:\users\gio\appdata\local\akamai\netsession_win.exe
FirewallRules: [{6B356E88-0B91-4690-B711-F42165ACFE21}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6DA28468-AF99-4A85-AF86-EF8A0DA93014}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{5D6DAAAA-84C7-4904-A1E3-612132B7D8EE}D:\games\city car driving\bin\win32\starter.exe] => (Allow) D:\games\city car driving\bin\win32\starter.exe
FirewallRules: [UDP Query User{A9348B49-D433-4FC2-A972-234498D4C93D}D:\games\city car driving\bin\win32\starter.exe] => (Allow) D:\games\city car driving\bin\win32\starter.exe
FirewallRules: [{CB547D4F-DAEE-4FDD-A547-FEDD128A0D0E}] => (Allow) D:\Games\Combat Arms EU\NMService.exe
FirewallRules: [{E79ACCA7-9348-4C8A-A019-3B8FC7D1DC6E}] => (Allow) D:\Games\Combat Arms EU\NMService.exe
FirewallRules: [{01B1BAEB-526D-46E0-9A51-A99EFC0AC2B0}] => (Allow) C:\Users\Gio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1D8AECBA-15C3-44FE-B9E7-93FF1DBE33DD}] => (Allow) C:\Users\Gio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [C:\Program Files (x86)\AFLICS\AfterFLICS.exe] => (Allow) C:\Program Files (x86)\AFLICS\AfterFLICS.exe
FirewallRules: [C:\Program Files (x86)\AFLICS\AfterFLICS_tools.exe] => (Allow) C:\Program Files (x86)\AFLICS\AfterFLICS_tools.exe
FirewallRules: [TCP Query User{50B78C5A-8D4E-40A3-A930-51DF8D10B5F0}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{C3EB7921-5712-4BE6-BDCF-C28C32BD1C64}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{44769911-F111-4492-B7B4-5AC2EF1FA8CA}C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe
FirewallRules: [UDP Query User{1B83E0AE-B451-46B4-BCF7-7A07EF01C5C6}C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe
FirewallRules: [TCP Query User{4D072BC7-5504-4FD8-AFED-E912E17F8657}C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe
FirewallRules: [UDP Query User{8F25E9AD-02A7-4149-B144-FAF585E282D0}C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe
FirewallRules: [TCP Query User{A4B76FD8-B87E-4C13-B26E-65DCF0641B71}E:\from os\smartpixel\bin\smartpixel.exe] => (Allow) E:\from os\smartpixel\bin\smartpixel.exe
FirewallRules: [UDP Query User{EED82238-896D-4B5C-82EF-696788F4768E}E:\from os\smartpixel\bin\smartpixel.exe] => (Allow) E:\from os\smartpixel\bin\smartpixel.exe
FirewallRules: [TCP Query User{3658E3C6-EEB1-4BC7-91D5-5535C658D875}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D200290D-C6CB-43C9-858E-1643EDC3A707}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{60EE7854-F278-44E7-990E-FCBE91E7DE30}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1837D16C-042E-4D68-A4C1-95325DCD47B4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1DF4AB5B-82E3-4FB4-9EC2-BE12C2D3E42F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C799BB6F-BE4A-4D37-85E1-0C54A76DCCD1}D:\games\driver.san francisco.v 1.04.1114\driver.exe] => (Block) D:\games\driver.san francisco.v 1.04.1114\driver.exe
FirewallRules: [UDP Query User{59D37B68-68B6-4400-9D11-3126EC163233}D:\games\driver.san francisco.v 1.04.1114\driver.exe] => (Block) D:\games\driver.san francisco.v 1.04.1114\driver.exe
FirewallRules: [{D357D906-D1FC-4E82-94C6-E1FA23DFDE2C}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe
FirewallRules: [{507B3D54-2DAC-4E4C-91D5-57F4732B5E99}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe
FirewallRules: [{3670E39E-BA68-4EF8-9CB2-EC8845FEAB4A}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe
FirewallRules: [{39064606-7528-478F-9BD3-35273EDD6B3A}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe
FirewallRules: [{DB008D9F-FA8F-4301-8089-BD03F31C61CF}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{36B2B8C0-474A-48DC-8A8A-101229833354}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{73D42B21-3BB3-4574-8152-7D9A067531E2}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{4F9D80DB-759C-42AB-BAA8-A5105BF34D0E}] => (Block) %ProgramFiles%\Marvelous Designer 5 Personal\MD5_Personal_x64.exe
FirewallRules: [{CF247259-1D78-4187-9A18-195DD8E82148}] => (Block) %ProgramFiles%\Marvelous Designer 5 Personal\MD5_Personal_x64.exe
FirewallRules: [{3CF0CAFD-44E9-4CFF-8FC4-D0C552639F68}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DA439A8E-F69B-41CE-BF92-3E5D14C290D0}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
FirewallRules: [{0BBA4E1B-9705-478A-9940-A366AF5D693E}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: nethfdrv
Description: nethfdrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: nethfdrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/15/2015 08:38:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/13/2015 04:25:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x52e23951
Faulting module name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x52e23951
Exception code: 0xc0000005
Fault offset: 0x0000000000015a1e
Faulting process id: 0xa78
Faulting application start time: 0xWSCommCntr4.exe0
Faulting application path: WSCommCntr4.exe1
Faulting module path: WSCommCntr4.exe2
Report Id: WSCommCntr4.exe3
 
Error: (11/13/2015 02:19:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/13/2015 08:54:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/12/2015 07:50:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x52e23951
Faulting module name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x52e23951
Exception code: 0xc0000005
Fault offset: 0x0000000000015a1e
Faulting process id: 0x1a04
Faulting application start time: 0xWSCommCntr4.exe0
Faulting application path: WSCommCntr4.exe1
Faulting module path: WSCommCntr4.exe2
Report Id: WSCommCntr4.exe3
 
Error: (11/12/2015 04:17:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/12/2015 08:40:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/11/2015 08:29:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Acrobat.exe version 15.9.20069.28170 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 3b98
 
Start Time: 01d11cbfad29507a
 
Termination Time: 4
 
Application Path: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
 
Report Id: f15deb50-88b2-11e5-9d1c-00ac9a266a31
 
Error: (11/11/2015 08:27:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Acrobat.exe version 15.9.20069.28170 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 370c
 
Start Time: 01d11cbf616a677c
 
Termination Time: 4
 
Application Path: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
 
Report Id: a541c5c4-88b2-11e5-9d1c-00ac9a266a31
 
Error: (11/11/2015 02:50:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (11/15/2015 08:38:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
bsfs
ggc
nethfdrv
 
Error: (11/15/2015 08:38:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Core Browsing Protection service failed to start due to the following error: 
%%2
 
Error: (11/15/2015 08:38:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Safe Browsing proxy service service failed to start due to the following error: 
%%2
 
Error: (11/15/2015 08:38:05 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
 
Error: (11/13/2015 02:19:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
bsfs
ggc
nethfdrv
 
Error: (11/13/2015 02:19:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Core Browsing Protection service failed to start due to the following error: 
%%2
 
Error: (11/13/2015 02:19:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Safe Browsing proxy service service failed to start due to the following error: 
%%2
 
Error: (11/13/2015 09:25:47 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (11/13/2015 08:54:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
bsfs
ggc
nethfdrv
 
Error: (11/13/2015 08:53:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Core Browsing Protection service failed to start due to the following error: 
%%2
 
 
CodeIntegrity:
===================================
  Date: 2015-11-15 20:38:08.306
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-15 20:38:08.290
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-13 14:19:37.693
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-13 14:19:37.677
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-13 08:53:55.272
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-13 08:53:55.256
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-12 16:17:46.521
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-12 16:17:46.506
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-12 08:40:22.272
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-12 08:40:22.256
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 19%
Total physical RAM: 16261.03 MB
Available physical RAM: 13132.28 MB
Total Virtual: 16259.22 MB
Available Virtual: 13167.21 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.79 GB) (Free:3.2 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (New Volume) (Fixed) (Total:433.17 GB) (Free:3.75 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Media) (Fixed) (Total:498.34 GB) (Free:1.11 GB) NTFS
Drive f: (20.12.Ult.Eng) (CDROM) (Total:4 GB) (Free:0 GB) UDF
Drive g: (Alicias Keys) (CDROM) (Total:6.97 GB) (Free:0 GB) CDFS
Drive h: (IOANE) (Removable) (Total:14.52 GB) (Free:14.52 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 1A31AD76)
Partition 1: (Active) - (Size=232.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2E36CC17)
Partition 1: (Active) - (Size=433.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=498.3 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 14.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=14.5 GB) - (Type=0C)
 
==================== End of Addition.txt ============================

There are logs

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Gio (administrator) on GIO-PC (15-11-2015 20:46:13)
Running from H:\
Loaded Profiles: Gio (Available Profiles: Gio)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\nsbu.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\nsbu.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Vimicro) C:\Windows\vmsnap3.exe
() C:\Windows\Domino.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUpd.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [VMSnap3] => C:\Windows\VMSnap3.exe [49152 2006-07-18] (Vimicro)
HKLM\...\Run: [Domino] => C:\Windows\Domino.exe [49152 2006-07-04] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7640944 2014-12-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-12-01] (Intel Corporation)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Policies\Explorer: [NofolderOptions] 0
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1193352 2014-02-08] (Autodesk, Inc.)
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
Lsa: [Notification Packages] scecli ScSecAuth
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2011-05-30] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2015-11-04]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog9 01 C:\Windows\SysWOW64\sslsp105.dll [74352 2015-03-12] (SumRando)
Winsock: Catalog9 02 C:\Windows\SysWOW64\sslsp105.dll [74352 2015-03-12] (SumRando)
Winsock: Catalog9 13 C:\Windows\SysWOW64\sslsp105.dll [74352 2015-03-12] (SumRando)
Winsock: Catalog9-x64 01 C:\Windows\system32\sslsp105.dll [75888 2015-03-12] (SumRando)
Winsock: Catalog9-x64 02 C:\Windows\system32\sslsp105.dll [75888 2015-03-12] (SumRando)
Winsock: Catalog9-x64 13 C:\Windows\system32\sslsp105.dll [75888 2015-03-12] (SumRando)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{4F3C3288-F1E6-4E98-AD7F-B6047FB19713}: [NameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{9DB78E5B-565D-40BE-9F00-43B3473D9F85}: [NameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{AA476EBD-85D2-4719-9E47-A68FC2EEE0F5}: [DhcpNameServer] 192.168.100.1
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
URLSearchHook: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> DefaultScope {B9A62B51-034F-4746-9AC1-ECA278687F5A} URL = hxxps://uk.search.yahoo.com/search?fr=mcafee&type=B010GB0D20141202&p={searchTerms}
SearchScopes: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NSBU&chn=oem&geo=GB&ver=22&locale=en_GB&gct=sb&qsrc=2869
SearchScopes: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> {B9A62B51-034F-4746-9AC1-ECA278687F5A} URL = hxxps://uk.search.yahoo.com/search?fr=mcafee&type=B010GB0D20141202&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2011-07-06] (Internet Download Manager, Tonec Inc.)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2011-07-06] (Internet Download Manager, Tonec Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Gio\AppData\Roaming\Mozilla\Firefox\Profiles\fzt6e8c5.default-1441970820133
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll [2014-12-02] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2015-07-10] (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-423546431-4035410846-4171816442-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Gio\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-12] (Citrix Online)
FF Plugin HKU\S-1-5-21-423546431-4035410846-4171816442-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-18] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Gio\AppData\Roaming\Mozilla\Firefox\Profiles\fzt6e8c5.default-1441970820133\searchplugins\McSiteAdvisor.xml [2015-11-13]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-01-03]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-09-07]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.0.124\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.0.124\coFFAddon [2015-11-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2015-05-10] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn => not found
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.0.124\coFFAddon
FF HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Gio\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Gio\AppData\Roaming\IDM\idmmzcc5 [2014-12-03] [not signed]
FF HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Gio\AppData\Roaming\IDM\idmmzcc5
 
Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Norton Security Toolbar) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-10-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-09]
CHR Extension: (Block site) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2015-07-28]
CHR Extension: (SiteAdvisor) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-02]
CHR Extension: (Color Piano!) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh [2015-07-27]
CHR Extension: (Norton Identity Safe) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-10-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Internet Download Manager PRO) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodeniaihllgjlnaphebjhloddeidefi [2015-11-14]
CHR Extension: (Gmail) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-10-02]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] -  <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-10-02]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] -  <not found>
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-01-28] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe [389944 2014-05-08] (ASUSTeK Computer Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2015-01-25] (Macrovision Europe Ltd.) [File not signed]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-06-03] (Futuremark)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-03-10] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [154856 2015-09-28] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R2 NSBU; C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\NSBU.exe [282016 2015-09-24] (Symantec Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-12-03] ()
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-04-01] (CyberLink)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [328992 2008-07-11] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [226592 2008-07-11] (SafeNet, Inc)
S3 SumRandoVPNService; C:\Program Files (x86)\SumRando\SumRando\misc\vpnmanagesvc.exe [108144 2015-03-12] (SumRando) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 ScProxySrv; "C:\Program Files\Quick Heal\Quick Heal AntiVirus Pro\ScProxySrv.exe" [X]
S2 ScSecSvc; "C:\Program Files\Quick Heal\Quick Heal AntiVirus Pro\ScSecSvc.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-12-01] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-02-15] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\BASHDefs\20151102.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R1 ccSet_NSBU; C:\Windows\system32\drivers\NSBUx64\1605040.018\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-10-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-10-17] (Symantec Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-11-13] ()
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\IPSDefs\20151112.001\IDSvia64.sys [767224 2015-10-20] (Symantec Corporation)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-05-03] (ASUSTeK Computer Inc.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-02-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-11-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 MbswMailbox; C:\Program Files (x86)\ASUS\AI Suite III\690b33e1-0462-4e84-9bea-c7552b45432a.sys [17208 2015-04-17] ()
R3 NAVENG; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\VirusDefs\20151112.032\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\VirusDefs\20151112.032\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0032.sys [28768 2015-04-08] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 NPF; C:\Windows\SysWOW64\drivers\npf.sys [42512 2015-01-16] (CACE Technologies)
S3 PPJoyBus; C:\Windows\System32\DRIVERS\PPJoyBus64.sys [20032 2009-11-04] (Deon van der Westhuysen)
S3 PPortJoystick; C:\Windows\System32\DRIVERS\PPortJoy64.sys [39488 2009-11-04] (Deon van der Westhuysen)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\NSBUx64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSBUx64\1605040.018\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSBUx64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-10-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSBUx64\1605040.018\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSBUx64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-01-23] (Spotflux, Inc.)
R3 tun3326; C:\Windows\System32\DRIVERS\tun3326.sys [32368 2013-03-22] (The OpenVPN Project)
R3 vvftav303; C:\Windows\System32\drivers\vvftav303.sys [308096 2007-06-23] (Vimicro Corporation)
R2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2011-06-23] (Windows ® Win 7 DDK provider)
R3 ZSMC0303; C:\Windows\System32\Drivers\usbVM303.sys [1494656 2007-03-25] (Vimicro Corporation)
S1 bsfs; system32\DRIVERS\bsfs.sys [X]
S3 cpuz137; \??\C:\Users\Gio\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 ggc; system32\DRIVERS\ggc.sys [X]
S1 nethfdrv; \??\C:\Windows\system32\drivers\nethfdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WolfVision Video Capture II; system32\DRIVERS\WolfVZCamera2.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-15 00:08 - 2015-11-15 20:46 - 00000000 ____D C:\FRST
2015-11-13 16:50 - 2015-11-13 16:51 - 00043664 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2015-11-13 15:56 - 2015-11-13 15:56 - 11324802 _____ C:\Users\Gio\Downloads\Popcorn_Lobby.zip
2015-11-13 14:24 - 2015-11-13 14:25 - 53433992 _____ C:\Users\Gio\Downloads\Thinkbox_KrakatoaMX_2.4.1_x64.rar
2015-11-13 14:19 - 2015-11-13 14:19 - 00000000 ____H C:\ProgramData\cm-lock
2015-11-12 18:24 - 2015-11-12 18:24 - 00000000 ____D C:\Users\Gio\AppData\LocalLow\uTorrent
2015-11-12 17:14 - 2015-11-12 17:14 - 01517205 _____ C:\Users\Gio\Downloads\BerconMaps_3_04.zip
2015-11-12 09:32 - 2015-11-15 20:45 - 00000550 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-423546431-4035410846-4171816442-1000.job
2015-11-12 09:32 - 2015-11-13 15:11 - 00000646 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-423546431-4035410846-4171816442-1000.job
2015-11-12 09:32 - 2015-11-12 09:32 - 00003664 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-423546431-4035410846-4171816442-1000
2015-11-12 09:32 - 2015-11-12 09:32 - 00003568 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-423546431-4035410846-4171816442-1000
2015-11-12 09:32 - 2015-11-12 09:32 - 00000000 ____D C:\Users\Gio\AppData\Local\Citrix
2015-11-10 20:40 - 2015-11-10 20:40 - 00042962 _____ C:\Users\Gio\Downloads\Calculus I  with Professor Richard Delaware Online Course Video Lectures_1288506171.torrent
2015-11-09 18:57 - 2015-11-09 18:57 - 00033185 _____ C:\Users\Gio\Downloads\[videotuts.ru]_Modelling the Audi R8.torrent
2015-11-09 18:55 - 2015-11-09 18:55 - 00030879 _____ C:\Users\Gio\Downloads\[videotuts.ru]_Viscorbel - Creating V-Ray Materials_Vol1.torrent
2015-11-09 18:04 - 2015-11-09 18:04 - 00055348 _____ C:\Users\Gio\Downloads\[rutracker.org].t4608494.torrent
2015-11-08 21:47 - 2015-11-08 21:57 - 867026989 _____ C:\Users\Gio\Downloads\HDRI-sun-clouds.rar
2015-11-08 21:44 - 2015-11-08 21:44 - 17433785 _____ C:\Users\Gio\Downloads\HDR_029_Sky_Cloudy_Free.zip
2015-11-08 20:56 - 2015-11-08 20:56 - 05261111 _____ C:\Users\Gio\Downloads\Kamen.zip
2015-11-08 20:01 - 2015-11-08 20:01 - 509023497 _____ C:\Users\Gio\Downloads\3ds.zip
2015-11-07 19:26 - 2015-11-07 19:26 - 00766693 _____ C:\Users\Gio\Downloads\Genetica Texture Pack 4 - Planet & Terrain.zip
2015-11-07 19:26 - 2015-11-07 19:26 - 00030148 _____ C:\Users\Gio\Downloads\Texture Pack 001 - JPEG.torrent
2015-11-07 18:06 - 2015-11-07 18:06 - 00064347 _____ C:\Users\Gio\Downloads\[rutracker.org].t4418813.torrent
2015-11-07 18:06 - 2015-11-07 18:06 - 00031094 _____ C:\Users\Gio\Downloads\[rutracker.org].t4258100.torrent
2015-11-07 17:54 - 2015-11-07 17:54 - 00094168 _____ C:\Users\Gio\Downloads\[rutracker.org].t4094770.torrent
2015-11-07 17:54 - 2015-11-07 17:54 - 00045879 _____ C:\Users\Gio\Downloads\[rutracker.org].t3387637.torrent
2015-11-07 17:54 - 2015-11-07 17:54 - 00012784 _____ C:\Users\Gio\Downloads\[rutracker.org].t4084723.torrent
2015-11-07 17:52 - 2015-11-07 17:52 - 00073409 _____ C:\Users\Gio\Downloads\[rutracker.org].t4112378.torrent
2015-11-07 17:36 - 2015-11-07 17:36 - 00109127 _____ C:\Users\Gio\Downloads\[rutracker.org].t4783335.torrent
2015-11-07 17:35 - 2015-11-07 17:35 - 00012944 _____ C:\Users\Gio\Downloads\[rutracker.org].t2211268.torrent
2015-11-07 17:32 - 2015-11-07 17:32 - 00016374 _____ C:\Users\Gio\Downloads\[rutracker.org].t4867445.torrent
2015-11-07 17:30 - 2015-11-07 17:30 - 00020529 _____ C:\Users\Gio\Downloads\[rutracker.org].t4881761.torrent
2015-11-07 17:27 - 2015-11-07 17:27 - 00017070 _____ C:\Users\Gio\Downloads\[rutracker.org].t5004248.torrent
2015-11-07 17:27 - 2015-11-07 17:27 - 00016190 _____ C:\Users\Gio\Downloads\[rutracker.org].t5004443.torrent
2015-11-07 17:26 - 2015-11-07 17:26 - 00175012 _____ C:\Users\Gio\Downloads\[rutracker.org].t5095159.torrent
2015-11-07 17:26 - 2015-11-07 17:26 - 00050862 _____ C:\Users\Gio\Downloads\[rutracker.org].t5093599.torrent
2015-11-07 17:26 - 2015-11-07 17:26 - 00013455 _____ C:\Users\Gio\Downloads\[rutracker.org].t5003979.torrent
2015-11-07 15:36 - 2015-11-07 15:36 - 02471028 _____ C:\Users\Gio\Downloads\final-scene.zip
2015-11-07 15:36 - 2015-11-07 15:36 - 01854694 _____ C:\Users\Gio\Downloads\glass-liquid-final-vray3.zip
2015-11-07 11:29 - 2015-11-07 11:29 - 00029613 _____ C:\Users\Gio\Downloads\[kat.cr]aleso3d.vray.interior.lighting.torrent
2015-11-04 22:37 - 2015-11-04 23:23 - 04047696 _____ C:\Users\Gio\Documents\Proeqt1.pln
2015-11-04 22:37 - 2015-11-04 23:21 - 04055184 _____ C:\Users\Gio\Documents\Proeqt1.bpn
2015-11-04 13:15 - 2015-11-05 17:37 - 00000000 ____D C:\Users\Gio\AppData\Local\VirtualStore
2015-11-04 13:15 - 2015-11-04 13:15 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-04 12:16 - 2015-11-04 12:16 - 03700400 _____ C:\Users\Gio\Documents\Proeqt.pln
2015-11-04 10:27 - 2015-11-12 10:47 - 00000000 ____D C:\Users\Gio\Graphisoft
2015-11-04 10:27 - 2015-11-12 08:58 - 00000000 ____D C:\Users\Gio\Documents\BIMx
2015-11-04 10:27 - 2015-11-04 10:27 - 00000000 ____D C:\Users\Gio\AppData\Roaming\Graphisoft
2015-11-04 10:27 - 2015-11-04 10:27 - 00000000 ____D C:\Users\Gio\AppData\Local\Graphisoft
2015-11-04 10:26 - 2015-11-04 10:26 - 00001191 _____ C:\Users\Public\Desktop\BIMx for ArchiCAD 18.lnk
2015-11-04 10:26 - 2015-11-04 10:26 - 00001016 _____ C:\Users\Public\Desktop\ArchiCAD 18.lnk
2015-11-04 10:26 - 2015-11-04 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter
2015-11-04 10:26 - 2015-11-04 10:26 - 00000000 ____D C:\ProgramData\CodeMeter
2015-11-04 10:26 - 2015-11-04 10:26 - 00000000 ____D C:\Program Files\CodeMeter
2015-11-04 10:26 - 2015-11-04 10:26 - 00000000 ____D C:\Program Files (x86)\CodeMeter
2015-11-04 10:25 - 2015-11-04 10:25 - 00008108 _____ C:\Windows\vpd.properties
2015-11-04 10:25 - 2015-11-04 10:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRAPHISOFT
2015-11-04 10:25 - 2015-11-04 10:25 - 00000000 ____D C:\Program Files\GRAPHISOFT
2015-11-04 10:18 - 2015-11-04 10:26 - 00000000 ____D C:\Users\Gio\AppData\Roaming\Install.GS
2015-11-04 10:18 - 2013-08-07 00:19 - 00595618 _____ C:\Users\Gio\AppData\Local\libcurl-4.dll
2015-11-04 10:18 - 2010-06-05 17:00 - 00042496 _____ (Open Source Software community project) C:\Users\Gio\AppData\Local\pthreadGC2-w64.dll
2015-11-04 10:05 - 2015-11-04 10:05 - 00012742 _____ C:\Users\Gio\Downloads\Graphisoft-ArchiCAD-18.torrent
2015-11-02 18:49 - 2015-11-02 18:49 - 00020578 _____ C:\Users\Gio\Downloads\torrent_4866762 %5B7tor.org%5D.torrent
2015-10-31 23:09 - 2015-10-31 23:10 - 40442559 _____ C:\Users\Gio\Downloads\D8_FumeFX_Looper.rar
2015-10-31 22:27 - 2015-10-31 22:27 - 12260023 _____ C:\Users\Gio\Downloads\YUDO.TV_C4D_PROJECTS.rar
2015-10-31 16:33 - 2015-10-31 16:33 - 15085792 _____ C:\Users\Gio\Downloads\Tiner_Shaders.rar
2015-10-30 21:44 - 2015-10-30 21:44 - 00002720 _____ C:\Users\Gio\Downloads\3D Artist - Issue 83 2015 (True PDF) ---[www.bts.to]--- .torrent
2015-10-29 17:50 - 2015-10-29 17:50 - 02349405 _____ C:\Users\Gio\Downloads\Polymodeling_chapter5_files.zip
2015-10-27 16:33 - 2015-10-27 16:33 - 00055945 _____ C:\Users\Gio\Downloads\[rutracker.org].t4548643.torrent
2015-10-27 16:33 - 2015-10-27 16:33 - 00013833 _____ C:\Users\Gio\Downloads\[rutracker.org].t4540133.torrent
2015-10-27 16:29 - 2015-10-27 16:29 - 00171841 _____ C:\Users\Gio\Downloads\[rutracker.org].t4635219.torrent
2015-10-27 16:17 - 2015-10-27 16:17 - 00024962 _____ C:\Users\Gio\Downloads\[kat.cr]digital.tutors.mixed.modeling.techniques.in.3ds.max.2012.sum1.here.torrent
2015-10-27 16:04 - 2015-10-27 16:04 - 00018013 _____ C:\Users\Gio\Downloads\[rutracker.org].t4312296.torrent
2015-10-27 16:04 - 2015-10-27 16:04 - 00016005 _____ C:\Users\Gio\Downloads\[rutracker.org].t4800584.torrent
2015-10-27 16:02 - 2015-10-27 16:02 - 00013572 _____ C:\Users\Gio\Downloads\grant-warwick-mastering-vray-lessons-10.torrent
2015-10-27 15:59 - 2015-10-27 15:59 - 00155805 _____ C:\Users\Gio\Downloads\3dmotive-organic-polypainting-in-zbrush-vol-1.torrent
2015-10-27 15:59 - 2015-10-27 15:59 - 00093650 _____ C:\Users\Gio\Downloads\zbrushworkshops-female-face-sculpting-with-steve-lord.torrent
2015-10-27 15:59 - 2015-10-27 15:59 - 00036241 _____ C:\Users\Gio\Downloads\methods-for-creating-a-low-poly-portrait-in-illustrator.torrent
2015-10-27 15:57 - 2015-10-27 15:57 - 00119216 _____ C:\Users\Gio\Downloads\cubebrush-high-poly-character-design.torrent
2015-10-27 15:57 - 2015-10-27 15:57 - 00020463 _____ C:\Users\Gio\Downloads\hazardousarts-sculpting.torrent
2015-10-27 15:56 - 2015-10-27 15:56 - 00038934 _____ C:\Users\Gio\Downloads\trey-ratcliffs-complete-hdr-tutorial.torrent
2015-10-27 15:55 - 2015-10-27 15:55 - 00699278 _____ C:\Users\Gio\Downloads\gumroad-likeness-sculpting-by-frank-tzeng.torrent
2015-10-27 15:55 - 2015-10-27 15:55 - 00021482 _____ C:\Users\Gio\Downloads\gumroad-josh-p.-crockett-introduction-to-creature-sculpting-grey-alien.torrent
2015-10-27 15:45 - 2015-10-27 15:45 - 00706133 _____ C:\Users\Gio\Downloads\uartsy-character-pipeline-for-games.torrent
2015-10-27 15:44 - 2015-10-27 15:44 - 00062155 _____ C:\Users\Gio\Downloads\uroki_3d_modelirovaniya_ot_killerivanov.torrent
2015-10-27 15:44 - 2015-10-27 15:44 - 00048182 _____ C:\Users\Gio\Downloads\the-gnomon-workshop-efficient-cinematic-lighting-2.torrent
2015-10-27 15:43 - 2015-10-27 15:43 - 00021563 _____ C:\Users\Gio\Downloads\[rutracker.org].t4999313.torrent
2015-10-27 15:43 - 2015-10-27 15:43 - 00017479 _____ C:\Users\Gio\Downloads\[rutracker.org].t4928485.torrent
2015-10-27 15:42 - 2015-10-27 15:42 - 00020573 _____ C:\Users\Gio\Downloads\[rutracker.org].t5076014.torrent
2015-10-27 15:40 - 2015-10-27 15:40 - 00021491 _____ C:\Users\Gio\Downloads\[rutracker.org].t5047143.torrent
2015-10-27 15:39 - 2015-10-27 15:39 - 00071998 _____ C:\Users\Gio\Downloads\[rutracker.org].t1122621.torrent
2015-10-27 15:38 - 2015-10-27 15:38 - 00022277 _____ C:\Users\Gio\Downloads\[rutracker.org].t5041889.torrent
2015-10-27 15:31 - 2015-10-27 15:31 - 00022106 _____ C:\Users\Gio\Downloads\[rutracker.org].t4560852.torrent
2015-10-27 15:31 - 2015-10-27 15:31 - 00020921 _____ C:\Users\Gio\Downloads\[rutracker.org].t4560949.torrent
2015-10-27 15:31 - 2015-10-27 15:31 - 00017320 _____ C:\Users\Gio\Downloads\[rutracker.org].t4561531.torrent
2015-10-27 15:31 - 2015-10-27 15:31 - 00017077 _____ C:\Users\Gio\Downloads\[rutracker.org].t4560878.torrent
2015-10-27 15:31 - 2015-10-27 15:31 - 00016590 _____ C:\Users\Gio\Downloads\[rutracker.org].t4561559.torrent
2015-10-23 16:39 - 2015-10-23 16:39 - 00014772 _____ C:\Users\Gio\Downloads\45B4DF5ADC488ECB3B1E7AE033C5670BCA6CD67B.torrent
2015-10-23 10:06 - 2015-10-23 13:48 - 00000000 ____D C:\Program Files\Marvelous Designer 5 Personal
2015-10-23 10:06 - 2015-10-23 10:06 - 00000959 _____ C:\Users\Public\Desktop\Marvelous Designer 5 Personal.lnk
2015-10-23 10:06 - 2015-10-23 10:06 - 00000000 ____D C:\Users\Public\Documents\MD5
2015-10-23 10:06 - 2015-10-23 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marvelous Designer 5 Personal
2015-10-21 21:15 - 2015-10-21 21:15 - 00023202 _____ C:\Users\Gio\Downloads\[videotuts.ru]_Digital-Tutors  Creative Development Mixed Modeling Techniques in 3ds Max 2012.torrent
2015-10-21 20:10 - 2015-10-21 20:10 - 04274261 _____ C:\Users\Gio\Downloads\5SRW-Program-Brochure (1).zip
2015-10-20 13:44 - 2015-10-20 13:44 - 00026261 _____ C:\Users\Gio\Downloads\elephorm-3-d-studio-max-vol-3-eclairage-materiaux-et-rendu.torrent
2015-10-20 13:43 - 2015-10-20 13:43 - 00015448 _____ C:\Users\Gio\Downloads\viscorbel-creating-v-ray-materials-vol3.torrent
2015-10-20 13:39 - 2015-10-20 13:39 - 00059078 _____ C:\Users\Gio\Downloads\v-ray-art-v-ray-interior-training-by-stanislav-orekhov.torrent
2015-10-20 13:24 - 2015-10-20 13:24 - 00033198 _____ C:\Users\Gio\Downloads\[rutracker.org].t3999589.torrent
2015-10-20 13:24 - 2015-10-20 13:24 - 00027241 _____ C:\Users\Gio\Downloads\[rutracker.org].t4073144.torrent
2015-10-20 13:24 - 2015-10-20 13:24 - 00020342 _____ C:\Users\Gio\Downloads\[rutracker.org].t3938438.torrent
2015-10-20 13:24 - 2015-10-20 13:24 - 00016973 _____ C:\Users\Gio\Downloads\[rutracker.org].t3986380.torrent
2015-10-20 13:24 - 2015-10-20 13:24 - 00014965 _____ C:\Users\Gio\Downloads\[rutracker.org].t3815552.torrent
2015-10-20 13:23 - 2015-10-20 13:23 - 00030944 _____ C:\Users\Gio\Downloads\[rutracker.org].t4058431.torrent
2015-10-20 13:23 - 2015-10-20 13:23 - 00022806 _____ C:\Users\Gio\Downloads\[rutracker.org].t4147448.torrent
2015-10-20 13:23 - 2015-10-20 13:23 - 00022690 _____ C:\Users\Gio\Downloads\[rutracker.org].t4121743.torrent
2015-10-20 13:23 - 2015-10-20 13:23 - 00015320 _____ C:\Users\Gio\Downloads\[rutracker.org].t4177951.torrent
2015-10-20 13:22 - 2015-10-20 13:22 - 00017408 _____ C:\Users\Gio\Downloads\[rutracker.org].t4220929.torrent
2015-10-20 13:22 - 2015-10-20 13:22 - 00015323 _____ C:\Users\Gio\Downloads\[rutracker.org].t4277151.torrent
2015-10-20 13:21 - 2015-10-20 13:21 - 00030418 _____ C:\Users\Gio\Downloads\[rutracker.org].t4348781.torrent
2015-10-20 13:21 - 2015-10-20 13:21 - 00021216 _____ C:\Users\Gio\Downloads\[rutracker.org].t4384900.torrent
2015-10-20 13:21 - 2015-10-20 13:21 - 00021050 _____ C:\Users\Gio\Downloads\[rutracker.org].t4481321.torrent
2015-10-20 13:21 - 2015-10-20 13:21 - 00018124 _____ C:\Users\Gio\Downloads\[rutracker.org].t4412708.torrent
2015-10-20 13:21 - 2015-10-20 13:21 - 00018070 _____ C:\Users\Gio\Downloads\[rutracker.org].t4624618.torrent
2015-10-20 13:20 - 2015-10-20 13:20 - 00012363 _____ C:\Users\Gio\Downloads\[rutracker.org].t4978416.torrent
2015-10-20 13:19 - 2015-10-20 13:19 - 00014461 _____ C:\Users\Gio\Downloads\[rutracker.org].t5003450.torrent
2015-10-19 22:19 - 2015-10-19 22:19 - 00002560 _____ C:\Users\Gio\Desktop\Norton Security with Backup.lnk
2015-10-19 19:42 - 2015-10-19 19:42 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security with Backup
2015-10-18 18:30 - 2015-10-18 18:30 - 03634193 _____ C:\Users\Gio\Downloads\Vray_grass.rar
2015-10-18 16:13 - 2015-10-19 19:42 - 00003240 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-10-18 16:13 - 2015-10-19 19:42 - 00002448 _____ C:\Users\Public\Desktop\Norton Security with Backup.LNK
2015-10-18 16:13 - 2015-10-18 21:32 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-10-18 16:13 - 2015-10-18 21:32 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-10-18 16:13 - 2015-10-18 16:13 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-10-18 16:12 - 2015-10-19 19:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security with Backup
2015-10-18 16:12 - 2015-10-19 19:42 - 00000000 ____D C:\Windows\system32\Drivers\NSBUx64
2015-10-18 16:12 - 2015-10-18 16:12 - 00000000 ____D C:\Program Files (x86)\Norton Security with Backup
2015-10-18 16:09 - 2015-10-18 16:10 - 129868680 _____ (Symantec Corporation) C:\Users\Gio\Downloads\NSBU-TW-22.5.0-EN-US.exe
2015-10-18 15:09 - 2015-10-18 15:16 - 84314641 _____ C:\Users\Gio\Downloads\ajl6a.Norton.Security.with.Backup.2015.22.5.4.24..Trial.ResetterFL.rar
2015-10-18 14:52 - 2015-10-18 14:52 - 01201328 _____ (Symantec Corporation) C:\Users\Gio\Downloads\AutoDetectPkg.exe
2015-10-18 14:38 - 2015-10-18 14:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
2015-10-18 14:38 - 2015-10-18 14:38 - 00000000 ____D C:\Windows\system32\Drivers\NSTx64
2015-10-18 14:38 - 2015-10-18 14:38 - 00000000 ____D C:\Program Files (x86)\Norton Identity Safe
2015-10-17 18:47 - 2015-10-17 18:47 - 00017700 _____ C:\Users\Gio\Downloads\sculpting-integration-concepts-for-3ds-max-and-mudbox-[torrentino].torrent
2015-10-17 18:45 - 2015-10-17 18:45 - 00021145 _____ C:\Users\Gio\Downloads\unleashing-the-power-of-v-ray-[torrentino].torrent
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-03-01 19:10 - 2014-12-01 20:58 - 00003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F91393ED-EBB5-497D-BF10-C3273B42CC9C}
2015-11-15 20:43 - 2014-12-01 21:01 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-15 20:43 - 2009-07-14 05:13 - 00792464 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-15 20:41 - 2014-12-01 18:35 - 01209760 _____ C:\Windows\WindowsUpdate.log
2015-11-15 20:38 - 2015-09-11 12:48 - 00002436 _____ C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5_user.job
2015-11-15 20:38 - 2015-09-11 12:48 - 00002436 _____ C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.job
2015-11-15 20:38 - 2015-02-07 14:55 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-15 20:38 - 2014-12-01 18:44 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-15 20:38 - 2014-12-01 18:32 - 00000000 ____D C:\Users\Gio
2015-11-15 20:38 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-15 20:38 - 2009-07-14 04:51 - 00071244 _____ C:\Windows\setupact.log
2015-11-14 02:50 - 2015-09-27 19:47 - 00000000 ____D C:\Games
2015-11-14 02:40 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\registration
2015-11-14 00:58 - 2010-11-21 07:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-13 16:31 - 2014-12-01 18:44 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-13 16:25 - 2015-02-09 20:16 - 00000000 ____D C:\Users\Gio\AppData\Local\CrashDumps
2015-11-13 14:26 - 2009-07-14 04:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-13 14:26 - 2009-07-14 04:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-13 14:19 - 2014-12-02 02:28 - 00042496 _____ (secr9tos) C:\Windows\system32\Drivers\oem-drv64.sys
2015-11-13 02:20 - 2014-12-01 23:16 - 00000000 ____D C:\Users\Gio\AppData\Roaming\uTorrent
2015-11-13 02:00 - 2014-12-01 23:42 - 00000000 ____D C:\Users\Gio\AppData\Local\Adobe
2015-11-11 15:35 - 2014-12-01 18:44 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-11 14:50 - 2010-11-21 03:47 - 11353598 _____ C:\Windows\PFRO.log
2015-11-09 18:31 - 2015-04-30 11:47 - 00004483 _____ C:\Users\Gio\Desktop\New Text Document (2).txt
2015-11-07 19:45 - 2015-07-27 13:53 - 00001456 _____ C:\Users\Gio\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-11-05 15:33 - 2014-12-01 21:01 - 00003826 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1417467685
2015-11-04 13:33 - 2014-12-03 19:20 - 00000000 ____D C:\Users\Gio\AppData\Roaming\DMCache
2015-11-04 13:27 - 2015-08-29 21:10 - 00000000 ____D C:\Users\Gio\Documents\SCANIA Truck Driving Simulator
2015-11-04 10:27 - 2014-12-01 20:03 - 00000000 ____D C:\Users\Gio\AppData\Roaming\MAXON
2015-11-04 00:17 - 2015-02-07 14:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-03 23:15 - 2015-01-15 18:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-03 21:24 - 2015-07-15 15:42 - 00000000 ____D C:\Users\Gio\ARIAConverted
2015-11-02 23:36 - 2015-01-26 12:18 - 00000000 ____D C:\Users\Gio\Documents\Euro Truck Simulator 2
2015-11-01 23:57 - 2014-12-03 19:20 - 00000000 ___HD C:\Users\Gio\Downloads\Video
2015-11-01 12:37 - 2015-05-10 14:18 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2015-10-31 16:13 - 2014-12-01 23:17 - 00000000 ____D C:\Users\Gio\AppData\Roaming\Skype
2015-10-30 13:58 - 2015-05-10 14:18 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-27 15:15 - 2015-02-25 13:12 - 00000000 ____D C:\Windows\pss
2015-10-27 15:13 - 2015-03-14 21:10 - 00000000 ____D C:\Users\Gio\.VirtualBox
2015-10-27 15:13 - 2015-02-01 14:10 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-27 15:13 - 2014-12-13 06:35 - 00000000 ___RD C:\Users\Gio\Creative Cloud Files
2015-10-27 15:12 - 2015-06-28 20:55 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-10-23 10:22 - 2014-12-01 20:02 - 00000000 ____D C:\Program Files\WinRAR
2015-10-23 10:04 - 2014-12-03 19:20 - 00000000 ____D C:\Users\Gio\Downloads\Compressed
2015-10-22 15:48 - 2015-08-21 12:52 - 00000000 ____D C:\Users\Gio\Downloads\Adobe After Effects Auto-Save
2015-10-22 09:53 - 2015-06-28 21:04 - 00001219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk
2015-10-21 13:02 - 2014-12-04 18:40 - 00000000 ____D C:\Users\Gio\AppData\Local\Akamai
2015-10-19 19:38 - 2014-12-03 19:20 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2015-10-18 16:12 - 2014-12-01 18:46 - 00000000 ____D C:\ProgramData\Norton
 
==================== Files in the root of some directories =======
 
2015-04-13 11:48 - 2015-04-13 22:39 - 0092881 _____ () C:\Users\Gio\AppData\Roaming\13_04_2015.htm
2015-04-13 23:08 - 2015-04-14 22:58 - 1226323 _____ () C:\Users\Gio\AppData\Roaming\14_04_2015.htm
2015-04-14 23:00 - 2015-04-15 22:48 - 0723329 _____ () C:\Users\Gio\AppData\Roaming\15_04_2015.htm
2015-04-15 23:25 - 2015-04-16 22:24 - 0453909 _____ () C:\Users\Gio\AppData\Roaming\16_04_2015.htm
2015-04-17 09:12 - 2015-04-17 10:03 - 0002459 _____ () C:\Users\Gio\AppData\Roaming\17_04_2015.htm
2014-12-11 14:44 - 2015-09-12 11:28 - 0000132 _____ () C:\Users\Gio\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-01-09 21:54 - 2015-06-30 18:04 - 0065615 _____ () C:\Users\Gio\AppData\Roaming\Camdata.ini
2015-01-09 21:54 - 2015-06-30 18:04 - 0000408 _____ () C:\Users\Gio\AppData\Roaming\CamLayout.ini
2015-01-09 21:54 - 2015-06-30 18:04 - 0000408 _____ () C:\Users\Gio\AppData\Roaming\CamShapes.ini
2015-01-16 17:27 - 2015-06-30 18:04 - 0004549 _____ () C:\Users\Gio\AppData\Roaming\CamStudio.cfg
2015-01-09 14:11 - 2015-06-30 18:03 - 0000096 _____ () C:\Users\Gio\AppData\Roaming\version2.xml
2015-07-27 13:53 - 2015-11-07 19:45 - 0001456 _____ () C:\Users\Gio\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-11-04 10:18 - 2013-08-07 00:19 - 0595618 _____ () C:\Users\Gio\AppData\Local\libcurl-4.dll
2015-02-15 18:49 - 2015-02-15 18:49 - 0000000 ___SH () C:\Users\Gio\AppData\Local\LumaEmu
2015-11-04 10:18 - 2010-06-05 17:00 - 0042496 _____ (Open Source Software community project) C:\Users\Gio\AppData\Local\pthreadGC2-w64.dll
2014-12-03 19:19 - 2014-12-12 12:05 - 0007604 _____ () C:\Users\Gio\AppData\Local\Resmon.ResmonCfg
2015-03-14 21:09 - 2015-03-14 21:09 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2015-11-13 14:19 - 2015-11-13 14:19 - 0000000 ____H () C:\ProgramData\cm-lock
2014-12-01 19:03 - 2014-12-01 19:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-12 11:39 - 2014-12-12 11:39 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-08-18 17:12 - 2015-08-18 17:12 - 0000016 _____ () C:\ProgramData\mntemp
 
Some files in TEMP:
====================
C:\Users\Gio\AppData\Local\Temp\_is4A4B.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
nointegritychecks: ==> "IntegrityChecks" is disabled. <===== ATTENTION
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {f545a331-79ca-11e4-9040-a36a18e11033}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
loadoptions             DDISABLE_INTEGRITY_CHECKS
inherit                 {bootloadersettings}
recoverysequence        {f545a333-79ca-11e4-9040-a36a18e11033}
recoveryenabled         Yes
nointegritychecks       Yes
testsigning             No
osdevice                partition=C:
systemroot              \Windows
resumeobject            {f545a331-79ca-11e4-9040-a36a18e11033}
nx                      OptIn
custom:26000027         Yes
 
Windows Boot Loader
-------------------
identifier              {f545a333-79ca-11e4-9040-a36a18e11033}
device                  ramdisk=[C:]\Recovery\f545a333-79ca-11e4-9040-a36a18e11033\Winre.wim,{f545a334-79ca-11e4-9040-a36a18e11033}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\f545a333-79ca-11e4-9040-a36a18e11033\Winre.wim,{f545a334-79ca-11e4-9040-a36a18e11033}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {f545a331-79ca-11e4-9040-a36a18e11033}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {f545a334-79ca-11e4-9040-a36a18e11033}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\f545a333-79ca-11e4-9040-a36a18e11033\boot.sdi
 
 
 
LastRegBack: 2015-11-10 18:19
 
==================== End of FRST.txt ============================
 
 
 
 
 
 
 
addition
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Gio (2015-11-15 20:46:36)
Running from H:\
Windows 7 Ultimate Service Pack 1 (X64) (2014-12-01 18:32:30)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-423546431-4035410846-4171816442-500 - Administrator - Disabled)
Gio (S-1-5-21-423546431-4035410846-4171816442-1000 - Administrator - Enabled) => C:\Users\Gio
Guest (S-1-5-21-423546431-4035410846-4171816442-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security with Backup (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security with Backup (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security with Backup (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{12d6e0d7-21d5-4755-9da2-70352c6f7558}) (Version: 1.5.915.0 - Futuremark)
3DMark (Version: 1.5.915.0 - Futuremark) Hidden
A4 TECH PC Camera H (HKLM\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D303B}) (Version:  - )
A4 TECH PC Camera H (HKLM-x32\...\{CE3B8E96-B0AF-4871-9178-1519B58E3A93}) (Version: 2007.11.12 - Vimicro)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2014 (HKLM-x32\...\{766255CE-D156-11E3-8DBC-A136EB52ACCF}) (Version: 14.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe InDesign CC (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5 64-bit (HKLM\...\{6C1A010F-9108-4162-A26F-9FEC4AC0F0F0}) (Version: 5.0.1 - Adobe)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 7.1 - PainteR)
Age of Empires III v1.14 / 1.06 / 1.03 / [RUS/ENG] RePack by R.G. Revenants (HKLM-x32\...\{7F4F8D5D-9EB9-45DF-A475-30F615FFA85B}}_R.G.Revenants_is1) (Version:  - )
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.80 - ASUSTeK Computer Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
ANDY OS (HKLM-x32\...\Andy OS) (Version: 1.1 - andyroid.net)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArchiCAD 18 INT (HKLM\...\001FFF2FFF18FF00FF0701F01F02F000-R1) (Version: 18.0 - GRAPHISOFT)
ARIA Engine v1.8.2.2 (HKLM\...\ARIA Engine_is1) (Version: v1.8.2.2 - Plogue Art et Technologie, Inc)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ASUS PC Diagnostics (HKLM-x32\...\{D709005F-D8DC-42A8-8435-5AE880ECAF82}) (Version: 1.3.7 - ASUSTeK Computer Inc.)
AutoCAD 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - English (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.0.27.1100 - Autodesk)
Autodesk 3ds Max 2015 (HKLM\...\Autodesk 3ds Max 2015) (Version: 17.0.630.0 - Autodesk)
Autodesk 3ds Max 2015 (Version: 17.0.630.0 - Autodesk) Hidden
Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.159.0 - Autodesk)
Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk)
Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2015 (HKLM\...\{9167CA34-4E48-49E3-8892-3C439739D2D3}) (Version: 17.0 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk ReCap (Version: 1.3.1.39 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.107.0 - Autodesk) Hidden
AVS Video Editor 7.0 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.0.1.258 - Online Media Technologies Ltd.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.1.731 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Batman Arkham Origins (Initiation & Cold Cold Heart) (HKLM-x32\...\{D1F2AE32-7AAE-4D91-9193-171200F18E2F}) (Version: 6.0 - Black Box)
Battlefield Bad Company 2 (HKLM-x32\...\Battlefield Bad Company 2_is1) (Version:  - )
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Blender (HKLM\...\{BBE9D9F0-3F77-4E26-9E10-1AFB56D41363}) (Version: 2.76.0 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Burger Shop (HKLM-x32\...\Burger Shop_is1) (Version:  - )
Burger Shop 2 (HKLM-x32\...\Burger Shop 2) (Version: 1.0.0.1 - iWin.com)
Bus Driver (HKLM-x32\...\BFG-Bus Driver) (Version:  - )
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.00 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG2400 series User Registration (HKLM-x32\...\Canon MG2400 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden
CinemaP-1.9cV11.09 (HKLM-x32\...\CinemaP-1.9cV11.09) (Version: 1.36.01.22 - Cinema PlusV11.09) <==== ATTENTION
Cities XXL (HKLM-x32\...\Cities XXL_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Citrix Online Launcher (HKLM-x32\...\{E5F6D26D-E180-4547-A865-565EAB61000C}) (Version: 1.0.362 - Citrix)
City Car Driving 1.2.2 (HKLM-x32\...\{CC457F3D-5CDE-4CE8-9685-90A4EDE81374}_is1) (Version:  - Forward Development)
CodeMeter Runtime Kit v5.10a (HKLM\...\{CADFF08A-A157-474F-B6A8-8F26F81F7ABE}) (Version: 5.10.1224.501 - WIBU-SYSTEMS AG)
Cold Fear, версия 1.0 (HKLM-x32\...\Cold Fear_is1) (Version: 1.0 - Ubisoft Entertainment)
ColdFear (HKLM-x32\...\{2C14901F-ED9D-40B5-8FE5-1BAF3D31F73B}) (Version: 1.00.0000 - Ubisoft)
Combat Arms - Line of Sight (HKLM-x32\...\Combat Arms - Line of Sight) (Version:  - )
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - RU (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Crashday Forever Build 3 (HKLM-x32\...\Crashday Forever Build 3) (Version: Build 3 - °¤AcTiViSioN¤°)
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
CyberLink PowerDirector 13 (HKLM-x32\...\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}) (Version: 13.0.2604.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0 - CyberLink Corp.)
Daylight (HKLM-x32\...\Daylight_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Dino Crisis 2 (HKLM-x32\...\Dino Crisis 2_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, SeRaph1)
discoDSP Discovery v2.4 (HKLM-x32\...\discoDSP Discovery v2.4_is1) (Version: 2.4 - discoDSP)
Driver (HKLM-x32\...\Driver) (Version:  - )
Driver.San Francisco.v 1.04.1114 (HKLM-x32\...\Driver.San Francisco.v 1.04.1114_is1) (Version: Driver.San Francisco.v 1.04.1114 - GREK93)
Driving Simulator 2012 Version 1.64 (HKLM-x32\...\Driving Simulator 2012_is1) (Version: 1.64 - astragon Software GmbH)
East West EWQLSO Gold Edition (HKLM-x32\...\East West EWQLSO Gold Edition) (Version:  - )
Edirol Super Quartet v1.52 TALiO (HKLM-x32\...\Edirol Super Quartet v1.52 TALiO) (Version:  - )
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.6.6.2133 - Steinberg Media Technologies GmbH)
Euro Truck Simulator 2 v1.1.1 (HKLM-x32\...\{3DD29525-FAD0-47A5-93D2-EB304F1A0E87}_is1) (Version:  - )
FIFA 11 (HKLM-x32\...\FIFA 11_is1) (Version:  - REXE)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
FumeFX 3.5.4 R2015 64-bit (HKLM-x32\...\{B6AB7067-3ADE-4BB2-A98A-A3DCA6C251A3}) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{AFBB2F94-A43D-46AD-8F77-66ACB3C71EDF}) (Version: 4.39.552.0 - Futuremark)
GameRanger (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\GameRanger) (Version:  - GameRanger Technologies)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.64.5211 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GoToMeeting 7.4.2.3880 (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\GoToMeeting) (Version: 7.4.2.3880 - CitrixOnline)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Graphisoft ArchiCAD 18 3006 (HKLM-x32\...\Graphisoft ArchiCAD 18 3006) (Version: 3006 - Graphisoft)
GT Interactive - Driver Demo (HKLM-x32\...\GT Interactive - Driver Demo) (Version:  - )
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Gross Beat (HKLM-x32\...\IL Gross Beat) (Version:  - Image-Line bvba)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.17 - Intel® Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - )
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Jane's Advanced Strike Fighters (HKLM-x32\...\Jane's Advanced Strike Fighters_is1) (Version: Jane's Advanced Strike Fighters - Fenixx--Repack--(17.11.2011))
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Jurassic Park - Operation Genesis (HKLM-x32\...\Jurassic Park - Operation Genesis_is1) (Version:  - )
K-Lite Codec Pack 7.5.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.5.0 - )
Krakatoa MX 2.3 64-bit (HKLM\...\{80A527A9-9249-4C03-ADB4-B8941A897CD1}) (Version: 2.3.1.56082 - Thinkbox Software)
Let's Sing (HKLM-x32\...\TGV0c1Npbmc=_is1) (Version: 1 - )
Linplug CM-505 v1.01 (HKLM-x32\...\Linplug CM-505 v1.01) (Version:  - )
Mafia II, 1.2 (HKLM-x32\...\Mafia II_is1) (Version: 1.2 - Shepards)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Marvelous Designer 5 Personal (HKLM-x32\...\Marvelous Designer 5 Personal) (Version:  - CLO Virtual Fashion Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.283 - McAfee, Inc.)
Metal Gear Solid V Ground Zeroes, âåðñèÿ 1.0 (HKLM-x32\...\Metal Gear Solid V Ground Zeroes_is1) (Version: 1.0 - =×óâàê=)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mirror's Edge.v 1.0.1.0 (HKLM-x32\...\Mirror's Edge.v 1.0.1.0_is1) (Version: Mirror's Edge.v 1.0.1.0 - Repack by Fenixx (05.02.2014))
Mortal Kombat X Update 20150709 (HKLM-x32\...\TW9ydGFsS29tYmF0WA==_is1) (Version: 1 - )
Mortal Kombat X, версия 1.0 (HKLM-x32\...\Mortal Kombat X_is1) (Version: 1.0 - =Чувак=)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.3.0.6464 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Need for Speed 4 High Stakes (HKLM-x32\...\{3ECDDB80-DB1D-11D4-8B30-000021015D1C}) (Version:  - )
Need for Speed 5 Porsche Unleashed (HKLM-x32\...\{4CA7F8A0-DB20-11D4-8B30-000021015D1C}) (Version:  - )
Need for Speed™ Undercover (HKLM-x32\...\Need for Speed™ Undercover_is1) (Version:  - )
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.0 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials V for Windows (HKLM-x32\...\NewBlue Video Essentials V for Windows) (Version: 3.0 - NewBlue)
Next Car Game Technology Sneak Peek 2.0 (HKLM-x32\...\Next Car Game Technology Sneak Peek) (Version:  - Bugbear Entertainment)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)
Norton Security with Backup (HKLM-x32\...\NSBU) (Version: 22.5.4.24 - Symantec Corporation)
Novation Bass-Station VSTi v1.10 (HKLM-x32\...\Novation Bass-Station VSTi v1.10) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com)
Opera Stable 33.0.1990.58 (HKLM-x32\...\Opera 33.0.1990.58) (Version: 33.0.1990.58 - Opera Software)
Oracle VM VirtualBox 4.3.20 (HKLM\...\{86401870-7AB7-4A8D-8AD6-12B27DF2E6E3}) (Version: 4.3.20 - Oracle Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Phoenix FD for 3ds Max 2015 for x64 (HKLM\...\Phoenix FD for 3ds Max 2015 for x64) (Version: 2.20.00 - Chaos Software Ltd)
Plogue sforzando v1.822 (HKLM\...\__ARIA_1014___is1) (Version: v1.822 - Plogue)
POV-Ray for Windows v3.7 (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\POV-Ray for Windows v3.7) (Version: 3.7 - Persistence of Vision Raytracer Pty. Ltd.)
PPJoy Joystick Driver 0.8.4.5 (HKLM-x32\...\PPJoy Joystick Driver) (Version: 0.8.4.5 - Deon van der Westhuysen)
Prison Break The Conspiracy (HKLM-x32\...\Prison Break The Conspiracy_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.108.1 - proDAD GmbH)
Project CARS v1.1 / RePack by (HKLM-x32\...\Project CARS_is1) (Version:  - )
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
RayFire 1.65 - 3ds Max 2016 (HKLM-x32\...\RayFire) (Version: 1.65 - 3ds Max 2016 - Mir Vadim)
RE:Vision Effects Twixtor AE (HKLM\...\Twixtor AE 6.1.0_is1) (Version: 6.1.0 - Team V.R)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.6.0 - Red Giant, LLC)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
rFactor (remove only) (HKLM-x32\...\rFactor) (Version:  - )
Richard Burns Rally (HKLM-x32\...\{92C7D009-A464-4948-A980-7A3E28CB2F49}) (Version: 1.00.000 - )
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
SCANIA Truck Driving Simulator 1.0.0 (HKLM-x32\...\SCANIA Truck Driving Simulator) (Version: 1.0.0 - SCS Software)
Sentinel Protection Installer 7.5.0 (HKLM-x32\...\{A5A63519-F5C2-4F4A-849A-F28A1AB3D522}) (Version: 7.5.0 - SafeNet, Inc.)
Shaun White Snowboarding (HKLM-x32\...\{2E52FB79-7F60-4AD7-B946-5ED18B4F274E}) (Version: 1.00 - Ubisoft)
SimLab SolidWorks Importer 6.0 for 3ds Max x64 (HKLM\...\{CC694521-C1B7-4186-8A90-8FAE19C08CFD}) (Version: 6.0 - SimLab Soft)
Singularity (HKLM-x32\...\Singularity_is1) (Version:  - Новый Диск)
SketchUp Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden
Spicy Guitar  (64 bits) (HKLM-x32\...\KeolabSpicyGuitar64b_is1) (Version:  - Keolab)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.20.9.4533 - Enigma Software Group, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Cubase LE AI Elements 7 64bit (HKLM\...\{67E7C608-D0EA-4273-B374-50ABE42FBE08}) (Version: 7.0.6 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Sugar Bytes Effectrix 1.4.2 (HKLM\...\Effectrix_is1) (Version: 1.4.2 - Sugar Bytes)
Sugar Bytes Guitarist Library 1.0 (HKLM-x32\...\Guitarist Library_is1) (Version: 1.0 - Sugar Bytes)
Sugar Bytes Robotronic 1.3 (HKLM\...\Robotronic_is1) (Version: 1.3 - Sugar Bytes)
Sugar Bytes Turnado 1.5 (HKLM\...\Turnado_is1) (Version: 1.5 - Sugar Bytes)
Sugar Bytes Vogue 1.3.1 (HKLM\...\Vogue_is1) (Version: 1.3.1 - Sugar Bytes)
Sugar Bytes WOW 1.2 (HKLM\...\WOW_is1) (Version: 1.2 - Sugar Bytes)
SumRando (HKLM-x32\...\SumRandoSumRando) (Version: 1.0.0.172 - SumRando)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Sylenth1 v2.21 (HKLM\...\Sylenth1_is1) (Version:  - )
Synapse Scorpion v4.0 (HKLM-x32\...\Synapse Scorpion v4.0) (Version:  - )
Synthesia (HKLM-x32\...\Synthesia) (Version: 9 - Synthesia LLC)
TeamPlayer 2.2.0 (HKLM-x32\...\TeamPlayer_is1) (Version: 2.2.0 - WunderWorks)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Test Drive Ferrari Racing Legends (HKLM-x32\...\Test Drive Ferrari Racing Legends_is1) (Version:  - )
Toon Boom Animate Pro 2 (HKLM-x32\...\{46ADAC53-F1D2-41B4-B57C-DF43C70904FB}) (Version: 7.9.1 - Toon Boom Animation)
Trapcode Suite v12.1.9 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 12.1.9 - Red Giant, LLC)
TVP Animation 9.5 Professional Edition (remove only) (HKLM-x32\...\TVP Animation 9 Pro) (Version:  - )
TVPaint Animation 10 Pro v10.0.16 (HKLM-x32\...\TVPaint Animation 10 Pro v10.0.1610.0.16) (Version: 10.0.16 - Friends in War)
UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\UnityWebPlayer) (Version: 4.6.0f3 - Unity Technologies ApS)
V-Ray for 3dsmax 2015 for x64 (HKLM\...\V-Ray for 3dsmax 2015 for x64) (Version: 3.00.07 - Chaos Software Ltd)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.11 - NCH Software)
WebcamMax (HKLM-x32\...\WebcamMax) (Version: 7.5.8.8.MultiLanguage - )
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
WinRAR 5.20 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.4 - win.rar GmbH)
Аrdamаx Kеylogger 4.3.9 (HKLM-x32\...\Аrdamаx Kеylogger 4.3.9) (Version:  - )
ВАЛЛ-И (HKLM-x32\...\ВАЛЛ-И_is1) (Version: 1.0 - GUGUCHA)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{83B0E426-D4EE-11D4-BEDF-BAB7F1EEA455}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\addflow4.ocx (Lassalle Technologies)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Gio\AppData\Local\Citrix\GoToMeeting\3880\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
 
==================== Restore Points =========================
 
13-11-2015 16:54:23 Checkpoint by HitmanPro
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 02:34 - 2015-09-30 22:47 - 00001392 ____N C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 anchorfree.net
127.0.0.1 rss2search.com
127.0.0.1 techbrowsing.com
127.0.0.1 box.anchorfree.net
127.0.0.1 www.mefeedia.com
127.0.0.3 www.anchorfree.net
127.0.0.2 www.mefeedia.com
127.0.0.1 anchorfree.us
127.0.0.1 a433.com
127.0.0.3 anchorfree.net
127.0.0.1 rpt.anchorfree.net
127.0.0.1 delivery.anchorfree.us/land.php
127.0.0.1 hsselite.com
127.0.0.1 www.hsselite.com127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
127.0.0.1                   na1r.services.adobe.com
127.0.0.1                   hlrcv.stage.adobe.com
0.0.0.1 mssplus.mcafee.com
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0293C085-91A2-482F-91FF-91B358264D14} - System32\Tasks\G2MUpdateTask-S-1-5-21-423546431-4035410846-4171816442-1000 => C:\Users\Gio\AppData\Local\Citrix\GoToMeeting\3880\g2mupdate.exe [2015-11-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {05D4B7B5-DAC0-4BB8-8636-EE693BEBE4F4} - System32\Tasks\Opera scheduled Autoupdate 1417467685 => C:\Program Files (x86)\Opera\launcher.exe [2015-10-30] (Opera Software)
Task: {14CE6AF7-D33D-43D8-9249-A70E49E66877} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {1E045EFB-AF82-43DC-BC84-BF5E4F479AC1} - System32\Tasks\Norton Security with Backup\Norton Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {4735F17D-03C4-4CD8-B568-093B45D00C39} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {4A3B9FEF-63CD-4769-8A02-93DB387AD993} - \LaunchSignup -> No File <==== ATTENTION
Task: {5811CE22-1926-4901-98DA-BA318FB40DF5} - System32\Tasks\ASUS\i-Setup185311 => C:\Windows\Intel_Chipset_Win7-8-8-1_V10016\AsusSetup.exe [2014-12-01] (ASUSTeK Computer Inc.)
Task: {586FC3DB-9ADE-4A95-92FD-EB43A43EA45B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5F280624-B65A-48EE-B85D-0F6461C7C8C5} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2014-03-27] ()
Task: {6A526F91-9E2C-45D8-98A2-1959842FF50C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {6F04F64F-1478-4E2B-8B5E-A1D0EFE956D9} - System32\Tasks\{17F40C2C-7314-47EB-AC2D-CB1CCEF9C767} => pcalua.exe -a "E:\s\Image Line Gross Beat 1.0.1\grossbeat_install.exe" -d "E:\s\Image Line Gross Beat 1.0.1"
Task: {710F117B-920C-436B-A05B-E1DB89A178E8} - System32\Tasks\{B048AEEA-BC9B-41BA-9B21-0836A4BB5417} => c:\program files (x86)\opera\launcher.exe [2015-10-30] (Opera Software)
Task: {773AF888-CFEF-436D-8485-7703C674AAD3} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2014-05-03] (TODO: <Company name>)
Task: {77E35024-1DB9-4DB7-8408-6F0F5EE7ADA6} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-01-10] (ASUSTeK Computer Inc.)
Task: {894E1C4A-5090-4D67-A7A1-4840BBA6415A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\WSCStub.exe [2015-09-24] (Symantec Corporation)
Task: {8CC26450-B3A4-44EA-8C1F-631878C45692} - System32\Tasks\{4A0D3DEC-FE2C-41E4-8062-44AEDD549E32} => c:\program files (x86)\opera\launcher.exe [2015-10-30] (Opera Software)
Task: {91C25A1E-8EE5-428B-B081-5C7D7445BD0E} - System32\Tasks\{E23A209F-322A-4CE5-BD7C-41A7F0F29CAC} => D:\Games\Need for Speed 4 High Stakes\nfshs.exe [1999-05-26] (Electronic Arts, Inc.)
Task: {92CCD290-2AF3-4E61-9B2E-6723E507071A} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-05-09] (ASUSTeK Computer Inc.)
Task: {93E20DA9-DF20-4692-8997-95BE6D03EF78} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-05-04] ()
Task: {979B811B-CB9A-448B-9E94-FCA5A298166E} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {99CF9D89-8059-4A93-AFB5-C04CCE43DBC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {9D64AF71-F5AE-4568-8B0E-8054EC7FE0E0} - System32\Tasks\AdobeAAMUpdater-1.0-Gio-PC-Gio => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04] (Adobe Systems Incorporated)
Task: {A6C1B173-0FBA-4371-B582-E8ABC2B4B2C7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AE744A52-3036-48EB-A921-A20A7E297EFA} - System32\Tasks\G2MUploadTask-S-1-5-21-423546431-4035410846-4171816442-1000 => C:\Users\Gio\AppData\Local\Citrix\GoToMeeting\3880\g2mupload.exe [2015-11-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {AF3FA76A-6C08-4D01-B5DC-6FEB36148A8D} - System32\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5 => C:\Program Files (x86)\CinemaP-1.9cV11.09\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.exe <==== ATTENTION
Task: {B331C41F-4CF6-4676-B742-A7858165E02B} - System32\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5_user => C:\Program Files (x86)\CinemaP-1.9cV11.09\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.exe <==== ATTENTION
Task: {D08519BD-9195-47F0-B9B9-005FBB35996A} - System32\Tasks\Norton Security with Backup\Norton Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {E67F08B6-3B9A-4C5B-88E5-BE098E02D6C0} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {F4725DEB-3FB0-4CBB-A1F1-4A73466AACF5} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.job => C:\Program Files (x86)\CinemaP-1.9cV11.09\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5_user.job => C:\Program Files (x86)\CinemaP-1.9cV11.09\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-423546431-4035410846-4171816442-1000.job => C:\Users\Gio\AppData\Local\Citrix\GoToMeeting\3880\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-423546431-4035410846-4171816442-1000.job => C:\Users\Gio\AppData\Local\Citrix\GoToMeeting\3880\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-09-11 18:02 - 2015-09-11 18:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-12-04 15:24 - 2014-05-04 20:57 - 01270584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2014-12-04 15:24 - 2014-03-27 19:33 - 01430328 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2014-01-28 03:16 - 2014-01-28 03:16 - 00936728 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-03-27 15:27 - 2013-05-14 09:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-12-03 22:49 - 2014-12-03 22:49 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-10 15:22 - 2015-03-10 15:22 - 00391784 _____ () C:\Windows\system32\igfxTray.exe
2014-12-03 20:03 - 2006-07-04 14:16 - 00049152 _____ () C:\Windows\Domino.exe
2014-12-04 15:24 - 2014-04-11 09:53 - 01045304 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
2014-12-04 15:24 - 2014-04-11 10:53 - 00037176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
2014-12-04 15:23 - 2014-05-08 14:09 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
2014-12-02 14:47 - 2014-09-04 03:41 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-12-02 14:47 - 2014-09-04 03:41 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00859136 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00801280 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
2014-12-04 15:23 - 2014-05-08 14:09 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2014-12-04 15:23 - 2014-05-08 14:09 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2014-12-04 15:24 - 2014-05-09 14:09 - 04066816 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2014-12-04 15:24 - 2014-02-25 16:53 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2014-12-04 15:24 - 2014-05-08 14:09 - 00827392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2014-12-04 15:24 - 2014-05-03 03:33 - 00053248 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.17\Exeio.dll
2014-12-04 15:24 - 2014-05-03 03:33 - 00278528 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.17\Vender.dll
2014-12-04 15:23 - 2014-01-28 03:16 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2014-12-04 15:24 - 2014-03-27 19:32 - 05778096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2014-12-04 15:24 - 2014-02-24 17:49 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2014-12-04 15:23 - 2015-11-15 20:38 - 00034960 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2014-12-01 19:10 - 2014-01-28 03:16 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2014-12-04 15:24 - 2013-11-20 10:10 - 00662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
2014-12-04 15:24 - 2013-07-02 10:40 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll
2014-12-04 15:24 - 2014-04-10 15:23 - 00643584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMiniMsg.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:1663E41B
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:466F9D5D
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Gio\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Andy => C:\Program Files\Andy\HandyAndy.exe
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: WebcamMaxAutoRun => "C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{0D9C987A-D6A6-4E95-BD80-7C15AE800E0A}C:\users\gio\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gio\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{2E3247A4-BAC2-4A11-8BCE-BF7926D52783}C:\users\gio\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gio\appdata\local\akamai\netsession_win.exe
FirewallRules: [{312AC3D4-CB38-4D2D-9433-66379BEC1FC7}] => (Block) C:\users\gio\appdata\local\akamai\netsession_win.exe
FirewallRules: [{89B16F54-DFF0-4424-94BE-839B58DB41A6}] => (Block) C:\users\gio\appdata\local\akamai\netsession_win.exe
FirewallRules: [{6B356E88-0B91-4690-B711-F42165ACFE21}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6DA28468-AF99-4A85-AF86-EF8A0DA93014}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{5D6DAAAA-84C7-4904-A1E3-612132B7D8EE}D:\games\city car driving\bin\win32\starter.exe] => (Allow) D:\games\city car driving\bin\win32\starter.exe
FirewallRules: [UDP Query User{A9348B49-D433-4FC2-A972-234498D4C93D}D:\games\city car driving\bin\win32\starter.exe] => (Allow) D:\games\city car driving\bin\win32\starter.exe
FirewallRules: [{CB547D4F-DAEE-4FDD-A547-FEDD128A0D0E}] => (Allow) D:\Games\Combat Arms EU\NMService.exe
FirewallRules: [{E79ACCA7-9348-4C8A-A019-3B8FC7D1DC6E}] => (Allow) D:\Games\Combat Arms EU\NMService.exe
FirewallRules: [{01B1BAEB-526D-46E0-9A51-A99EFC0AC2B0}] => (Allow) C:\Users\Gio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1D8AECBA-15C3-44FE-B9E7-93FF1DBE33DD}] => (Allow) C:\Users\Gio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [C:\Program Files (x86)\AFLICS\AfterFLICS.exe] => (Allow) C:\Program Files (x86)\AFLICS\AfterFLICS.exe
FirewallRules: [C:\Program Files (x86)\AFLICS\AfterFLICS_tools.exe] => (Allow) C:\Program Files (x86)\AFLICS\AfterFLICS_tools.exe
FirewallRules: [TCP Query User{50B78C5A-8D4E-40A3-A930-51DF8D10B5F0}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{C3EB7921-5712-4BE6-BDCF-C28C32BD1C64}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{44769911-F111-4492-B7B4-5AC2EF1FA8CA}C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe
FirewallRules: [UDP Query User{1B83E0AE-B451-46B4-BCF7-7A07EF01C5C6}C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe
FirewallRules: [TCP Query User{4D072BC7-5504-4FD8-AFED-E912E17F8657}C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe
FirewallRules: [UDP Query User{8F25E9AD-02A7-4149-B144-FAF585E282D0}C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe
FirewallRules: [TCP Query User{A4B76FD8-B87E-4C13-B26E-65DCF0641B71}E:\from os\smartpixel\bin\smartpixel.exe] => (Allow) E:\from os\smartpixel\bin\smartpixel.exe
FirewallRules: [UDP Query User{EED82238-896D-4B5C-82EF-696788F4768E}E:\from os\smartpixel\bin\smartpixel.exe] => (Allow) E:\from os\smartpixel\bin\smartpixel.exe
FirewallRules: [TCP Query User{3658E3C6-EEB1-4BC7-91D5-5535C658D875}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D200290D-C6CB-43C9-858E-1643EDC3A707}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{60EE7854-F278-44E7-990E-FCBE91E7DE30}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1837D16C-042E-4D68-A4C1-95325DCD47B4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1DF4AB5B-82E3-4FB4-9EC2-BE12C2D3E42F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C799BB6F-BE4A-4D37-85E1-0C54A76DCCD1}D:\games\driver.san francisco.v 1.04.1114\driver.exe] => (Block) D:\games\driver.san francisco.v 1.04.1114\driver.exe
FirewallRules: [UDP Query User{59D37B68-68B6-4400-9D11-3126EC163233}D:\games\driver.san francisco.v 1.04.1114\driver.exe] => (Block) D:\games\driver.san francisco.v 1.04.1114\driver.exe
FirewallRules: [{D357D906-D1FC-4E82-94C6-E1FA23DFDE2C}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe
FirewallRules: [{507B3D54-2DAC-4E4C-91D5-57F4732B5E99}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe
FirewallRules: [{3670E39E-BA68-4EF8-9CB2-EC8845FEAB4A}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe
FirewallRules: [{39064606-7528-478F-9BD3-35273EDD6B3A}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe
FirewallRules: [{DB008D9F-FA8F-4301-8089-BD03F31C61CF}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{36B2B8C0-474A-48DC-8A8A-101229833354}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{73D42B21-3BB3-4574-8152-7D9A067531E2}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{4F9D80DB-759C-42AB-BAA8-A5105BF34D0E}] => (Block) %ProgramFiles%\Marvelous Designer 5 Personal\MD5_Personal_x64.exe
FirewallRules: [{CF247259-1D78-4187-9A18-195DD8E82148}] => (Block) %ProgramFiles%\Marvelous Designer 5 Personal\MD5_Personal_x64.exe
FirewallRules: [{3CF0CAFD-44E9-4CFF-8FC4-D0C552639F68}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DA439A8E-F69B-41CE-BF92-3E5D14C290D0}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
FirewallRules: [{0BBA4E1B-9705-478A-9940-A366AF5D693E}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: nethfdrv
Description: nethfdrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: nethfdrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/15/2015 08:38:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/13/2015 04:25:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x52e23951
Faulting module name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x52e23951
Exception code: 0xc0000005
Fault offset: 0x0000000000015a1e
Faulting process id: 0xa78
Faulting application start time: 0xWSCommCntr4.exe0
Faulting application path: WSCommCntr4.exe1
Faulting module path: WSCommCntr4.exe2
Report Id: WSCommCntr4.exe3
 
Error: (11/13/2015 02:19:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/13/2015 08:54:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/12/2015 07:50:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x52e23951
Faulting module name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x52e23951
Exception code: 0xc0000005
Fault offset: 0x0000000000015a1e
Faulting process id: 0x1a04
Faulting application start time: 0xWSCommCntr4.exe0
Faulting application path: WSCommCntr4.exe1
Faulting module path: WSCommCntr4.exe2
Report Id: WSCommCntr4.exe3
 
Error: (11/12/2015 04:17:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/12/2015 08:40:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/11/2015 08:29:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Acrobat.exe version 15.9.20069.28170 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 3b98
 
Start Time: 01d11cbfad29507a
 
Termination Time: 4
 
Application Path: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
 
Report Id: f15deb50-88b2-11e5-9d1c-00ac9a266a31
 
Error: (11/11/2015 08:27:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Acrobat.exe version 15.9.20069.28170 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 370c
 
Start Time: 01d11cbf616a677c
 
Termination Time: 4
 
Application Path: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
 
Report Id: a541c5c4-88b2-11e5-9d1c-00ac9a266a31
 
Error: (11/11/2015 02:50:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (11/15/2015 08:38:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
bsfs
ggc
nethfdrv
 
Error: (11/15/2015 08:38:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Core Browsing Protection service failed to start due to the following error: 
%%2
 
Error: (11/15/2015 08:38:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Safe Browsing proxy service service failed to start due to the following error: 
%%2
 
Error: (11/15/2015 08:38:05 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
 
Error: (11/13/2015 02:19:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
bsfs
ggc
nethfdrv
 
Error: (11/13/2015 02:19:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Core Browsing Protection service failed to start due to the following error: 
%%2
 
Error: (11/13/2015 02:19:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Safe Browsing proxy service service failed to start due to the following error: 
%%2
 
Error: (11/13/2015 09:25:47 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (11/13/2015 08:54:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
bsfs
ggc
nethfdrv
 
Error: (11/13/2015 08:53:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Core Browsing Protection service failed to start due to the following error: 
%%2
 
 
CodeIntegrity:
===================================
  Date: 2015-11-15 20:38:08.306
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-15 20:38:08.290
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-13 14:19:37.693
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-13 14:19:37.677
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-13 08:53:55.272
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-13 08:53:55.256
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-12 16:17:46.521
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-12 16:17:46.506
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-12 08:40:22.272
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-12 08:40:22.256
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 19%
Total physical RAM: 16261.03 MB
Available physical RAM: 13132.28 MB
Total Virtual: 16259.22 MB
Available Virtual: 13167.21 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.79 GB) (Free:3.2 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (New Volume) (Fixed) (Total:433.17 GB) (Free:3.75 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Media) (Fixed) (Total:498.34 GB) (Free:1.11 GB) NTFS
Drive f: (20.12.Ult.Eng) (CDROM) (Total:4 GB) (Free:0 GB) UDF
Drive g: (Alicias Keys) (CDROM) (Total:6.97 GB) (Free:0 GB) CDFS
Drive h: (IOANE) (Removable) (Total:14.52 GB) (Free:14.52 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 1A31AD76)
Partition 1: (Active) - (Size=232.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2E36CC17)
Partition 1: (Active) - (Size=433.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=498.3 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 14.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=14.5 GB) - (Type=0C)
 
==================== End of Addition.txt ============================
 
 

There are logs

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Gio (administrator) on GIO-PC (15-11-2015 20:46:13)
Running from H:\
Loaded Profiles: Gio (Available Profiles: Gio)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\nsbu.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\nsbu.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Vimicro) C:\Windows\vmsnap3.exe
() C:\Windows\Domino.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUpd.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [VMSnap3] => C:\Windows\VMSnap3.exe [49152 2006-07-18] (Vimicro)
HKLM\...\Run: [Domino] => C:\Windows\Domino.exe [49152 2006-07-04] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7640944 2014-12-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-12-01] (Intel Corporation)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Policies\Explorer: [NofolderOptions] 0
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1193352 2014-02-08] (Autodesk, Inc.)
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
Lsa: [Notification Packages] scecli ScSecAuth
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2011-05-30] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2015-11-04]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog9 01 C:\Windows\SysWOW64\sslsp105.dll [74352 2015-03-12] (SumRando)
Winsock: Catalog9 02 C:\Windows\SysWOW64\sslsp105.dll [74352 2015-03-12] (SumRando)
Winsock: Catalog9 13 C:\Windows\SysWOW64\sslsp105.dll [74352 2015-03-12] (SumRando)
Winsock: Catalog9-x64 01 C:\Windows\system32\sslsp105.dll [75888 2015-03-12] (SumRando)
Winsock: Catalog9-x64 02 C:\Windows\system32\sslsp105.dll [75888 2015-03-12] (SumRando)
Winsock: Catalog9-x64 13 C:\Windows\system32\sslsp105.dll [75888 2015-03-12] (SumRando)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{4F3C3288-F1E6-4E98-AD7F-B6047FB19713}: [NameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{9DB78E5B-565D-40BE-9F00-43B3473D9F85}: [NameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{AA476EBD-85D2-4719-9E47-A68FC2EEE0F5}: [DhcpNameServer] 192.168.100.1
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
URLSearchHook: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> DefaultScope {B9A62B51-034F-4746-9AC1-ECA278687F5A} URL = hxxps://uk.search.yahoo.com/search?fr=mcafee&type=B010GB0D20141202&p={searchTerms}
SearchScopes: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NSBU&chn=oem&geo=GB&ver=22&locale=en_GB&gct=sb&qsrc=2869
SearchScopes: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> {B9A62B51-034F-4746-9AC1-ECA278687F5A} URL = hxxps://uk.search.yahoo.com/search?fr=mcafee&type=B010GB0D20141202&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2011-07-06] (Internet Download Manager, Tonec Inc.)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2011-07-06] (Internet Download Manager, Tonec Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-423546431-4035410846-4171816442-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Gio\AppData\Roaming\Mozilla\Firefox\Profiles\fzt6e8c5.default-1441970820133
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll [2014-12-02] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2015-07-10] (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-423546431-4035410846-4171816442-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Gio\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-12] (Citrix Online)
FF Plugin HKU\S-1-5-21-423546431-4035410846-4171816442-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-18] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Gio\AppData\Roaming\Mozilla\Firefox\Profiles\fzt6e8c5.default-1441970820133\searchplugins\McSiteAdvisor.xml [2015-11-13]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-01-03]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-09-07]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.0.124\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.0.124\coFFAddon [2015-11-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2015-05-10] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn => not found
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.0.124\coFFAddon
FF HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Gio\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Gio\AppData\Roaming\IDM\idmmzcc5 [2014-12-03] [not signed]
FF HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Gio\AppData\Roaming\IDM\idmmzcc5
 
Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Norton Security Toolbar) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-10-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-09]
CHR Extension: (Block site) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2015-07-28]
CHR Extension: (SiteAdvisor) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-02]
CHR Extension: (Color Piano!) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh [2015-07-27]
CHR Extension: (Norton Identity Safe) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-10-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Internet Download Manager PRO) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodeniaihllgjlnaphebjhloddeidefi [2015-11-14]
CHR Extension: (Gmail) - C:\Users\Gio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-10-02]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] -  <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-10-02]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] -  <not found>
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-01-28] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe [389944 2014-05-08] (ASUSTeK Computer Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2015-01-25] (Macrovision Europe Ltd.) [File not signed]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-06-03] (Futuremark)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-03-10] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [154856 2015-09-28] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R2 NSBU; C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\NSBU.exe [282016 2015-09-24] (Symantec Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-12-03] ()
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2014-04-01] (CyberLink)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [328992 2008-07-11] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [226592 2008-07-11] (SafeNet, Inc)
S3 SumRandoVPNService; C:\Program Files (x86)\SumRando\SumRando\misc\vpnmanagesvc.exe [108144 2015-03-12] (SumRando) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 ScProxySrv; "C:\Program Files\Quick Heal\Quick Heal AntiVirus Pro\ScProxySrv.exe" [X]
S2 ScSecSvc; "C:\Program Files\Quick Heal\Quick Heal AntiVirus Pro\ScSecSvc.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-12-01] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-02-15] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\BASHDefs\20151102.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R1 ccSet_NSBU; C:\Windows\system32\drivers\NSBUx64\1605040.018\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-10-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-10-17] (Symantec Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-11-13] ()
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\IPSDefs\20151112.001\IDSvia64.sys [767224 2015-10-20] (Symantec Corporation)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-05-03] (ASUSTeK Computer Inc.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-02-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-11-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 MbswMailbox; C:\Program Files (x86)\ASUS\AI Suite III\690b33e1-0462-4e84-9bea-c7552b45432a.sys [17208 2015-04-17] ()
R3 NAVENG; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\VirusDefs\20151112.032\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.0.124\Definitions\VirusDefs\20151112.032\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0032.sys [28768 2015-04-08] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 NPF; C:\Windows\SysWOW64\drivers\npf.sys [42512 2015-01-16] (CACE Technologies)
S3 PPJoyBus; C:\Windows\System32\DRIVERS\PPJoyBus64.sys [20032 2009-11-04] (Deon van der Westhuysen)
S3 PPortJoystick; C:\Windows\System32\DRIVERS\PPortJoy64.sys [39488 2009-11-04] (Deon van der Westhuysen)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\NSBUx64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSBUx64\1605040.018\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSBUx64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-10-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSBUx64\1605040.018\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSBUx64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-01-23] (Spotflux, Inc.)
R3 tun3326; C:\Windows\System32\DRIVERS\tun3326.sys [32368 2013-03-22] (The OpenVPN Project)
R3 vvftav303; C:\Windows\System32\drivers\vvftav303.sys [308096 2007-06-23] (Vimicro Corporation)
R2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2011-06-23] (Windows ® Win 7 DDK provider)
R3 ZSMC0303; C:\Windows\System32\Drivers\usbVM303.sys [1494656 2007-03-25] (Vimicro Corporation)
S1 bsfs; system32\DRIVERS\bsfs.sys [X]
S3 cpuz137; \??\C:\Users\Gio\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 ggc; system32\DRIVERS\ggc.sys [X]
S1 nethfdrv; \??\C:\Windows\system32\drivers\nethfdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WolfVision Video Capture II; system32\DRIVERS\WolfVZCamera2.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-15 00:08 - 2015-11-15 20:46 - 00000000 ____D C:\FRST
2015-11-13 16:50 - 2015-11-13 16:51 - 00043664 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2015-11-13 15:56 - 2015-11-13 15:56 - 11324802 _____ C:\Users\Gio\Downloads\Popcorn_Lobby.zip
2015-11-13 14:24 - 2015-11-13 14:25 - 53433992 _____ C:\Users\Gio\Downloads\Thinkbox_KrakatoaMX_2.4.1_x64.rar
2015-11-13 14:19 - 2015-11-13 14:19 - 00000000 ____H C:\ProgramData\cm-lock
2015-11-12 18:24 - 2015-11-12 18:24 - 00000000 ____D C:\Users\Gio\AppData\LocalLow\uTorrent
2015-11-12 17:14 - 2015-11-12 17:14 - 01517205 _____ C:\Users\Gio\Downloads\BerconMaps_3_04.zip
2015-11-12 09:32 - 2015-11-15 20:45 - 00000550 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-423546431-4035410846-4171816442-1000.job
2015-11-12 09:32 - 2015-11-13 15:11 - 00000646 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-423546431-4035410846-4171816442-1000.job
2015-11-12 09:32 - 2015-11-12 09:32 - 00003664 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-423546431-4035410846-4171816442-1000
2015-11-12 09:32 - 2015-11-12 09:32 - 00003568 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-423546431-4035410846-4171816442-1000
2015-11-12 09:32 - 2015-11-12 09:32 - 00000000 ____D C:\Users\Gio\AppData\Local\Citrix
2015-11-10 20:40 - 2015-11-10 20:40 - 00042962 _____ C:\Users\Gio\Downloads\Calculus I  with Professor Richard Delaware Online Course Video Lectures_1288506171.torrent
2015-11-09 18:57 - 2015-11-09 18:57 - 00033185 _____ C:\Users\Gio\Downloads\[videotuts.ru]_Modelling the Audi R8.torrent
2015-11-09 18:55 - 2015-11-09 18:55 - 00030879 _____ C:\Users\Gio\Downloads\[videotuts.ru]_Viscorbel - Creating V-Ray Materials_Vol1.torrent
2015-11-09 18:04 - 2015-11-09 18:04 - 00055348 _____ C:\Users\Gio\Downloads\[rutracker.org].t4608494.torrent
2015-11-08 21:47 - 2015-11-08 21:57 - 867026989 _____ C:\Users\Gio\Downloads\HDRI-sun-clouds.rar
2015-11-08 21:44 - 2015-11-08 21:44 - 17433785 _____ C:\Users\Gio\Downloads\HDR_029_Sky_Cloudy_Free.zip
2015-11-08 20:56 - 2015-11-08 20:56 - 05261111 _____ C:\Users\Gio\Downloads\Kamen.zip
2015-11-08 20:01 - 2015-11-08 20:01 - 509023497 _____ C:\Users\Gio\Downloads\3ds.zip
2015-11-07 19:26 - 2015-11-07 19:26 - 00766693 _____ C:\Users\Gio\Downloads\Genetica Texture Pack 4 - Planet & Terrain.zip
2015-11-07 19:26 - 2015-11-07 19:26 - 00030148 _____ C:\Users\Gio\Downloads\Texture Pack 001 - JPEG.torrent
2015-11-07 18:06 - 2015-11-07 18:06 - 00064347 _____ C:\Users\Gio\Downloads\[rutracker.org].t4418813.torrent
2015-11-07 18:06 - 2015-11-07 18:06 - 00031094 _____ C:\Users\Gio\Downloads\[rutracker.org].t4258100.torrent
2015-11-07 17:54 - 2015-11-07 17:54 - 00094168 _____ C:\Users\Gio\Downloads\[rutracker.org].t4094770.torrent
2015-11-07 17:54 - 2015-11-07 17:54 - 00045879 _____ C:\Users\Gio\Downloads\[rutracker.org].t3387637.torrent
2015-11-07 17:54 - 2015-11-07 17:54 - 00012784 _____ C:\Users\Gio\Downloads\[rutracker.org].t4084723.torrent
2015-11-07 17:52 - 2015-11-07 17:52 - 00073409 _____ C:\Users\Gio\Downloads\[rutracker.org].t4112378.torrent
2015-11-07 17:36 - 2015-11-07 17:36 - 00109127 _____ C:\Users\Gio\Downloads\[rutracker.org].t4783335.torrent
2015-11-07 17:35 - 2015-11-07 17:35 - 00012944 _____ C:\Users\Gio\Downloads\[rutracker.org].t2211268.torrent
2015-11-07 17:32 - 2015-11-07 17:32 - 00016374 _____ C:\Users\Gio\Downloads\[rutracker.org].t4867445.torrent
2015-11-07 17:30 - 2015-11-07 17:30 - 00020529 _____ C:\Users\Gio\Downloads\[rutracker.org].t4881761.torrent
2015-11-07 17:27 - 2015-11-07 17:27 - 00017070 _____ C:\Users\Gio\Downloads\[rutracker.org].t5004248.torrent
2015-11-07 17:27 - 2015-11-07 17:27 - 00016190 _____ C:\Users\Gio\Downloads\[rutracker.org].t5004443.torrent
2015-11-07 17:26 - 2015-11-07 17:26 - 00175012 _____ C:\Users\Gio\Downloads\[rutracker.org].t5095159.torrent
2015-11-07 17:26 - 2015-11-07 17:26 - 00050862 _____ C:\Users\Gio\Downloads\[rutracker.org].t5093599.torrent
2015-11-07 17:26 - 2015-11-07 17:26 - 00013455 _____ C:\Users\Gio\Downloads\[rutracker.org].t5003979.torrent
2015-11-07 15:36 - 2015-11-07 15:36 - 02471028 _____ C:\Users\Gio\Downloads\final-scene.zip
2015-11-07 15:36 - 2015-11-07 15:36 - 01854694 _____ C:\Users\Gio\Downloads\glass-liquid-final-vray3.zip
2015-11-07 11:29 - 2015-11-07 11:29 - 00029613 _____ C:\Users\Gio\Downloads\[kat.cr]aleso3d.vray.interior.lighting.torrent
2015-11-04 22:37 - 2015-11-04 23:23 - 04047696 _____ C:\Users\Gio\Documents\Proeqt1.pln
2015-11-04 22:37 - 2015-11-04 23:21 - 04055184 _____ C:\Users\Gio\Documents\Proeqt1.bpn
2015-11-04 13:15 - 2015-11-05 17:37 - 00000000 ____D C:\Users\Gio\AppData\Local\VirtualStore
2015-11-04 13:15 - 2015-11-04 13:15 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-04 12:16 - 2015-11-04 12:16 - 03700400 _____ C:\Users\Gio\Documents\Proeqt.pln
2015-11-04 10:27 - 2015-11-12 10:47 - 00000000 ____D C:\Users\Gio\Graphisoft
2015-11-04 10:27 - 2015-11-12 08:58 - 00000000 ____D C:\Users\Gio\Documents\BIMx
2015-11-04 10:27 - 2015-11-04 10:27 - 00000000 ____D C:\Users\Gio\AppData\Roaming\Graphisoft
2015-11-04 10:27 - 2015-11-04 10:27 - 00000000 ____D C:\Users\Gio\AppData\Local\Graphisoft
2015-11-04 10:26 - 2015-11-04 10:26 - 00001191 _____ C:\Users\Public\Desktop\BIMx for ArchiCAD 18.lnk
2015-11-04 10:26 - 2015-11-04 10:26 - 00001016 _____ C:\Users\Public\Desktop\ArchiCAD 18.lnk
2015-11-04 10:26 - 2015-11-04 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter
2015-11-04 10:26 - 2015-11-04 10:26 - 00000000 ____D C:\ProgramData\CodeMeter
2015-11-04 10:26 - 2015-11-04 10:26 - 00000000 ____D C:\Program Files\CodeMeter
2015-11-04 10:26 - 2015-11-04 10:26 - 00000000 ____D C:\Program Files (x86)\CodeMeter
2015-11-04 10:25 - 2015-11-04 10:25 - 00008108 _____ C:\Windows\vpd.properties
2015-11-04 10:25 - 2015-11-04 10:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRAPHISOFT
2015-11-04 10:25 - 2015-11-04 10:25 - 00000000 ____D C:\Program Files\GRAPHISOFT
2015-11-04 10:18 - 2015-11-04 10:26 - 00000000 ____D C:\Users\Gio\AppData\Roaming\Install.GS
2015-11-04 10:18 - 2013-08-07 00:19 - 00595618 _____ C:\Users\Gio\AppData\Local\libcurl-4.dll
2015-11-04 10:18 - 2010-06-05 17:00 - 00042496 _____ (Open Source Software community project) C:\Users\Gio\AppData\Local\pthreadGC2-w64.dll
2015-11-04 10:05 - 2015-11-04 10:05 - 00012742 _____ C:\Users\Gio\Downloads\Graphisoft-ArchiCAD-18.torrent
2015-11-02 18:49 - 2015-11-02 18:49 - 00020578 _____ C:\Users\Gio\Downloads\torrent_4866762 %5B7tor.org%5D.torrent
2015-10-31 23:09 - 2015-10-31 23:10 - 40442559 _____ C:\Users\Gio\Downloads\D8_FumeFX_Looper.rar
2015-10-31 22:27 - 2015-10-31 22:27 - 12260023 _____ C:\Users\Gio\Downloads\YUDO.TV_C4D_PROJECTS.rar
2015-10-31 16:33 - 2015-10-31 16:33 - 15085792 _____ C:\Users\Gio\Downloads\Tiner_Shaders.rar
2015-10-30 21:44 - 2015-10-30 21:44 - 00002720 _____ C:\Users\Gio\Downloads\3D Artist - Issue 83 2015 (True PDF) ---[www.bts.to]--- .torrent
2015-10-29 17:50 - 2015-10-29 17:50 - 02349405 _____ C:\Users\Gio\Downloads\Polymodeling_chapter5_files.zip
2015-10-27 16:33 - 2015-10-27 16:33 - 00055945 _____ C:\Users\Gio\Downloads\[rutracker.org].t4548643.torrent
2015-10-27 16:33 - 2015-10-27 16:33 - 00013833 _____ C:\Users\Gio\Downloads\[rutracker.org].t4540133.torrent
2015-10-27 16:29 - 2015-10-27 16:29 - 00171841 _____ C:\Users\Gio\Downloads\[rutracker.org].t4635219.torrent
2015-10-27 16:17 - 2015-10-27 16:17 - 00024962 _____ C:\Users\Gio\Downloads\[kat.cr]digital.tutors.mixed.modeling.techniques.in.3ds.max.2012.sum1.here.torrent
2015-10-27 16:04 - 2015-10-27 16:04 - 00018013 _____ C:\Users\Gio\Downloads\[rutracker.org].t4312296.torrent
2015-10-27 16:04 - 2015-10-27 16:04 - 00016005 _____ C:\Users\Gio\Downloads\[rutracker.org].t4800584.torrent
2015-10-27 16:02 - 2015-10-27 16:02 - 00013572 _____ C:\Users\Gio\Downloads\grant-warwick-mastering-vray-lessons-10.torrent
2015-10-27 15:59 - 2015-10-27 15:59 - 00155805 _____ C:\Users\Gio\Downloads\3dmotive-organic-polypainting-in-zbrush-vol-1.torrent
2015-10-27 15:59 - 2015-10-27 15:59 - 00093650 _____ C:\Users\Gio\Downloads\zbrushworkshops-female-face-sculpting-with-steve-lord.torrent
2015-10-27 15:59 - 2015-10-27 15:59 - 00036241 _____ C:\Users\Gio\Downloads\methods-for-creating-a-low-poly-portrait-in-illustrator.torrent
2015-10-27 15:57 - 2015-10-27 15:57 - 00119216 _____ C:\Users\Gio\Downloads\cubebrush-high-poly-character-design.torrent
2015-10-27 15:57 - 2015-10-27 15:57 - 00020463 _____ C:\Users\Gio\Downloads\hazardousarts-sculpting.torrent
2015-10-27 15:56 - 2015-10-27 15:56 - 00038934 _____ C:\Users\Gio\Downloads\trey-ratcliffs-complete-hdr-tutorial.torrent
2015-10-27 15:55 - 2015-10-27 15:55 - 00699278 _____ C:\Users\Gio\Downloads\gumroad-likeness-sculpting-by-frank-tzeng.torrent
2015-10-27 15:55 - 2015-10-27 15:55 - 00021482 _____ C:\Users\Gio\Downloads\gumroad-josh-p.-crockett-introduction-to-creature-sculpting-grey-alien.torrent
2015-10-27 15:45 - 2015-10-27 15:45 - 00706133 _____ C:\Users\Gio\Downloads\uartsy-character-pipeline-for-games.torrent
2015-10-27 15:44 - 2015-10-27 15:44 - 00062155 _____ C:\Users\Gio\Downloads\uroki_3d_modelirovaniya_ot_killerivanov.torrent
2015-10-27 15:44 - 2015-10-27 15:44 - 00048182 _____ C:\Users\Gio\Downloads\the-gnomon-workshop-efficient-cinematic-lighting-2.torrent
2015-10-27 15:43 - 2015-10-27 15:43 - 00021563 _____ C:\Users\Gio\Downloads\[rutracker.org].t4999313.torrent
2015-10-27 15:43 - 2015-10-27 15:43 - 00017479 _____ C:\Users\Gio\Downloads\[rutracker.org].t4928485.torrent
2015-10-27 15:42 - 2015-10-27 15:42 - 00020573 _____ C:\Users\Gio\Downloads\[rutracker.org].t5076014.torrent
2015-10-27 15:40 - 2015-10-27 15:40 - 00021491 _____ C:\Users\Gio\Downloads\[rutracker.org].t5047143.torrent
2015-10-27 15:39 - 2015-10-27 15:39 - 00071998 _____ C:\Users\Gio\Downloads\[rutracker.org].t1122621.torrent
2015-10-27 15:38 - 2015-10-27 15:38 - 00022277 _____ C:\Users\Gio\Downloads\[rutracker.org].t5041889.torrent
2015-10-27 15:31 - 2015-10-27 15:31 - 00022106 _____ C:\Users\Gio\Downloads\[rutracker.org].t4560852.torrent
2015-10-27 15:31 - 2015-10-27 15:31 - 00020921 _____ C:\Users\Gio\Downloads\[rutracker.org].t4560949.torrent
2015-10-27 15:31 - 2015-10-27 15:31 - 00017320 _____ C:\Users\Gio\Downloads\[rutracker.org].t4561531.torrent
2015-10-27 15:31 - 2015-10-27 15:31 - 00017077 _____ C:\Users\Gio\Downloads\[rutracker.org].t4560878.torrent
2015-10-27 15:31 - 2015-10-27 15:31 - 00016590 _____ C:\Users\Gio\Downloads\[rutracker.org].t4561559.torrent
2015-10-23 16:39 - 2015-10-23 16:39 - 00014772 _____ C:\Users\Gio\Downloads\45B4DF5ADC488ECB3B1E7AE033C5670BCA6CD67B.torrent
2015-10-23 10:06 - 2015-10-23 13:48 - 00000000 ____D C:\Program Files\Marvelous Designer 5 Personal
2015-10-23 10:06 - 2015-10-23 10:06 - 00000959 _____ C:\Users\Public\Desktop\Marvelous Designer 5 Personal.lnk
2015-10-23 10:06 - 2015-10-23 10:06 - 00000000 ____D C:\Users\Public\Documents\MD5
2015-10-23 10:06 - 2015-10-23 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marvelous Designer 5 Personal
2015-10-21 21:15 - 2015-10-21 21:15 - 00023202 _____ C:\Users\Gio\Downloads\[videotuts.ru]_Digital-Tutors  Creative Development Mixed Modeling Techniques in 3ds Max 2012.torrent
2015-10-21 20:10 - 2015-10-21 20:10 - 04274261 _____ C:\Users\Gio\Downloads\5SRW-Program-Brochure (1).zip
2015-10-20 13:44 - 2015-10-20 13:44 - 00026261 _____ C:\Users\Gio\Downloads\elephorm-3-d-studio-max-vol-3-eclairage-materiaux-et-rendu.torrent
2015-10-20 13:43 - 2015-10-20 13:43 - 00015448 _____ C:\Users\Gio\Downloads\viscorbel-creating-v-ray-materials-vol3.torrent
2015-10-20 13:39 - 2015-10-20 13:39 - 00059078 _____ C:\Users\Gio\Downloads\v-ray-art-v-ray-interior-training-by-stanislav-orekhov.torrent
2015-10-20 13:24 - 2015-10-20 13:24 - 00033198 _____ C:\Users\Gio\Downloads\[rutracker.org].t3999589.torrent
2015-10-20 13:24 - 2015-10-20 13:24 - 00027241 _____ C:\Users\Gio\Downloads\[rutracker.org].t4073144.torrent
2015-10-20 13:24 - 2015-10-20 13:24 - 00020342 _____ C:\Users\Gio\Downloads\[rutracker.org].t3938438.torrent
2015-10-20 13:24 - 2015-10-20 13:24 - 00016973 _____ C:\Users\Gio\Downloads\[rutracker.org].t3986380.torrent
2015-10-20 13:24 - 2015-10-20 13:24 - 00014965 _____ C:\Users\Gio\Downloads\[rutracker.org].t3815552.torrent
2015-10-20 13:23 - 2015-10-20 13:23 - 00030944 _____ C:\Users\Gio\Downloads\[rutracker.org].t4058431.torrent
2015-10-20 13:23 - 2015-10-20 13:23 - 00022806 _____ C:\Users\Gio\Downloads\[rutracker.org].t4147448.torrent
2015-10-20 13:23 - 2015-10-20 13:23 - 00022690 _____ C:\Users\Gio\Downloads\[rutracker.org].t4121743.torrent
2015-10-20 13:23 - 2015-10-20 13:23 - 00015320 _____ C:\Users\Gio\Downloads\[rutracker.org].t4177951.torrent
2015-10-20 13:22 - 2015-10-20 13:22 - 00017408 _____ C:\Users\Gio\Downloads\[rutracker.org].t4220929.torrent
2015-10-20 13:22 - 2015-10-20 13:22 - 00015323 _____ C:\Users\Gio\Downloads\[rutracker.org].t4277151.torrent
2015-10-20 13:21 - 2015-10-20 13:21 - 00030418 _____ C:\Users\Gio\Downloads\[rutracker.org].t4348781.torrent
2015-10-20 13:21 - 2015-10-20 13:21 - 00021216 _____ C:\Users\Gio\Downloads\[rutracker.org].t4384900.torrent
2015-10-20 13:21 - 2015-10-20 13:21 - 00021050 _____ C:\Users\Gio\Downloads\[rutracker.org].t4481321.torrent
2015-10-20 13:21 - 2015-10-20 13:21 - 00018124 _____ C:\Users\Gio\Downloads\[rutracker.org].t4412708.torrent
2015-10-20 13:21 - 2015-10-20 13:21 - 00018070 _____ C:\Users\Gio\Downloads\[rutracker.org].t4624618.torrent
2015-10-20 13:20 - 2015-10-20 13:20 - 00012363 _____ C:\Users\Gio\Downloads\[rutracker.org].t4978416.torrent
2015-10-20 13:19 - 2015-10-20 13:19 - 00014461 _____ C:\Users\Gio\Downloads\[rutracker.org].t5003450.torrent
2015-10-19 22:19 - 2015-10-19 22:19 - 00002560 _____ C:\Users\Gio\Desktop\Norton Security with Backup.lnk
2015-10-19 19:42 - 2015-10-19 19:42 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security with Backup
2015-10-18 18:30 - 2015-10-18 18:30 - 03634193 _____ C:\Users\Gio\Downloads\Vray_grass.rar
2015-10-18 16:13 - 2015-10-19 19:42 - 00003240 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-10-18 16:13 - 2015-10-19 19:42 - 00002448 _____ C:\Users\Public\Desktop\Norton Security with Backup.LNK
2015-10-18 16:13 - 2015-10-18 21:32 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-10-18 16:13 - 2015-10-18 21:32 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-10-18 16:13 - 2015-10-18 16:13 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-10-18 16:12 - 2015-10-19 19:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security with Backup
2015-10-18 16:12 - 2015-10-19 19:42 - 00000000 ____D C:\Windows\system32\Drivers\NSBUx64
2015-10-18 16:12 - 2015-10-18 16:12 - 00000000 ____D C:\Program Files (x86)\Norton Security with Backup
2015-10-18 16:09 - 2015-10-18 16:10 - 129868680 _____ (Symantec Corporation) C:\Users\Gio\Downloads\NSBU-TW-22.5.0-EN-US.exe
2015-10-18 15:09 - 2015-10-18 15:16 - 84314641 _____ C:\Users\Gio\Downloads\ajl6a.Norton.Security.with.Backup.2015.22.5.4.24..Trial.ResetterFL.rar
2015-10-18 14:52 - 2015-10-18 14:52 - 01201328 _____ (Symantec Corporation) C:\Users\Gio\Downloads\AutoDetectPkg.exe
2015-10-18 14:38 - 2015-10-18 14:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
2015-10-18 14:38 - 2015-10-18 14:38 - 00000000 ____D C:\Windows\system32\Drivers\NSTx64
2015-10-18 14:38 - 2015-10-18 14:38 - 00000000 ____D C:\Program Files (x86)\Norton Identity Safe
2015-10-17 18:47 - 2015-10-17 18:47 - 00017700 _____ C:\Users\Gio\Downloads\sculpting-integration-concepts-for-3ds-max-and-mudbox-[torrentino].torrent
2015-10-17 18:45 - 2015-10-17 18:45 - 00021145 _____ C:\Users\Gio\Downloads\unleashing-the-power-of-v-ray-[torrentino].torrent
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-03-01 19:10 - 2014-12-01 20:58 - 00003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F91393ED-EBB5-497D-BF10-C3273B42CC9C}
2015-11-15 20:43 - 2014-12-01 21:01 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-15 20:43 - 2009-07-14 05:13 - 00792464 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-15 20:41 - 2014-12-01 18:35 - 01209760 _____ C:\Windows\WindowsUpdate.log
2015-11-15 20:38 - 2015-09-11 12:48 - 00002436 _____ C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5_user.job
2015-11-15 20:38 - 2015-09-11 12:48 - 00002436 _____ C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.job
2015-11-15 20:38 - 2015-02-07 14:55 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-15 20:38 - 2014-12-01 18:44 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-15 20:38 - 2014-12-01 18:32 - 00000000 ____D C:\Users\Gio
2015-11-15 20:38 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-15 20:38 - 2009-07-14 04:51 - 00071244 _____ C:\Windows\setupact.log
2015-11-14 02:50 - 2015-09-27 19:47 - 00000000 ____D C:\Games
2015-11-14 02:40 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\registration
2015-11-14 00:58 - 2010-11-21 07:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-13 16:31 - 2014-12-01 18:44 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-13 16:25 - 2015-02-09 20:16 - 00000000 ____D C:\Users\Gio\AppData\Local\CrashDumps
2015-11-13 14:26 - 2009-07-14 04:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-13 14:26 - 2009-07-14 04:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-13 14:19 - 2014-12-02 02:28 - 00042496 _____ (secr9tos) C:\Windows\system32\Drivers\oem-drv64.sys
2015-11-13 02:20 - 2014-12-01 23:16 - 00000000 ____D C:\Users\Gio\AppData\Roaming\uTorrent
2015-11-13 02:00 - 2014-12-01 23:42 - 00000000 ____D C:\Users\Gio\AppData\Local\Adobe
2015-11-11 15:35 - 2014-12-01 18:44 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-11 14:50 - 2010-11-21 03:47 - 11353598 _____ C:\Windows\PFRO.log
2015-11-09 18:31 - 2015-04-30 11:47 - 00004483 _____ C:\Users\Gio\Desktop\New Text Document (2).txt
2015-11-07 19:45 - 2015-07-27 13:53 - 00001456 _____ C:\Users\Gio\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-11-05 15:33 - 2014-12-01 21:01 - 00003826 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1417467685
2015-11-04 13:33 - 2014-12-03 19:20 - 00000000 ____D C:\Users\Gio\AppData\Roaming\DMCache
2015-11-04 13:27 - 2015-08-29 21:10 - 00000000 ____D C:\Users\Gio\Documents\SCANIA Truck Driving Simulator
2015-11-04 10:27 - 2014-12-01 20:03 - 00000000 ____D C:\Users\Gio\AppData\Roaming\MAXON
2015-11-04 00:17 - 2015-02-07 14:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-03 23:15 - 2015-01-15 18:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-03 21:24 - 2015-07-15 15:42 - 00000000 ____D C:\Users\Gio\ARIAConverted
2015-11-02 23:36 - 2015-01-26 12:18 - 00000000 ____D C:\Users\Gio\Documents\Euro Truck Simulator 2
2015-11-01 23:57 - 2014-12-03 19:20 - 00000000 ___HD C:\Users\Gio\Downloads\Video
2015-11-01 12:37 - 2015-05-10 14:18 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2015-10-31 16:13 - 2014-12-01 23:17 - 00000000 ____D C:\Users\Gio\AppData\Roaming\Skype
2015-10-30 13:58 - 2015-05-10 14:18 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-27 15:15 - 2015-02-25 13:12 - 00000000 ____D C:\Windows\pss
2015-10-27 15:13 - 2015-03-14 21:10 - 00000000 ____D C:\Users\Gio\.VirtualBox
2015-10-27 15:13 - 2015-02-01 14:10 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-27 15:13 - 2014-12-13 06:35 - 00000000 ___RD C:\Users\Gio\Creative Cloud Files
2015-10-27 15:12 - 2015-06-28 20:55 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-10-23 10:22 - 2014-12-01 20:02 - 00000000 ____D C:\Program Files\WinRAR
2015-10-23 10:04 - 2014-12-03 19:20 - 00000000 ____D C:\Users\Gio\Downloads\Compressed
2015-10-22 15:48 - 2015-08-21 12:52 - 00000000 ____D C:\Users\Gio\Downloads\Adobe After Effects Auto-Save
2015-10-22 09:53 - 2015-06-28 21:04 - 00001219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk
2015-10-21 13:02 - 2014-12-04 18:40 - 00000000 ____D C:\Users\Gio\AppData\Local\Akamai
2015-10-19 19:38 - 2014-12-03 19:20 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2015-10-18 16:12 - 2014-12-01 18:46 - 00000000 ____D C:\ProgramData\Norton
 
==================== Files in the root of some directories =======
 
2015-04-13 11:48 - 2015-04-13 22:39 - 0092881 _____ () C:\Users\Gio\AppData\Roaming\13_04_2015.htm
2015-04-13 23:08 - 2015-04-14 22:58 - 1226323 _____ () C:\Users\Gio\AppData\Roaming\14_04_2015.htm
2015-04-14 23:00 - 2015-04-15 22:48 - 0723329 _____ () C:\Users\Gio\AppData\Roaming\15_04_2015.htm
2015-04-15 23:25 - 2015-04-16 22:24 - 0453909 _____ () C:\Users\Gio\AppData\Roaming\16_04_2015.htm
2015-04-17 09:12 - 2015-04-17 10:03 - 0002459 _____ () C:\Users\Gio\AppData\Roaming\17_04_2015.htm
2014-12-11 14:44 - 2015-09-12 11:28 - 0000132 _____ () C:\Users\Gio\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-01-09 21:54 - 2015-06-30 18:04 - 0065615 _____ () C:\Users\Gio\AppData\Roaming\Camdata.ini
2015-01-09 21:54 - 2015-06-30 18:04 - 0000408 _____ () C:\Users\Gio\AppData\Roaming\CamLayout.ini
2015-01-09 21:54 - 2015-06-30 18:04 - 0000408 _____ () C:\Users\Gio\AppData\Roaming\CamShapes.ini
2015-01-16 17:27 - 2015-06-30 18:04 - 0004549 _____ () C:\Users\Gio\AppData\Roaming\CamStudio.cfg
2015-01-09 14:11 - 2015-06-30 18:03 - 0000096 _____ () C:\Users\Gio\AppData\Roaming\version2.xml
2015-07-27 13:53 - 2015-11-07 19:45 - 0001456 _____ () C:\Users\Gio\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-11-04 10:18 - 2013-08-07 00:19 - 0595618 _____ () C:\Users\Gio\AppData\Local\libcurl-4.dll
2015-02-15 18:49 - 2015-02-15 18:49 - 0000000 ___SH () C:\Users\Gio\AppData\Local\LumaEmu
2015-11-04 10:18 - 2010-06-05 17:00 - 0042496 _____ (Open Source Software community project) C:\Users\Gio\AppData\Local\pthreadGC2-w64.dll
2014-12-03 19:19 - 2014-12-12 12:05 - 0007604 _____ () C:\Users\Gio\AppData\Local\Resmon.ResmonCfg
2015-03-14 21:09 - 2015-03-14 21:09 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2015-11-13 14:19 - 2015-11-13 14:19 - 0000000 ____H () C:\ProgramData\cm-lock
2014-12-01 19:03 - 2014-12-01 19:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-12 11:39 - 2014-12-12 11:39 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-08-18 17:12 - 2015-08-18 17:12 - 0000016 _____ () C:\ProgramData\mntemp
 
Some files in TEMP:
====================
C:\Users\Gio\AppData\Local\Temp\_is4A4B.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
nointegritychecks: ==> "IntegrityChecks" is disabled. <===== ATTENTION
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {f545a331-79ca-11e4-9040-a36a18e11033}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
loadoptions             DDISABLE_INTEGRITY_CHECKS
inherit                 {bootloadersettings}
recoverysequence        {f545a333-79ca-11e4-9040-a36a18e11033}
recoveryenabled         Yes
nointegritychecks       Yes
testsigning             No
osdevice                partition=C:
systemroot              \Windows
resumeobject            {f545a331-79ca-11e4-9040-a36a18e11033}
nx                      OptIn
custom:26000027         Yes
 
Windows Boot Loader
-------------------
identifier              {f545a333-79ca-11e4-9040-a36a18e11033}
device                  ramdisk=[C:]\Recovery\f545a333-79ca-11e4-9040-a36a18e11033\Winre.wim,{f545a334-79ca-11e4-9040-a36a18e11033}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\f545a333-79ca-11e4-9040-a36a18e11033\Winre.wim,{f545a334-79ca-11e4-9040-a36a18e11033}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {f545a331-79ca-11e4-9040-a36a18e11033}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {f545a334-79ca-11e4-9040-a36a18e11033}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\f545a333-79ca-11e4-9040-a36a18e11033\boot.sdi
 
 
 
LastRegBack: 2015-11-10 18:19
 
==================== End of FRST.txt ============================
 
 
 
 
 
 
 
addition
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Gio (2015-11-15 20:46:36)
Running from H:\
Windows 7 Ultimate Service Pack 1 (X64) (2014-12-01 18:32:30)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-423546431-4035410846-4171816442-500 - Administrator - Disabled)
Gio (S-1-5-21-423546431-4035410846-4171816442-1000 - Administrator - Enabled) => C:\Users\Gio
Guest (S-1-5-21-423546431-4035410846-4171816442-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security with Backup (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security with Backup (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security with Backup (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{12d6e0d7-21d5-4755-9da2-70352c6f7558}) (Version: 1.5.915.0 - Futuremark)
3DMark (Version: 1.5.915.0 - Futuremark) Hidden
A4 TECH PC Camera H (HKLM\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D303B}) (Version:  - )
A4 TECH PC Camera H (HKLM-x32\...\{CE3B8E96-B0AF-4871-9178-1519B58E3A93}) (Version: 2007.11.12 - Vimicro)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2014 (HKLM-x32\...\{766255CE-D156-11E3-8DBC-A136EB52ACCF}) (Version: 14.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe InDesign CC (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5 64-bit (HKLM\...\{6C1A010F-9108-4162-A26F-9FEC4AC0F0F0}) (Version: 5.0.1 - Adobe)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 7.1 - PainteR)
Age of Empires III v1.14 / 1.06 / 1.03 / [RUS/ENG] RePack by R.G. Revenants (HKLM-x32\...\{7F4F8D5D-9EB9-45DF-A475-30F615FFA85B}}_R.G.Revenants_is1) (Version:  - )
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.80 - ASUSTeK Computer Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
ANDY OS (HKLM-x32\...\Andy OS) (Version: 1.1 - andyroid.net)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArchiCAD 18 INT (HKLM\...\001FFF2FFF18FF00FF0701F01F02F000-R1) (Version: 18.0 - GRAPHISOFT)
ARIA Engine v1.8.2.2 (HKLM\...\ARIA Engine_is1) (Version: v1.8.2.2 - Plogue Art et Technologie, Inc)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ASUS PC Diagnostics (HKLM-x32\...\{D709005F-D8DC-42A8-8435-5AE880ECAF82}) (Version: 1.3.7 - ASUSTeK Computer Inc.)
AutoCAD 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - English (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.0.27.1100 - Autodesk)
Autodesk 3ds Max 2015 (HKLM\...\Autodesk 3ds Max 2015) (Version: 17.0.630.0 - Autodesk)
Autodesk 3ds Max 2015 (Version: 17.0.630.0 - Autodesk) Hidden
Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.159.0 - Autodesk)
Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk)
Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2015 (HKLM\...\{9167CA34-4E48-49E3-8892-3C439739D2D3}) (Version: 17.0 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk ReCap (Version: 1.3.1.39 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.107.0 - Autodesk) Hidden
AVS Video Editor 7.0 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.0.1.258 - Online Media Technologies Ltd.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.1.731 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Batman Arkham Origins (Initiation & Cold Cold Heart) (HKLM-x32\...\{D1F2AE32-7AAE-4D91-9193-171200F18E2F}) (Version: 6.0 - Black Box)
Battlefield Bad Company 2 (HKLM-x32\...\Battlefield Bad Company 2_is1) (Version:  - )
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Blender (HKLM\...\{BBE9D9F0-3F77-4E26-9E10-1AFB56D41363}) (Version: 2.76.0 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Burger Shop (HKLM-x32\...\Burger Shop_is1) (Version:  - )
Burger Shop 2 (HKLM-x32\...\Burger Shop 2) (Version: 1.0.0.1 - iWin.com)
Bus Driver (HKLM-x32\...\BFG-Bus Driver) (Version:  - )
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.00 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG2400 series User Registration (HKLM-x32\...\Canon MG2400 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden
CinemaP-1.9cV11.09 (HKLM-x32\...\CinemaP-1.9cV11.09) (Version: 1.36.01.22 - Cinema PlusV11.09) <==== ATTENTION
Cities XXL (HKLM-x32\...\Cities XXL_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Citrix Online Launcher (HKLM-x32\...\{E5F6D26D-E180-4547-A865-565EAB61000C}) (Version: 1.0.362 - Citrix)
City Car Driving 1.2.2 (HKLM-x32\...\{CC457F3D-5CDE-4CE8-9685-90A4EDE81374}_is1) (Version:  - Forward Development)
CodeMeter Runtime Kit v5.10a (HKLM\...\{CADFF08A-A157-474F-B6A8-8F26F81F7ABE}) (Version: 5.10.1224.501 - WIBU-SYSTEMS AG)
Cold Fear, версия 1.0 (HKLM-x32\...\Cold Fear_is1) (Version: 1.0 - Ubisoft Entertainment)
ColdFear (HKLM-x32\...\{2C14901F-ED9D-40B5-8FE5-1BAF3D31F73B}) (Version: 1.00.0000 - Ubisoft)
Combat Arms - Line of Sight (HKLM-x32\...\Combat Arms - Line of Sight) (Version:  - )
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - RU (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Crashday Forever Build 3 (HKLM-x32\...\Crashday Forever Build 3) (Version: Build 3 - °¤AcTiViSioN¤°)
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
CyberLink PowerDirector 13 (HKLM-x32\...\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}) (Version: 13.0.2604.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0 - CyberLink Corp.)
Daylight (HKLM-x32\...\Daylight_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Dino Crisis 2 (HKLM-x32\...\Dino Crisis 2_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, SeRaph1)
discoDSP Discovery v2.4 (HKLM-x32\...\discoDSP Discovery v2.4_is1) (Version: 2.4 - discoDSP)
Driver (HKLM-x32\...\Driver) (Version:  - )
Driver.San Francisco.v 1.04.1114 (HKLM-x32\...\Driver.San Francisco.v 1.04.1114_is1) (Version: Driver.San Francisco.v 1.04.1114 - GREK93)
Driving Simulator 2012 Version 1.64 (HKLM-x32\...\Driving Simulator 2012_is1) (Version: 1.64 - astragon Software GmbH)
East West EWQLSO Gold Edition (HKLM-x32\...\East West EWQLSO Gold Edition) (Version:  - )
Edirol Super Quartet v1.52 TALiO (HKLM-x32\...\Edirol Super Quartet v1.52 TALiO) (Version:  - )
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.6.6.2133 - Steinberg Media Technologies GmbH)
Euro Truck Simulator 2 v1.1.1 (HKLM-x32\...\{3DD29525-FAD0-47A5-93D2-EB304F1A0E87}_is1) (Version:  - )
FIFA 11 (HKLM-x32\...\FIFA 11_is1) (Version:  - REXE)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
FumeFX 3.5.4 R2015 64-bit (HKLM-x32\...\{B6AB7067-3ADE-4BB2-A98A-A3DCA6C251A3}) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{AFBB2F94-A43D-46AD-8F77-66ACB3C71EDF}) (Version: 4.39.552.0 - Futuremark)
GameRanger (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\GameRanger) (Version:  - GameRanger Technologies)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.64.5211 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GoToMeeting 7.4.2.3880 (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\GoToMeeting) (Version: 7.4.2.3880 - CitrixOnline)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Graphisoft ArchiCAD 18 3006 (HKLM-x32\...\Graphisoft ArchiCAD 18 3006) (Version: 3006 - Graphisoft)
GT Interactive - Driver Demo (HKLM-x32\...\GT Interactive - Driver Demo) (Version:  - )
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Gross Beat (HKLM-x32\...\IL Gross Beat) (Version:  - Image-Line bvba)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.17 - Intel® Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - )
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Jane's Advanced Strike Fighters (HKLM-x32\...\Jane's Advanced Strike Fighters_is1) (Version: Jane's Advanced Strike Fighters - Fenixx--Repack--(17.11.2011))
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Jurassic Park - Operation Genesis (HKLM-x32\...\Jurassic Park - Operation Genesis_is1) (Version:  - )
K-Lite Codec Pack 7.5.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.5.0 - )
Krakatoa MX 2.3 64-bit (HKLM\...\{80A527A9-9249-4C03-ADB4-B8941A897CD1}) (Version: 2.3.1.56082 - Thinkbox Software)
Let's Sing (HKLM-x32\...\TGV0c1Npbmc=_is1) (Version: 1 - )
Linplug CM-505 v1.01 (HKLM-x32\...\Linplug CM-505 v1.01) (Version:  - )
Mafia II, 1.2 (HKLM-x32\...\Mafia II_is1) (Version: 1.2 - Shepards)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Marvelous Designer 5 Personal (HKLM-x32\...\Marvelous Designer 5 Personal) (Version:  - CLO Virtual Fashion Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.283 - McAfee, Inc.)
Metal Gear Solid V Ground Zeroes, âåðñèÿ 1.0 (HKLM-x32\...\Metal Gear Solid V Ground Zeroes_is1) (Version: 1.0 - =×óâàê=)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mirror's Edge.v 1.0.1.0 (HKLM-x32\...\Mirror's Edge.v 1.0.1.0_is1) (Version: Mirror's Edge.v 1.0.1.0 - Repack by Fenixx (05.02.2014))
Mortal Kombat X Update 20150709 (HKLM-x32\...\TW9ydGFsS29tYmF0WA==_is1) (Version: 1 - )
Mortal Kombat X, версия 1.0 (HKLM-x32\...\Mortal Kombat X_is1) (Version: 1.0 - =Чувак=)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.3.0.6464 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Need for Speed 4 High Stakes (HKLM-x32\...\{3ECDDB80-DB1D-11D4-8B30-000021015D1C}) (Version:  - )
Need for Speed 5 Porsche Unleashed (HKLM-x32\...\{4CA7F8A0-DB20-11D4-8B30-000021015D1C}) (Version:  - )
Need for Speed™ Undercover (HKLM-x32\...\Need for Speed™ Undercover_is1) (Version:  - )
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.0 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials V for Windows (HKLM-x32\...\NewBlue Video Essentials V for Windows) (Version: 3.0 - NewBlue)
Next Car Game Technology Sneak Peek 2.0 (HKLM-x32\...\Next Car Game Technology Sneak Peek) (Version:  - Bugbear Entertainment)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)
Norton Security with Backup (HKLM-x32\...\NSBU) (Version: 22.5.4.24 - Symantec Corporation)
Novation Bass-Station VSTi v1.10 (HKLM-x32\...\Novation Bass-Station VSTi v1.10) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com)
Opera Stable 33.0.1990.58 (HKLM-x32\...\Opera 33.0.1990.58) (Version: 33.0.1990.58 - Opera Software)
Oracle VM VirtualBox 4.3.20 (HKLM\...\{86401870-7AB7-4A8D-8AD6-12B27DF2E6E3}) (Version: 4.3.20 - Oracle Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Phoenix FD for 3ds Max 2015 for x64 (HKLM\...\Phoenix FD for 3ds Max 2015 for x64) (Version: 2.20.00 - Chaos Software Ltd)
Plogue sforzando v1.822 (HKLM\...\__ARIA_1014___is1) (Version: v1.822 - Plogue)
POV-Ray for Windows v3.7 (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\POV-Ray for Windows v3.7) (Version: 3.7 - Persistence of Vision Raytracer Pty. Ltd.)
PPJoy Joystick Driver 0.8.4.5 (HKLM-x32\...\PPJoy Joystick Driver) (Version: 0.8.4.5 - Deon van der Westhuysen)
Prison Break The Conspiracy (HKLM-x32\...\Prison Break The Conspiracy_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.108.1 - proDAD GmbH)
Project CARS v1.1 / RePack by (HKLM-x32\...\Project CARS_is1) (Version:  - )
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
RayFire 1.65 - 3ds Max 2016 (HKLM-x32\...\RayFire) (Version: 1.65 - 3ds Max 2016 - Mir Vadim)
RE:Vision Effects Twixtor AE (HKLM\...\Twixtor AE 6.1.0_is1) (Version: 6.1.0 - Team V.R)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.6.0 - Red Giant, LLC)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
rFactor (remove only) (HKLM-x32\...\rFactor) (Version:  - )
Richard Burns Rally (HKLM-x32\...\{92C7D009-A464-4948-A980-7A3E28CB2F49}) (Version: 1.00.000 - )
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
SCANIA Truck Driving Simulator 1.0.0 (HKLM-x32\...\SCANIA Truck Driving Simulator) (Version: 1.0.0 - SCS Software)
Sentinel Protection Installer 7.5.0 (HKLM-x32\...\{A5A63519-F5C2-4F4A-849A-F28A1AB3D522}) (Version: 7.5.0 - SafeNet, Inc.)
Shaun White Snowboarding (HKLM-x32\...\{2E52FB79-7F60-4AD7-B946-5ED18B4F274E}) (Version: 1.00 - Ubisoft)
SimLab SolidWorks Importer 6.0 for 3ds Max x64 (HKLM\...\{CC694521-C1B7-4186-8A90-8FAE19C08CFD}) (Version: 6.0 - SimLab Soft)
Singularity (HKLM-x32\...\Singularity_is1) (Version:  - Новый Диск)
SketchUp Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden
Spicy Guitar  (64 bits) (HKLM-x32\...\KeolabSpicyGuitar64b_is1) (Version:  - Keolab)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.20.9.4533 - Enigma Software Group, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Cubase LE AI Elements 7 64bit (HKLM\...\{67E7C608-D0EA-4273-B374-50ABE42FBE08}) (Version: 7.0.6 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Sugar Bytes Effectrix 1.4.2 (HKLM\...\Effectrix_is1) (Version: 1.4.2 - Sugar Bytes)
Sugar Bytes Guitarist Library 1.0 (HKLM-x32\...\Guitarist Library_is1) (Version: 1.0 - Sugar Bytes)
Sugar Bytes Robotronic 1.3 (HKLM\...\Robotronic_is1) (Version: 1.3 - Sugar Bytes)
Sugar Bytes Turnado 1.5 (HKLM\...\Turnado_is1) (Version: 1.5 - Sugar Bytes)
Sugar Bytes Vogue 1.3.1 (HKLM\...\Vogue_is1) (Version: 1.3.1 - Sugar Bytes)
Sugar Bytes WOW 1.2 (HKLM\...\WOW_is1) (Version: 1.2 - Sugar Bytes)
SumRando (HKLM-x32\...\SumRandoSumRando) (Version: 1.0.0.172 - SumRando)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Sylenth1 v2.21 (HKLM\...\Sylenth1_is1) (Version:  - )
Synapse Scorpion v4.0 (HKLM-x32\...\Synapse Scorpion v4.0) (Version:  - )
Synthesia (HKLM-x32\...\Synthesia) (Version: 9 - Synthesia LLC)
TeamPlayer 2.2.0 (HKLM-x32\...\TeamPlayer_is1) (Version: 2.2.0 - WunderWorks)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Test Drive Ferrari Racing Legends (HKLM-x32\...\Test Drive Ferrari Racing Legends_is1) (Version:  - )
Toon Boom Animate Pro 2 (HKLM-x32\...\{46ADAC53-F1D2-41B4-B57C-DF43C70904FB}) (Version: 7.9.1 - Toon Boom Animation)
Trapcode Suite v12.1.9 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 12.1.9 - Red Giant, LLC)
TVP Animation 9.5 Professional Edition (remove only) (HKLM-x32\...\TVP Animation 9 Pro) (Version:  - )
TVPaint Animation 10 Pro v10.0.16 (HKLM-x32\...\TVPaint Animation 10 Pro v10.0.1610.0.16) (Version: 10.0.16 - Friends in War)
UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\UnityWebPlayer) (Version: 4.6.0f3 - Unity Technologies ApS)
V-Ray for 3dsmax 2015 for x64 (HKLM\...\V-Ray for 3dsmax 2015 for x64) (Version: 3.00.07 - Chaos Software Ltd)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.11 - NCH Software)
WebcamMax (HKLM-x32\...\WebcamMax) (Version: 7.5.8.8.MultiLanguage - )
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
WinRAR 5.20 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.4 - win.rar GmbH)
Аrdamаx Kеylogger 4.3.9 (HKLM-x32\...\Аrdamаx Kеylogger 4.3.9) (Version:  - )
ВАЛЛ-И (HKLM-x32\...\ВАЛЛ-И_is1) (Version: 1.0 - GUGUCHA)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{83B0E426-D4EE-11D4-BEDF-BAB7F1EEA455}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\addflow4.ocx (Lassalle Technologies)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Gio\AppData\Local\Citrix\GoToMeeting\3880\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-423546431-4035410846-4171816442-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
 
==================== Restore Points =========================
 
13-11-2015 16:54:23 Checkpoint by HitmanPro
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 02:34 - 2015-09-30 22:47 - 00001392 ____N C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 anchorfree.net
127.0.0.1 rss2search.com
127.0.0.1 techbrowsing.com
127.0.0.1 box.anchorfree.net
127.0.0.1 www.mefeedia.com
127.0.0.3 www.anchorfree.net
127.0.0.2 www.mefeedia.com
127.0.0.1 anchorfree.us
127.0.0.1 a433.com
127.0.0.3 anchorfree.net
127.0.0.1 rpt.anchorfree.net
127.0.0.1 delivery.anchorfree.us/land.php
127.0.0.1 hsselite.com
127.0.0.1 www.hsselite.com127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
127.0.0.1                   na1r.services.adobe.com
127.0.0.1                   hlrcv.stage.adobe.com
0.0.0.1 mssplus.mcafee.com
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0293C085-91A2-482F-91FF-91B358264D14} - System32\Tasks\G2MUpdateTask-S-1-5-21-423546431-4035410846-4171816442-1000 => C:\Users\Gio\AppData\Local\Citrix\GoToMeeting\3880\g2mupdate.exe [2015-11-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {05D4B7B5-DAC0-4BB8-8636-EE693BEBE4F4} - System32\Tasks\Opera scheduled Autoupdate 1417467685 => C:\Program Files (x86)\Opera\launcher.exe [2015-10-30] (Opera Software)
Task: {14CE6AF7-D33D-43D8-9249-A70E49E66877} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {1E045EFB-AF82-43DC-BC84-BF5E4F479AC1} - System32\Tasks\Norton Security with Backup\Norton Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {4735F17D-03C4-4CD8-B568-093B45D00C39} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {4A3B9FEF-63CD-4769-8A02-93DB387AD993} - \LaunchSignup -> No File <==== ATTENTION
Task: {5811CE22-1926-4901-98DA-BA318FB40DF5} - System32\Tasks\ASUS\i-Setup185311 => C:\Windows\Intel_Chipset_Win7-8-8-1_V10016\AsusSetup.exe [2014-12-01] (ASUSTeK Computer Inc.)
Task: {586FC3DB-9ADE-4A95-92FD-EB43A43EA45B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5F280624-B65A-48EE-B85D-0F6461C7C8C5} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2014-03-27] ()
Task: {6A526F91-9E2C-45D8-98A2-1959842FF50C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {6F04F64F-1478-4E2B-8B5E-A1D0EFE956D9} - System32\Tasks\{17F40C2C-7314-47EB-AC2D-CB1CCEF9C767} => pcalua.exe -a "E:\s\Image Line Gross Beat 1.0.1\grossbeat_install.exe" -d "E:\s\Image Line Gross Beat 1.0.1"
Task: {710F117B-920C-436B-A05B-E1DB89A178E8} - System32\Tasks\{B048AEEA-BC9B-41BA-9B21-0836A4BB5417} => c:\program files (x86)\opera\launcher.exe [2015-10-30] (Opera Software)
Task: {773AF888-CFEF-436D-8485-7703C674AAD3} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2014-05-03] (TODO: <Company name>)
Task: {77E35024-1DB9-4DB7-8408-6F0F5EE7ADA6} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-01-10] (ASUSTeK Computer Inc.)
Task: {894E1C4A-5090-4D67-A7A1-4840BBA6415A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\WSCStub.exe [2015-09-24] (Symantec Corporation)
Task: {8CC26450-B3A4-44EA-8C1F-631878C45692} - System32\Tasks\{4A0D3DEC-FE2C-41E4-8062-44AEDD549E32} => c:\program files (x86)\opera\launcher.exe [2015-10-30] (Opera Software)
Task: {91C25A1E-8EE5-428B-B081-5C7D7445BD0E} - System32\Tasks\{E23A209F-322A-4CE5-BD7C-41A7F0F29CAC} => D:\Games\Need for Speed 4 High Stakes\nfshs.exe [1999-05-26] (Electronic Arts, Inc.)
Task: {92CCD290-2AF3-4E61-9B2E-6723E507071A} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-05-09] (ASUSTeK Computer Inc.)
Task: {93E20DA9-DF20-4692-8997-95BE6D03EF78} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-05-04] ()
Task: {979B811B-CB9A-448B-9E94-FCA5A298166E} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {99CF9D89-8059-4A93-AFB5-C04CCE43DBC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {9D64AF71-F5AE-4568-8B0E-8054EC7FE0E0} - System32\Tasks\AdobeAAMUpdater-1.0-Gio-PC-Gio => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04] (Adobe Systems Incorporated)
Task: {A6C1B173-0FBA-4371-B582-E8ABC2B4B2C7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AE744A52-3036-48EB-A921-A20A7E297EFA} - System32\Tasks\G2MUploadTask-S-1-5-21-423546431-4035410846-4171816442-1000 => C:\Users\Gio\AppData\Local\Citrix\GoToMeeting\3880\g2mupload.exe [2015-11-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {AF3FA76A-6C08-4D01-B5DC-6FEB36148A8D} - System32\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5 => C:\Program Files (x86)\CinemaP-1.9cV11.09\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.exe <==== ATTENTION
Task: {B331C41F-4CF6-4676-B742-A7858165E02B} - System32\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5_user => C:\Program Files (x86)\CinemaP-1.9cV11.09\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.exe <==== ATTENTION
Task: {D08519BD-9195-47F0-B9B9-005FBB35996A} - System32\Tasks\Norton Security with Backup\Norton Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {E67F08B6-3B9A-4C5B-88E5-BE098E02D6C0} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {F4725DEB-3FB0-4CBB-A1F1-4A73466AACF5} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.job => C:\Program Files (x86)\CinemaP-1.9cV11.09\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5_user.job => C:\Program Files (x86)\CinemaP-1.9cV11.09\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-423546431-4035410846-4171816442-1000.job => C:\Users\Gio\AppData\Local\Citrix\GoToMeeting\3880\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-423546431-4035410846-4171816442-1000.job => C:\Users\Gio\AppData\Local\Citrix\GoToMeeting\3880\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-09-11 18:02 - 2015-09-11 18:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-12-04 15:24 - 2014-05-04 20:57 - 01270584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2014-12-04 15:24 - 2014-03-27 19:33 - 01430328 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2014-01-28 03:16 - 2014-01-28 03:16 - 00936728 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-03-27 15:27 - 2013-05-14 09:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-12-03 22:49 - 2014-12-03 22:49 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-10 15:22 - 2015-03-10 15:22 - 00391784 _____ () C:\Windows\system32\igfxTray.exe
2014-12-03 20:03 - 2006-07-04 14:16 - 00049152 _____ () C:\Windows\Domino.exe
2014-12-04 15:24 - 2014-04-11 09:53 - 01045304 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
2014-12-04 15:24 - 2014-04-11 10:53 - 00037176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
2014-12-04 15:23 - 2014-05-08 14:09 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
2014-12-02 14:47 - 2014-09-04 03:41 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-12-02 14:47 - 2014-09-04 03:41 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00859136 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00801280 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
2014-12-04 15:23 - 2014-05-08 14:09 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2014-12-04 15:23 - 2014-05-08 14:09 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2014-12-04 15:24 - 2014-05-09 14:09 - 04066816 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2014-12-04 15:24 - 2014-02-25 16:53 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2014-12-04 15:24 - 2014-05-08 14:09 - 00827392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2014-12-04 15:24 - 2014-05-03 03:33 - 00053248 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.17\Exeio.dll
2014-12-04 15:24 - 2014-05-03 03:33 - 00278528 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.17\Vender.dll
2014-12-04 15:23 - 2014-01-28 03:16 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2014-12-04 15:24 - 2014-03-27 19:32 - 05778096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2014-12-04 15:24 - 2014-02-24 17:49 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2014-12-04 15:23 - 2015-11-15 20:38 - 00034960 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2014-12-01 19:10 - 2014-01-28 03:16 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2014-12-04 15:24 - 2013-11-20 10:10 - 00662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
2014-12-04 15:24 - 2013-07-02 10:40 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2014-12-04 15:24 - 2014-05-03 11:33 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll
2014-12-04 15:24 - 2014-04-10 15:23 - 00643584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMiniMsg.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:1663E41B
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:466F9D5D
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Gio\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Andy => C:\Program Files\Andy\HandyAndy.exe
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: WebcamMaxAutoRun => "C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{0D9C987A-D6A6-4E95-BD80-7C15AE800E0A}C:\users\gio\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gio\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{2E3247A4-BAC2-4A11-8BCE-BF7926D52783}C:\users\gio\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gio\appdata\local\akamai\netsession_win.exe
FirewallRules: [{312AC3D4-CB38-4D2D-9433-66379BEC1FC7}] => (Block) C:\users\gio\appdata\local\akamai\netsession_win.exe
FirewallRules: [{89B16F54-DFF0-4424-94BE-839B58DB41A6}] => (Block) C:\users\gio\appdata\local\akamai\netsession_win.exe
FirewallRules: [{6B356E88-0B91-4690-B711-F42165ACFE21}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6DA28468-AF99-4A85-AF86-EF8A0DA93014}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{5D6DAAAA-84C7-4904-A1E3-612132B7D8EE}D:\games\city car driving\bin\win32\starter.exe] => (Allow) D:\games\city car driving\bin\win32\starter.exe
FirewallRules: [UDP Query User{A9348B49-D433-4FC2-A972-234498D4C93D}D:\games\city car driving\bin\win32\starter.exe] => (Allow) D:\games\city car driving\bin\win32\starter.exe
FirewallRules: [{CB547D4F-DAEE-4FDD-A547-FEDD128A0D0E}] => (Allow) D:\Games\Combat Arms EU\NMService.exe
FirewallRules: [{E79ACCA7-9348-4C8A-A019-3B8FC7D1DC6E}] => (Allow) D:\Games\Combat Arms EU\NMService.exe
FirewallRules: [{01B1BAEB-526D-46E0-9A51-A99EFC0AC2B0}] => (Allow) C:\Users\Gio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1D8AECBA-15C3-44FE-B9E7-93FF1DBE33DD}] => (Allow) C:\Users\Gio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [C:\Program Files (x86)\AFLICS\AfterFLICS.exe] => (Allow) C:\Program Files (x86)\AFLICS\AfterFLICS.exe
FirewallRules: [C:\Program Files (x86)\AFLICS\AfterFLICS_tools.exe] => (Allow) C:\Program Files (x86)\AFLICS\AfterFLICS_tools.exe
FirewallRules: [TCP Query User{50B78C5A-8D4E-40A3-A930-51DF8D10B5F0}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{C3EB7921-5712-4BE6-BDCF-C28C32BD1C64}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{44769911-F111-4492-B7B4-5AC2EF1FA8CA}C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe
FirewallRules: [UDP Query User{1B83E0AE-B451-46B4-BCF7-7A07EF01C5C6}C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe
FirewallRules: [TCP Query User{4D072BC7-5504-4FD8-AFED-E912E17F8657}C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe
FirewallRules: [UDP Query User{8F25E9AD-02A7-4149-B144-FAF585E282D0}C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2015\adobe media encoder.exe
FirewallRules: [TCP Query User{A4B76FD8-B87E-4C13-B26E-65DCF0641B71}E:\from os\smartpixel\bin\smartpixel.exe] => (Allow) E:\from os\smartpixel\bin\smartpixel.exe
FirewallRules: [UDP Query User{EED82238-896D-4B5C-82EF-696788F4768E}E:\from os\smartpixel\bin\smartpixel.exe] => (Allow) E:\from os\smartpixel\bin\smartpixel.exe
FirewallRules: [TCP Query User{3658E3C6-EEB1-4BC7-91D5-5535C658D875}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D200290D-C6CB-43C9-858E-1643EDC3A707}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{60EE7854-F278-44E7-990E-FCBE91E7DE30}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1837D16C-042E-4D68-A4C1-95325DCD47B4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1DF4AB5B-82E3-4FB4-9EC2-BE12C2D3E42F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C799BB6F-BE4A-4D37-85E1-0C54A76DCCD1}D:\games\driver.san francisco.v 1.04.1114\driver.exe] => (Block) D:\games\driver.san francisco.v 1.04.1114\driver.exe
FirewallRules: [UDP Query User{59D37B68-68B6-4400-9D11-3126EC163233}D:\games\driver.san francisco.v 1.04.1114\driver.exe] => (Block) D:\games\driver.san francisco.v 1.04.1114\driver.exe
FirewallRules: [{D357D906-D1FC-4E82-94C6-E1FA23DFDE2C}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe
FirewallRules: [{507B3D54-2DAC-4E4C-91D5-57F4732B5E99}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe
FirewallRules: [{3670E39E-BA68-4EF8-9CB2-EC8845FEAB4A}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe
FirewallRules: [{39064606-7528-478F-9BD3-35273EDD6B3A}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe
FirewallRules: [{DB008D9F-FA8F-4301-8089-BD03F31C61CF}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{36B2B8C0-474A-48DC-8A8A-101229833354}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{73D42B21-3BB3-4574-8152-7D9A067531E2}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{4F9D80DB-759C-42AB-BAA8-A5105BF34D0E}] => (Block) %ProgramFiles%\Marvelous Designer 5 Personal\MD5_Personal_x64.exe
FirewallRules: [{CF247259-1D78-4187-9A18-195DD8E82148}] => (Block) %ProgramFiles%\Marvelous Designer 5 Personal\MD5_Personal_x64.exe
FirewallRules: [{3CF0CAFD-44E9-4CFF-8FC4-D0C552639F68}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DA439A8E-F69B-41CE-BF92-3E5D14C290D0}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
FirewallRules: [{0BBA4E1B-9705-478A-9940-A366AF5D693E}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: nethfdrv
Description: nethfdrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: nethfdrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/15/2015 08:38:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/13/2015 04:25:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x52e23951
Faulting module name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x52e23951
Exception code: 0xc0000005
Fault offset: 0x0000000000015a1e
Faulting process id: 0xa78
Faulting application start time: 0xWSCommCntr4.exe0
Faulting application path: WSCommCntr4.exe1
Faulting module path: WSCommCntr4.exe2
Report Id: WSCommCntr4.exe3
 
Error: (11/13/2015 02:19:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/13/2015 08:54:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/12/2015 07:50:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x52e23951
Faulting module name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x52e23951
Exception code: 0xc0000005
Fault offset: 0x0000000000015a1e
Faulting process id: 0x1a04
Faulting application start time: 0xWSCommCntr4.exe0
Faulting application path: WSCommCntr4.exe1
Faulting module path: WSCommCntr4.exe2
Report Id: WSCommCntr4.exe3
 
Error: (11/12/2015 04:17:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/12/2015 08:40:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/11/2015 08:29:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Acrobat.exe version 15.9.20069.28170 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 3b98
 
Start Time: 01d11cbfad29507a
 
Termination Time: 4
 
Application Path: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
 
Report Id: f15deb50-88b2-11e5-9d1c-00ac9a266a31
 
Error: (11/11/2015 08:27:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Acrobat.exe version 15.9.20069.28170 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 370c
 
Start Time: 01d11cbf616a677c
 
Termination Time: 4
 
Application Path: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
 
Report Id: a541c5c4-88b2-11e5-9d1c-00ac9a266a31
 
Error: (11/11/2015 02:50:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (11/15/2015 08:38:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
bsfs
ggc
nethfdrv
 
Error: (11/15/2015 08:38:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Core Browsing Protection service failed to start due to the following error: 
%%2
 
Error: (11/15/2015 08:38:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Safe Browsing proxy service service failed to start due to the following error: 
%%2
 
Error: (11/15/2015 08:38:05 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
 
Error: (11/13/2015 02:19:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
bsfs
ggc
nethfdrv
 
Error: (11/13/2015 02:19:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Core Browsing Protection service failed to start due to the following error: 
%%2
 
Error: (11/13/2015 02:19:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Safe Browsing proxy service service failed to start due to the following error: 
%%2
 
Error: (11/13/2015 09:25:47 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (11/13/2015 08:54:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
bsfs
ggc
nethfdrv
 
Error: (11/13/2015 08:53:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Core Browsing Protection service failed to start due to the following error: 
%%2
 
 
CodeIntegrity:
===================================
  Date: 2015-11-15 20:38:08.306
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-15 20:38:08.290
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-13 14:19:37.693
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-13 14:19:37.677
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-13 08:53:55.272
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-13 08:53:55.256
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-12 16:17:46.521
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-12 16:17:46.506
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-12 08:40:22.272
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-12 08:40:22.256
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PPJoyBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 19%
Total physical RAM: 16261.03 MB
Available physical RAM: 13132.28 MB
Total Virtual: 16259.22 MB
Available Virtual: 13167.21 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.79 GB) (Free:3.2 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (New Volume) (Fixed) (Total:433.17 GB) (Free:3.75 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Media) (Fixed) (Total:498.34 GB) (Free:1.11 GB) NTFS
Drive f: (20.12.Ult.Eng) (CDROM) (Total:4 GB) (Free:0 GB) UDF
Drive g: (Alicias Keys) (CDROM) (Total:6.97 GB) (Free:0 GB) CDFS
Drive h: (IOANE) (Removable) (Total:14.52 GB) (Free:14.52 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 1A31AD76)
Partition 1: (Active) - (Size=232.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2E36CC17)
Partition 1: (Active) - (Size=433.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=498.3 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 14.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=14.5 GB) - (Type=0C)
 
==================== End of Addition.txt ============================
 
 


#10 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:29 AM

Posted 16 November 2015 - 04:21 PM

Hello prescott1,

:step1: Looking through your logs I noticed that you are using a pirated version of Norton Security. Instead of using a pirated AV, it is better that you use a free antivirus instead - there are several options out there to choose.

I recommend Avast!, BitDefender or Microsoft Security Essentials for free non-commercial everyday use.

===

:step2: Uninstalling Programs

Click the Start orb on the taskbar, and then click the Control Panel button.
  • If you use Category mode, click on Uninstall a Program.
  • If you use Icons mode, click on Program and Features.
A list of programs installed will be "populated" (this may take a bit of time).
If they exist, uninstall the following by clicking on the below entries and selecting Remove:

McAfee Security Scan Plus
SpyHunter 4


Additional instructions can be found here if needed.

If you run into any issues, please let me know.

===

:step3: Fix with Farbar Recovery Scan Tool
  • Please download the attached fixlist.txt and save it to your Desktop.
    Note: It's important that both FRST/FRST64.exe and fixlist.txt are in the same location or the fix will not work!
    WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system!
  • Run FRST/FRST64.exe and press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run.
  • When finished, FRST will generate a log named Fixlog.txt on the Desktop, please post it to your reply.
To recap, in your next reply I will need the following information:
  • Did you uninstall the aforementioned software?
  • Contents of Fixlog.txt.
Regards,
Alex

#11 prescott1

prescott1
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 20 November 2015 - 03:31 AM

Hi alex,

I uninstalled software, here is fixlog.

 

Fix result of Farbar Recovery Scan Tool (x64) Version:19-11-2015
Ran by Gio (2015-11-20 12:28:29) Run:3
Running from C:\fxl
Loaded Profiles: Gio (Available Profiles: Gio)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Policies\Explorer: [NofolderOptions] 0
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2012-12-21] (Microsoft Corporation) <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - <not found>
2015-11-13 14:19 - 2014-12-02 02:28 - 00042496 _____ (secr9tos) C:\Windows\system32\Drivers\oem-drv64.sys
nointegritychecks: ==> "IntegrityChecks" is disabled. <===== ATTENTION
Task: {AF3FA76A-6C08-4D01-B5DC-6FEB36148A8D} - System32\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5 => C:\Program Files (x86)\CinemaP-1.9cV11.09\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.exe <==== ATTENTION
Task: {B331C41F-4CF6-4676-B742-A7858165E02B} - System32\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5_user => C:\Program Files (x86)\CinemaP-1.9cV11.09\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.job => C:\Program Files (x86)\CinemaP-1.9cV11.09\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5_user.job => C:\Program Files (x86)\CinemaP-1.9cV11.09\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.exe <==== ATTENTION
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\Software\Classes\.exe: exefile => <===== ATTENTION
C:\Program Files (x86)\CinemaP-1.9cV11.09\
 
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetActiveDesktop => value removed successfully
HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value removed successfully
HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value removed successfully
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NofolderOptions => value removed successfully
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetActiveDesktop => value removed successfully
HKU\S-1-5-21-423546431-4035410846-4171816442-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value removed successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => key removed successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\nppllibpnmahfaklnpggkibhkapjkeob" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nppllibpnmahfaklnpggkibhkapjkeob" => key removed successfully
C:\Windows\system32\Drivers\oem-drv64.sys => moved successfully
 
=========================  bcdedit ========================
 
 
The operation completed successfully.
 
========= End of bcdedit =========
 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AF3FA76A-6C08-4D01-B5DC-6FEB36148A8D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF3FA76A-6C08-4D01-B5DC-6FEB36148A8D}" => key removed successfully
C:\Windows\System32\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B331C41F-4CF6-4676-B742-A7858165E02B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B331C41F-4CF6-4676-B742-A7858165E02B}" => key removed successfully
C:\Windows\System32\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5_user => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5_user" => key removed successfully
C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5.job => moved successfully
C:\Windows\Tasks\17dc0d08-ad49-417a-9f85-a23dae1adfe2-5_user.job => moved successfully
"HKU\S-1-5-21-423546431-4035410846-4171816442-1000\Software\Classes\.exe" => key removed successfully
C:\Program Files (x86)\CinemaP-1.9cV11.09 => moved successfully
 
==== End of Fixlog 12:28:29 ====


#12 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:29 AM

Posted 21 November 2015 - 05:28 AM

Hello prescott1,

Please run these scanners to make sure nothing has been missed.

Malwarebytes Anti-Malware

Download Malwarebytes Anti-Malware from here.

Double click on the file mbam-setup-2.x.x.xxxx.exe to install the application. (x.x.xxxx is the version)

  • Follow the prompt. At the end place a checkmark in Launch Malwarebytes Anti-Malware, then choose Finish.
  • When MBAM opens it will says Your database is out of date. Choose Fix Now.
  • Click on the Scan tab at the top of the window, choose Threat Scan, then Scan Now.
  • If you receive a message that updates are available, choose Update Now button (the scan will start after updates are completed).
  • Please be patient as the scan will take some time.
  • If MBAM detected threats, choose Quarantine for all items, then click Apply Actions.
  • While still on the Scan tab, choose View detailed log. In the window that opens, click the Export button, choose Text file (*.txt) and save the log to your Desktop.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


===

ESET Online Scanner

  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

Regards,
Alex 



#13 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:29 AM

Posted 23 November 2015 - 05:49 PM

Hello prescott1,

Are you still here with me? It has been a while since my last post.

Regards,
Alex

#14 prescott1

prescott1
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 25 November 2015 - 08:34 AM

Hello Alex,
I am here
I did scans and removed some threats.
Any more steps?
Thank you



#15 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:29 AM

Posted 25 November 2015 - 03:53 PM

Hi there,

Please post the logs from MBAM and ESET Online Scanner - these will help me know what was removed.

Thank you.

Regards,
Alex




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users