Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis Log: Please help Diagnose


  • This topic is locked This topic is locked
29 replies to this topic

#1 bubba7882

bubba7882

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:48 AM

Posted 10 January 2016 - 12:00 PM

I need help I think my computer has a virus or adwere when I use internet explorer and I go to different sites I get pop ups or virus warnings all my scans say there is nothing wrong but when I use firefox it doesn't happen

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 9:45:51 AM, on 1/10/2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)

FIREFOX: 43.0.4 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
H:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ioloLiveBoost] C:\Program Files (x86)\iolo\System Mechanic Professional\LiveBoost.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe

--
End of file - 12434 bytes



BC AdBot (Login to Remove)

 


#2 satchfan

satchfan

  • Malware Response Team
  • 2,722 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:48 AM

Posted 10 January 2016 - 12:06 PM

Hello bubba7882 and welcome to Bleeping Computer.

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:

  • please follow all instructions in the order posted
  • please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
  • all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
  • if you don't understand something, please don't hesitate to ask for clarification before proceeding
  • the fixes are specific to your problem and should only be used for this issue on this machine.
  • please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested

===================================================

Note: Please run these in the order given in the instructions.

===================================================

Download and run AdwCleaner

Download AdwCleaner from here and save it to your desktop.


  • run AdwCleaner
  • when it has finished, select Clean
  • if it asks to reboot, allow the reboot
  • on reboot a log will be produced; please attach the content of the log to your next reply.

===================================================

Download and run Junkware Removal Tool

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • shut down your protection software now to avoid potential conflicts.
  • run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
  • the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • on completion, a log (JRT.txt) is saved to your desktop and will automatically open
  • post the contents of JRT.txt into your next message.

===================================================

Run Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • press Scan button
  • it will produce a log called Frst.txt in the same directory the tool is run from
  • please copy and paste log back here.
  • the first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the Frst.txt into your reply.

Logs to include with next post:

AdwCleaner log
JRT.txt
Frst.txt
Addition.txt


Thanks

Satchfan

 

 


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#3 bubba7882

bubba7882
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:48 AM

Posted 10 January 2016 - 12:10 PM

why is my wifi so slow I have Comcast and we use there router but my computer runs so slow and my downloads take forever can someone help



#4 satchfan

satchfan

  • Malware Response Team
  • 2,722 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:48 AM

Posted 10 January 2016 - 12:20 PM

Please reply with the logs I requested and not start a new topic.

 

I have merged these topics so please reply to this one.

 

Thanks

 

Satchfan


Edited by satchfan, 10 January 2016 - 12:27 PM.

My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#5 bubba7882

bubba7882
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:48 AM

Posted 10 January 2016 - 02:12 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Home Premium x64
Ran by bubba7882 (Administrator) on Sun 01/10/2016 at 11:56:05.66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

File System: 4

Successfully deleted: C:\Users\bubba7882\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H7869Q9W (Folder)
Successfully deleted: C:\Users\bubba7882\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I8CJ3I1F (Folder)
Successfully deleted: C:\Users\bubba7882\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KG0YOY7A (Folder)
Successfully deleted: C:\Users\bubba7882\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KHIWW17E (Folder)

 

Registry: 0

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 01/10/2016 at 11:58:03.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-01-2015
Ran by bubba7882 (2016-01-10 12:04:36)
Running from H:\
Windows 7 Home Premium Service Pack 1 (X64) (2014-12-22 10:56:00)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3614536588-2617517549-1861796641-500 - Administrator - Disabled)
bubba7882 (S-1-5-21-3614536588-2617517549-1861796641-1000 - Administrator - Enabled) => C:\Users\bubba7882
elijah (S-1-5-21-3614536588-2617517549-1861796641-1004 - Limited - Enabled) => C:\Users\elijah
Guest (S-1-5-21-3614536588-2617517549-1861796641-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3614536588-2617517549-1861796641-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 8.0 (Enabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.12 (HKLM-x32\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19480 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.270 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version:  - Rebellion)
Andy OS (HKLM\...\Andy OS) (Version: 0.45.0.0 - Andy OS, Inc)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM-x32\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG2500 series User Registration (HKLM-x32\...\Canon MG2500 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Crysis (HKLM-x32\...\Steam App 17300) (Version:  - Crytek)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
DC Universe Online (HKLM-x32\...\Steam App 24200) (Version:  - Daybreak Games)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
DEFIANCE (HKLM-x32\...\{570174D7-87BF-4B48-878F-29C57E387D38}) (Version: 1.00.0000 - Trion Worlds, Inc.)
Dishonored (HKLM-x32\...\Steam App 205100) (Version:  - Arkane Studios)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EA Installer (HKLM-x32\...\EA Installer.140553725) (Version: 2.2.0.62 - Electronic Arts, Inc.)
EA Installer (HKLM-x32\...\EA Installer.1635480076) (Version: 2.2.0.62 - Electronic Arts, Inc.)
EA Installer (HKLM-x32\...\EA Installer.-2072690567) (Version: 2.2.0.62 - Electronic Arts, Inc.)
EA Shared Game Component: Activation (HKLM-x32\...\com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 2.2.0.62 - Electronic Arts)
EA Shared Game Component: Activation (x32 Version: 2.2.0 - Electronic Arts) Hidden
Elsword version v5.1117.4.3 (HKLM-x32\...\{E655DDFC-24DB-4FC3-8474-271E911309B4}_is1) (Version: v5.1117.4.3 - KOGGAMES)
ESET NOD32 Antivirus (HKLM\...\{5F2AE448-CD4B-40BD-B245-5F0CD06A09B0}) (Version: 8.0.319.0 - ESET, spol s r. o.)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.47.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.47.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version:  - Rockstar Games)
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Network Connections 18.3.72.0 (HKLM\...\PROSetDX) (Version: 18.3.72.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3186 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iolo technologies' System Mechanic Professional (HKLM-x32\...\{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1) (Version: 14.5.0 - iolo technologies, LLC)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Marvel Heroes 2015 (HKLM-x32\...\Steam App 226320) (Version:  - Gazillion Entertainment)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1035 - Marvell)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6366.2036 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 43.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.2 - Black Tree Gaming)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
ON_OFF Charge 2 B13.0506.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.0506.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
Pokémon Trading Card Game Online (HKLM-x32\...\{389E656E-5FE8-4266-858D-760345A997E8}) (Version: 2.33.0 - The Pokémon Company International)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
RAGE (HKLM-x32\...\Steam App 9200) (Version:  - id Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6849 - Realtek Semiconductor Corp.)
ROBLOX Player for bubba7882 (HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio for bubba7882 (HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)
Saints Row 2 (HKLM-x32\...\Steam App 9480) (Version:  - Volition)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 8.0.0.28 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1134 - SUPERAntiSpyware.com)
System Mechanic 14 Professional (x32 Version: 14.5.0 - ) Hidden
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.9.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.0.10.0 - GOG.com)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD Projekt RED)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
TP-LINK TL-WDN3200 Driver (HKLM-x32\...\{C0C6BCBC-0884-4C66-B5EF-0B7668FE2B10}) (Version: 1.3.1 - TP-LINK)
TP-LINK TL-WN727N Driver (HKLM-x32\...\{E796AA87-FE52-49A8-AD93-0236A9F87632}) (Version: 1.2.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.2.1 - TP-LINK)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {399AD6D2-4AB9-4F82-90D1-9CC61F506694} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-12-04] (Microsoft Corporation)
Task: {3C94A7BE-E4BC-4524-B19F-D2DE2AF5C86E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-12-04] (Microsoft Corporation)
Task: {3E0FA5E1-521C-4D15-A898-D367D93FF2C4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {3F1D2517-978C-4B54-A4E7-FA8B98A6C232} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {5880336E-0EAB-471A-9DEC-0B4D2EEED197} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {85489A88-D4A2-4BE7-86A4-E8843C38E55C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-02] (Adobe Systems Incorporated)
Task: {93E473FE-6679-4670-A916-FE4DBE67444F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {A00C6660-F7A1-4D53-88E2-4A5C3C4F8378} - System32\Tasks\{7B01D340-91EA-4167-8EB7-7FD0F392DFBB} => pcalua.exe -a G:\HijackThis.exe -d G:\
Task: {A0F6B80D-0CF1-4C63-BF4E-A0B2E3AFFE58} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
Task: {BCC80119-3E1E-4702-AF70-4455270ACCA6} - System32\Tasks\Open Hardware Monitor\Startup => C:\Users\bubba7882\Documents\openhardwaremonitor-v0.4.0-beta\OpenHardwareMonitor\OpenHardwareMonitor.exe
Task: {BD823E1D-AF47-4A01-86BB-BD40D777E9BF} - System32\Tasks\{2ECA3923-649B-4A51-A927-35062A6D354D} => pcalua.exe -a D:\EN_Fallout_3_DLC.EXE -d D:\
Task: {C9BEE70B-08B1-4F49-8A25-3A81047C141F} - System32\Tasks\{6D07E623-B05D-427B-9107-B5DF92DDEB29} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe -c /M{5588D686-D23B-4C9D-BDFA-2A7875CD3722} /l1033
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {FDCFDC49-9341-4D7A-860E-09FE94DEB612} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic Professional\iologovernor64.exe [2015-02-12] (iolo technologies, LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-12-03 17:35 - 2015-12-04 03:52 - 00162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-01-21 10:01 - 2012-03-27 20:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2015-12-17 18:04 - 2015-12-17 18:04 - 08903848 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2015-01-01 17:23 - 2015-07-07 15:58 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-04-15 10:13 - 2015-11-12 11:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2015-02-13 20:17 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\bubba7882\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GIGABYTE OC_GURU.lnk => C:\Windows\pss\GIGABYTE OC_GURU.lnk.CommonStartup
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{987333F1-D922-4E31-81D8-340DA00D1C7C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2DF5DA84-5304-426A-8F49-54E69E3068B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6683C428-AD66-4AB6-98BF-51DB8A4B7139}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{934762D8-3514-4E82-A636-A8EC4803C666}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EAA342CF-29A4-4B13-9291-54993BFB8959}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{AA237C5B-8B25-413D-8993-6D0E53853831}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{37AC8D26-B48E-4117-8BAF-B3247DD586F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{3F3CD6F4-5D4C-4D6E-B201-637A9D0E3832}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{B3836900-4AC5-48BC-A75F-C5A36F357008}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{D46B8666-9198-4851-95E1-7C2592C354E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{20B26D79-A11B-4F4F-B0F6-FE7DF2DD54D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{5529F112-D3D4-4682-99CD-37CE6C9D8A26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{7068DF4E-ABA1-4D82-BC85-5BA5FD735620}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{3A454BC0-D356-49E9-B703-9E42C4066E4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{1C64E937-EB3C-4C34-80FA-1784B606E896}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis\Bin32\Crysis.exe
FirewallRules: [{F1DDD5E6-0338-4913-82BF-7FFD350D04BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis\Bin32\Crysis.exe
FirewallRules: [{1C44920D-3003-4998-9CB4-C5D38A735596}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{3CD9F7C1-EB90-4E23-9568-B7B7A6AA9186}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{60CEAE71-93D1-4567-A70F-5508069D89CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{E057878F-7788-4835-B41E-9D4ECC230FA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{6A4BCA96-38B6-49EF-A8D0-F01FFE6652E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{E4E5D765-35BA-4DC9-8925-A94B2E9F2928}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{61FB93E3-59CF-48AD-A898-F8847E0FC1D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{2CC81EBA-0341-477A-9C20-F8D7E313132B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{D0B0FD34-0BD5-40B0-B07E-BFCF02ECD7B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{8C006E4A-E842-46BB-8949-94080CAE521A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{831DCF65-5A13-45DC-BF79-93B5A6D57FEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAGE\Rage.exe
FirewallRules: [{2EDE7E1A-8843-469F-99C4-718BAF132C8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAGE\Rage.exe
FirewallRules: [{23130AF6-8FC6-4873-A551-86822D18A6DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAGE\Rage64.exe
FirewallRules: [{60992B2B-3ECA-4A88-A8ED-1FB87A3A0542}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAGE\Rage64.exe
FirewallRules: [{6EFE7CB4-0033-45AE-AF50-517AACF9DAF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{A91A4AEE-B18E-4819-AE5E-ECF48889208E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{46CAE61F-7F76-4622-8F2A-D4F9C9CD15CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{E2A8CBD8-58E7-4A23-A188-755E4E6A90A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{275F6CF9-9AD4-47EB-A906-4CB98267E8AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [{F7006856-13A3-4C1A-9ACB-FB2568D7EBA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [{04CE1324-5932-4D99-932E-F207C435DFE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{D897BFA5-4069-4485-B4AE-3BC91C3E358F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{A1B54959-30CF-4710-AF06-5135C5C95F89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{7C5F46C8-65E0-4A52-BB1B-1601AB84A2F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{14B64843-EADF-40E8-BB82-B24AA85C6489}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{16C47997-8246-416D-AFB2-276088F8E927}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{7418F4FC-8FAC-4A5C-89C3-0259FA354C9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{61B056B1-0FF4-41FD-A8E3-3938882E3A03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{D293F8D3-5CB8-4BB1-8FA8-B7BC2B56CD89}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{442771E7-61EC-4FBC-852F-9E9F3A93EE80}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EAABA5DC-F576-4775-BE25-36AC49E96BA3}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{28C9991E-9E65-4132-B8AB-4DC98683A3B5}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{6FEF72D5-1774-4276-B861-4CED32CF55B8}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{7EBA7E52-124F-47E2-A9FB-D62B1CF2CA71}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{2DB0A937-C2DD-4429-953C-FADFE69DB93A}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{1EE6D595-6D98-4DEB-B0DD-04533E448ECE}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [TCP Query User{CAC1C754-6D6A-484D-9E34-809856C89758}C:\program files (x86)\origin games\dragon age\bin_ship\eacoreserver.exe] => (Allow) C:\program files (x86)\origin games\dragon age\bin_ship\eacoreserver.exe
FirewallRules: [UDP Query User{B1099C36-534D-4D66-93CF-628C1403B750}C:\program files (x86)\origin games\dragon age\bin_ship\eacoreserver.exe] => (Allow) C:\program files (x86)\origin games\dragon age\bin_ship\eacoreserver.exe
FirewallRules: [{58CCFB4A-3F5E-421B-830B-6C5D2BB5608E}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{0F64D10F-6A55-452F-9C3D-852A775A3620}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{A548F6F7-DC47-4C05-BC1A-D9A3E03CA031}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{742D911F-6A38-421F-AFEA-29C4D6734BAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{502B69C2-73B1-4DF4-8689-2FC114435F63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{78F87FF8-723F-47CB-8748-826B55751FAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{836DD813-6032-4592-BFCE-7DFFBFDB4E13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{C546A84C-EBE4-4895-A2E4-EF5C2717F3EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{389CA7DF-58DE-4EAE-84FD-D22487E62816}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1C20685C-C4D9-4484-98F8-3B3A995C9CDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{630E8E1D-B3DF-4DF3-83DC-36A1C1CEC7F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{3B93099D-77F9-4416-B69A-89E8FEB4EEF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{9A247614-2326-4C85-8B3F-2B1DF6636145}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{D3DE60B3-DD20-429A-BFC1-CB5C8152CD78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{6B4D9751-2E4F-4D77-B6D0-CC335684D920}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{88294451-1A15-4C39-9A93-C6A9A87F8472}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{63E46DAE-8302-4A9E-8F2A-2CC4E9968167}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{3DAA1F24-8E8D-408A-B25A-5C51858A52AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{BEBB03D0-9ADC-4DB5-AFAF-2DFF8268F36E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{E3C5AA2C-2D1B-4AC9-8D79-30FDFDCE2FBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{28C0CF1D-5967-4BEF-BFE8-16DF9A37B0DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{7A49FF48-60C8-4390-A54B-09F8630C9675}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{D725462F-06F2-43D2-B7C4-03701AFA86BD}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{DACBE283-22B1-4BAB-B8CA-186AD9DE9679}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{2942BE88-65EC-4283-A050-9D8E7C071EFB}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{FFA33A09-5B25-4A5E-AAC8-BAD7BAFE5536}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{41024990-FB6F-44DB-8D83-9F592B278D6C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{52035B55-B941-4B67-B763-E5BC37E066E8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C7556DC6-60F8-4F05-9DA3-3E699A264B11}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0097D3EF-045D-4A4B-8B57-2FC7629CD301}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{A9D15F61-41EF-44FA-8C54-62E75D82BEC5}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{B2352213-DF95-4E2C-8F5B-D31DD0B9DFC5}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{338EB7EF-3747-4303-96EF-13B977D6B4CD}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{4AAFB049-14D3-4418-BF40-4BB52F641C52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{C2FE15E3-0570-4A1C-B08E-2E566AE48800}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [TCP Query User{D2AAFBE3-00EC-4517-B23A-E15AA2F7DA26}C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [UDP Query User{7EC199E3-078F-4216-9045-981809E2D2EB}C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [TCP Query User{4067D69C-5AC6-4417-81FE-54BC258B146C}C:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe] => (Allow) C:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe
FirewallRules: [UDP Query User{7934258E-AB03-42C2-8DFA-EBC540C0845E}C:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe] => (Allow) C:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe
FirewallRules: [{71E79C57-D463-4988-88CC-51F94D812DD8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{339FAFCF-09C0-4B31-8C91-BB51406426BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{357BC0AD-1883-4CAF-8AFC-4C72DD999588}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CA5E9D22-0DCF-42DD-A1D7-E2E0A35E3CAA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{635F8309-1D55-4E36-B184-3C1CC3220888}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{64FF56D6-CEDE-45B5-B970-27F3C2151A09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{46013318-4CC1-4443-9A5F-261C366833CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{07C51593-C2A2-4D8D-81D4-73CEA02B96C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{CECB24A9-2843-40CD-9005-51F7C3D70284}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FAFEC09D-FFF4-4821-9D35-E861BAEA5318}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{497BEE47-ABD1-4522-81E8-EDF033CE5AF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{234745F5-C809-4EA8-9580-F3BC387D910C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6F2DCF45-B12E-4B42-B81B-32280EB7C280}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EAA42935-C53B-40A3-9810-A8900712FDF4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5751B6C0-F136-40FB-ACD2-F64076910AB9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2AA17FE-BB23-43A2-BC5D-FCCD7CB98749}] => (Allow) C:\Users\bubba7882\AppData\Roaming\Andy_45_Online\Setup.exe
FirewallRules: [{7AC512B6-6340-413C-9E0F-43B65DC24D2E}] => (Allow) C:\Users\bubba7882\AppData\Roaming\Andy_45_Online\Setup.exe
FirewallRules: [{08956593-0566-4B61-8C17-C5B6CD7A64D7}] => (Allow) C:\Program Files\Andy\Andy.exe
FirewallRules: [{6F2CA510-59B3-4DC1-AA1A-57EC90A9F702}] => (Allow) C:\Program Files\Andy\Andy.exe
FirewallRules: [{0807E1E4-F27E-4634-A6D2-C34A18535293}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{FEB00019-EA8B-48FB-A7F7-FD4DF6DB6A9F}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{34A6B416-563D-45C1-AA8B-E6B637D20D0C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{DC310020-47D5-4F91-A1C6-B9D4194DCA73}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{AE3B1017-AE02-4923-8841-F2E2E480ABC3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{7569BF4E-1C8E-4133-A216-2CD4194C34A2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{3723632A-7AA8-4EA9-9172-C5BBEB42FE46}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A662B742-64F0-41E2-BF2F-596540A4E89A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{89987AAD-9EE9-41B6-8E9C-8019C022F6AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{AFE19235-3A66-4D38-9239-FEFC6481E371}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{1DE55BE6-9F31-4E90-ABA9-DDF88257C862}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{0F947A2B-DC76-423E-8C5B-E5F2045F8B82}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{E1A78C05-DF3F-4FF9-ABF7-F82193D371DB}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{0EBF46F3-D303-4BCF-9094-01054E391AFE}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{A0922526-759C-4A0D-82D5-09A79BB767EF}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{37F68012-5C75-4DB1-B39E-76E3864F5B26}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{9D54658B-5642-4E6B-9216-B1323F80915F}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{BC6BDE34-AE09-45A5-AC4E-633F117F4157}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{BD056D4B-DEDB-4352-90FF-0A0E5AFCC9B7}] => (Allow) C:\KOGGAMES\Elsword\data\x2.exe
FirewallRules: [{F6430028-9A3B-42E1-8348-E1DFFBE2EACC}] => (Allow) C:\KOGGAMES\Elsword\data\x2.exe
FirewallRules: [TCP Query User{0386EB75-C508-4EF4-B44E-6473051193C6}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{EBFB6C2A-D583-4736-971C-30AF0BA209E2}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{B5EFAD69-AACF-4840-AECF-9A4A408B86BE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{06EA57E8-E028-40F3-B8B8-9240CF549280}C:\cyberstep\cosmicleague_us\programs\cosmic.exe] => (Block) C:\cyberstep\cosmicleague_us\programs\cosmic.exe
FirewallRules: [UDP Query User{2834A1D0-6FEC-4AD5-848D-D7795806D793}C:\cyberstep\cosmicleague_us\programs\cosmic.exe] => (Block) C:\cyberstep\cosmicleague_us\programs\cosmic.exe

==================== Restore Points =========================

05-01-2016 04:45:37 Windows Update
07-01-2016 15:45:08 Windows Update
07-01-2016 16:25:50 Windows Update
07-01-2016 16:44:38 Windows Update
10-01-2016 11:56:12 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-01-2015
Ran by bubba7882 (administrator) on BUBBA7882-PC (10-01-2016 12:10:30)
Running from H:\
Loaded Profiles: bubba7882 (Available Profiles: bubba7882 & elijah)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_20_0_0_270_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-26] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-25] (Intel Corporation)
HKLM-x32\...\Run: [ioloLiveBoost] => C:\Program Files (x86)\iolo\System Mechanic Professional\LiveBoost.exe [5482104 2015-02-12] (iolo technologies, LLC)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-12-02] (SUPERAntiSpyware)
HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2015-12-18] (Electronic Arts)
HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\MountPoints2: {0a2ccf4b-89cc-11e4-b820-806e6f6e6963} - D:\setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-07-22] (NVIDIA Corporation)
GroupPolicyUsers\S-1-5-21-3614536588-2617517549-1861796641-1004\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{1562F5CB-2430-4311-BB6E-1D78FD731F05}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{379EA2AA-652D-4098-BCBC-3A0BAD52BC3A}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{A6406D1D-2B4F-401A-AC5D-E1161703F3C5}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3614536588-2617517549-1861796641-1000 -> DefaultScope {E2CDFA59-E202-434C-B9A8-01784AC153A0} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3614536588-2617517549-1861796641-1000 -> {E2CDFA59-E202-434C-B9A8-01784AC153A0} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-12-17] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2015-12-17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-12-17] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2015-12-17] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\bubba7882\AppData\Roaming\Mozilla\Firefox\Profiles\txahttde.default
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-04-11] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-04-11] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-12-17] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-22] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3614536588-2617517549-1861796641-1000: @nsroblox.roblox.com/launcher -> C:\Users\bubba7882\AppData\Local\Roblox\Versions\version-f7131a583a8d4ea7\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3614536588-2617517549-1861796641-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\bubba7882\AppData\Local\Roblox\Versions\version-f7131a583a8d4ea7\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-12-22] (SUPERAntiSpyware.com)
S4 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-08-18] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2748600 2015-12-04] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-16] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6952504 2015-10-16] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-27] ()
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4702920 2015-02-12] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-04-11] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3590696 2015-10-19] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-18] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-07-07] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] ()
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-13] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-13] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178520 2015-07-13] (ESET)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-09-18] (EldoS Corporation)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [168208 2015-07-13] (ESET)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-08-13] (EldoS Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
R1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21584 2013-05-06] ()
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-10 12:04 - 2016-01-10 12:10 - 00000000 ____D C:\FRST
2016-01-10 11:58 - 2016-01-10 11:58 - 00001086 _____ C:\Users\bubba7882\Desktop\JRT.txt
2016-01-10 11:43 - 2016-01-10 12:01 - 00000000 ____D C:\AdwCleaner
2016-01-10 11:37 - 2016-01-10 11:37 - 00111448 _____ C:\Users\bubba7882\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-10 11:35 - 2016-01-10 11:35 - 00437848 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-09 22:12 - 2016-01-10 11:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-07 16:44 - 2015-08-05 10:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-01-07 16:44 - 2015-08-05 10:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-01-05 13:34 - 2016-01-05 13:34 - 00000000 ____D C:\ProgramData\.mono
2016-01-05 13:29 - 2016-01-05 13:29 - 00000000 ____D C:\Users\bubba7882\AppData\Roaming\.mono
2016-01-05 13:15 - 2016-01-05 13:15 - 00001574 _____ C:\Users\bubba7882\Desktop\Pokémon Trading Card Game Online.lnk
2016-01-05 13:15 - 2016-01-05 13:15 - 00000000 ____D C:\Users\bubba7882\AppData\Roaming\Pokémon Trading Card Game Online
2016-01-05 13:15 - 2016-01-05 13:15 - 00000000 ____D C:\Users\bubba7882\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online
2016-01-05 13:15 - 2016-01-05 13:15 - 00000000 ____D C:\Users\bubba7882\AppData\LocalLow\Unity
2016-01-05 13:15 - 2016-01-05 13:15 - 00000000 ____D C:\Users\bubba7882\AppData\LocalLow\The Pok__mon Company International
2015-12-21 22:14 - 2015-12-22 01:23 - 00000000 ____D C:\Users\elijah\AppData\Local\Google
2015-12-21 22:13 - 2015-12-21 22:13 - 00927824 _____ (Google Inc.) C:\Users\elijah\Downloads\ChromeSetup.exe
2015-12-21 10:50 - 2015-12-21 10:50 - 00000000 ____D C:\Users\elijah\AppData\Roaming\SUPERAntiSpyware.com
2015-12-16 18:45 - 2015-12-16 18:47 - 00000000 ____D C:\Users\elijah\AppData\Local\Deployment
2015-12-16 18:45 - 2015-12-16 18:45 - 00000000 ____D C:\Users\elijah\AppData\LocalLow\Unity
2015-12-16 18:45 - 2015-12-16 18:45 - 00000000 ____D C:\Users\elijah\AppData\Local\Unity
2015-12-16 18:45 - 2015-12-16 18:45 - 00000000 ____D C:\Users\elijah\AppData\Local\Apps\2.0
2015-12-15 19:28 - 2015-12-15 19:28 - 00001515 _____ C:\Users\elijah\Desktop\CosmicLeague_US.lnk
2015-12-15 19:28 - 2015-12-15 19:28 - 00000000 ____D C:\Users\elijah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberStep, Inc
2015-12-15 19:28 - 2015-12-15 19:28 - 00000000 ____D C:\CyberStep
2015-12-11 14:34 - 2015-12-11 14:34 - 00002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2015-12-11 14:34 - 2015-12-11 14:34 - 00002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2015-12-11 14:34 - 2015-12-11 14:34 - 00002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2015-12-11 14:34 - 2015-12-11 14:34 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2015-12-11 14:34 - 2015-12-11 14:34 - 00002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2015-12-11 14:34 - 2015-12-11 14:34 - 00002366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2015-12-11 14:34 - 2015-12-11 14:34 - 00002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2015-12-11 14:34 - 2015-12-11 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2015-12-11 14:33 - 2015-12-11 14:34 - 00000000 ____D C:\Program Files\Microsoft Office 15

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-10 12:07 - 2015-01-20 18:42 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-10 12:05 - 2009-07-13 20:20 - 00000000 ____D C:\Windows
2016-01-10 12:01 - 2009-07-13 21:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-10 12:01 - 2009-07-13 21:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-10 11:54 - 2014-12-22 22:08 - 00000000 ____D C:\ProgramData\Origin
2016-01-10 11:53 - 2014-12-22 04:24 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-10 11:53 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-10 11:42 - 2014-12-22 05:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-10 11:35 - 2015-08-05 19:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-10 11:00 - 2014-12-22 12:44 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-10 10:07 - 2014-12-22 03:56 - 00000000 ____D C:\Users\bubba7882
2016-01-10 10:01 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\inf
2016-01-09 19:29 - 2015-04-13 22:42 - 00000080 _____ C:\Users\bubba7882\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2016-01-09 19:29 - 2015-04-13 20:02 - 00000000 ____D C:\Program Files\Rockstar Games
2016-01-09 19:29 - 2015-04-13 20:02 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-01-08 14:30 - 2014-12-22 09:17 - 00000000 ____D C:\Users\bubba7882\AppData\Roaming\Adobe
2016-01-07 13:25 - 2009-07-13 22:13 - 00784286 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-06 20:37 - 2015-10-26 22:46 - 00000000 ____D C:\Users\elijah\AppData\LocalLow\RbxLogs
2016-01-05 19:55 - 2015-08-17 18:15 - 00000000 ____D C:\Users\bubba7882\AppData\LocalLow\RbxLogs
2016-01-05 15:20 - 2015-08-17 18:20 - 00001360 _____ C:\Users\bubba7882\Desktop\ROBLOX Player.lnk
2016-01-05 15:20 - 2015-08-17 18:15 - 00001179 _____ C:\Users\bubba7882\Desktop\ROBLOX Studio.lnk
2016-01-05 15:20 - 2015-08-17 18:15 - 00000000 ____D C:\Users\bubba7882\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2016-01-02 21:13 - 2015-01-21 10:01 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-01-02 02:07 - 2015-01-20 18:42 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-02 02:07 - 2014-12-22 21:36 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-02 02:07 - 2014-12-22 21:36 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-18 14:46 - 2014-12-22 22:08 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-17 21:19 - 2015-04-04 19:21 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-17 21:19 - 2015-04-04 19:21 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-17 18:13 - 2015-03-11 07:35 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-17 18:11 - 2015-03-11 07:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-15 19:28 - 2015-10-29 19:23 - 00000000 ____D C:\Users\elijah\AppData\Roaming\InstallShield Installation Information
2015-12-11 15:22 - 2015-10-26 22:47 - 00001357 _____ C:\Users\elijah\Desktop\ROBLOX Player.lnk
2015-12-11 15:22 - 2015-10-26 22:46 - 00001176 _____ C:\Users\elijah\Desktop\ROBLOX Studio.lnk
2015-12-11 15:22 - 2015-10-26 22:46 - 00000000 ____D C:\Users\elijah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox

==================== Files in the root of some directories =======

2015-01-12 16:32 - 2015-02-16 00:49 - 0007597 _____ () C:\Users\bubba7882\AppData\Local\Resmon.ResmonCfg
2014-12-22 04:35 - 2014-12-22 04:35 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-01-10 05:04

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-01-2015
Ran by bubba7882 (administrator) on BUBBA7882-PC (10-01-2016 12:10:30)
Running from H:\
Loaded Profiles: bubba7882 (Available Profiles: bubba7882 & elijah)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_20_0_0_270_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-26] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-25] (Intel Corporation)
HKLM-x32\...\Run: [ioloLiveBoost] => C:\Program Files (x86)\iolo\System Mechanic Professional\LiveBoost.exe [5482104 2015-02-12] (iolo technologies, LLC)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-12-02] (SUPERAntiSpyware)
HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2015-12-18] (Electronic Arts)
HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\MountPoints2: {0a2ccf4b-89cc-11e4-b820-806e6f6e6963} - D:\setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-07-22] (NVIDIA Corporation)
GroupPolicyUsers\S-1-5-21-3614536588-2617517549-1861796641-1004\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{1562F5CB-2430-4311-BB6E-1D78FD731F05}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{379EA2AA-652D-4098-BCBC-3A0BAD52BC3A}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{A6406D1D-2B4F-401A-AC5D-E1161703F3C5}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3614536588-2617517549-1861796641-1000 -> DefaultScope {E2CDFA59-E202-434C-B9A8-01784AC153A0} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3614536588-2617517549-1861796641-1000 -> {E2CDFA59-E202-434C-B9A8-01784AC153A0} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-12-17] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2015-12-17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-12-17] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2015-12-17] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\bubba7882\AppData\Roaming\Mozilla\Firefox\Profiles\txahttde.default
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-04-11] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-04-11] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-12-17] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-22] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3614536588-2617517549-1861796641-1000: @nsroblox.roblox.com/launcher -> C:\Users\bubba7882\AppData\Local\Roblox\Versions\version-f7131a583a8d4ea7\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3614536588-2617517549-1861796641-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\bubba7882\AppData\Local\Roblox\Versions\version-f7131a583a8d4ea7\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-12-22] (SUPERAntiSpyware.com)
S4 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-08-18] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2748600 2015-12-04] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-16] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6952504 2015-10-16] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-27] ()
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4702920 2015-02-12] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-04-11] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3590696 2015-10-19] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-18] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-07-07] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] ()
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-13] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-13] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178520 2015-07-13] (ESET)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-09-18] (EldoS Corporation)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [168208 2015-07-13] (ESET)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-08-13] (EldoS Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
R1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21584 2013-05-06] ()
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-10 12:04 - 2016-01-10 12:10 - 00000000 ____D C:\FRST
2016-01-10 11:58 - 2016-01-10 11:58 - 00001086 _____ C:\Users\bubba7882\Desktop\JRT.txt
2016-01-10 11:43 - 2016-01-10 12:01 - 00000000 ____D C:\AdwCleaner
2016-01-10 11:37 - 2016-01-10 11:37 - 00111448 _____ C:\Users\bubba7882\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-10 11:35 - 2016-01-10 11:35 - 00437848 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-09 22:12 - 2016-01-10 11:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-07 16:44 - 2015-08-05 10:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-01-07 16:44 - 2015-08-05 10:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-01-05 13:34 - 2016-01-05 13:34 - 00000000 ____D C:\ProgramData\.mono
2016-01-05 13:29 - 2016-01-05 13:29 - 00000000 ____D C:\Users\bubba7882\AppData\Roaming\.mono
2016-01-05 13:15 - 2016-01-05 13:15 - 00001574 _____ C:\Users\bubba7882\Desktop\Pokémon Trading Card Game Online.lnk
2016-01-05 13:15 - 2016-01-05 13:15 - 00000000 ____D C:\Users\bubba7882\AppData\Roaming\Pokémon Trading Card Game Online
2016-01-05 13:15 - 2016-01-05 13:15 - 00000000 ____D C:\Users\bubba7882\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online
2016-01-05 13:15 - 2016-01-05 13:15 - 00000000 ____D C:\Users\bubba7882\AppData\LocalLow\Unity
2016-01-05 13:15 - 2016-01-05 13:15 - 00000000 ____D C:\Users\bubba7882\AppData\LocalLow\The Pok__mon Company International
2015-12-21 22:14 - 2015-12-22 01:23 - 00000000 ____D C:\Users\elijah\AppData\Local\Google
2015-12-21 22:13 - 2015-12-21 22:13 - 00927824 _____ (Google Inc.) C:\Users\elijah\Downloads\ChromeSetup.exe
2015-12-21 10:50 - 2015-12-21 10:50 - 00000000 ____D C:\Users\elijah\AppData\Roaming\SUPERAntiSpyware.com
2015-12-16 18:45 - 2015-12-16 18:47 - 00000000 ____D C:\Users\elijah\AppData\Local\Deployment
2015-12-16 18:45 - 2015-12-16 18:45 - 00000000 ____D C:\Users\elijah\AppData\LocalLow\Unity
2015-12-16 18:45 - 2015-12-16 18:45 - 00000000 ____D C:\Users\elijah\AppData\Local\Unity
2015-12-16 18:45 - 2015-12-16 18:45 - 00000000 ____D C:\Users\elijah\AppData\Local\Apps\2.0
2015-12-15 19:28 - 2015-12-15 19:28 - 00001515 _____ C:\Users\elijah\Desktop\CosmicLeague_US.lnk
2015-12-15 19:28 - 2015-12-15 19:28 - 00000000 ____D C:\Users\elijah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberStep, Inc
2015-12-15 19:28 - 2015-12-15 19:28 - 00000000 ____D C:\CyberStep
2015-12-11 14:34 - 2015-12-11 14:34 - 00002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2015-12-11 14:34 - 2015-12-11 14:34 - 00002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2015-12-11 14:34 - 2015-12-11 14:34 - 00002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2015-12-11 14:34 - 2015-12-11 14:34 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2015-12-11 14:34 - 2015-12-11 14:34 - 00002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2015-12-11 14:34 - 2015-12-11 14:34 - 00002366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2015-12-11 14:34 - 2015-12-11 14:34 - 00002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2015-12-11 14:34 - 2015-12-11 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2015-12-11 14:33 - 2015-12-11 14:34 - 00000000 ____D C:\Program Files\Microsoft Office 15

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-10 12:07 - 2015-01-20 18:42 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-10 12:05 - 2009-07-13 20:20 - 00000000 ____D C:\Windows
2016-01-10 12:01 - 2009-07-13 21:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-10 12:01 - 2009-07-13 21:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-10 11:54 - 2014-12-22 22:08 - 00000000 ____D C:\ProgramData\Origin
2016-01-10 11:53 - 2014-12-22 04:24 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-10 11:53 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-10 11:42 - 2014-12-22 05:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-10 11:35 - 2015-08-05 19:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-10 11:00 - 2014-12-22 12:44 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-10 10:07 - 2014-12-22 03:56 - 00000000 ____D C:\Users\bubba7882
2016-01-10 10:01 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\inf
2016-01-09 19:29 - 2015-04-13 22:42 - 00000080 _____ C:\Users\bubba7882\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2016-01-09 19:29 - 2015-04-13 20:02 - 00000000 ____D C:\Program Files\Rockstar Games
2016-01-09 19:29 - 2015-04-13 20:02 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-01-08 14:30 - 2014-12-22 09:17 - 00000000 ____D C:\Users\bubba7882\AppData\Roaming\Adobe
2016-01-07 13:25 - 2009-07-13 22:13 - 00784286 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-06 20:37 - 2015-10-26 22:46 - 00000000 ____D C:\Users\elijah\AppData\LocalLow\RbxLogs
2016-01-05 19:55 - 2015-08-17 18:15 - 00000000 ____D C:\Users\bubba7882\AppData\LocalLow\RbxLogs
2016-01-05 15:20 - 2015-08-17 18:20 - 00001360 _____ C:\Users\bubba7882\Desktop\ROBLOX Player.lnk
2016-01-05 15:20 - 2015-08-17 18:15 - 00001179 _____ C:\Users\bubba7882\Desktop\ROBLOX Studio.lnk
2016-01-05 15:20 - 2015-08-17 18:15 - 00000000 ____D C:\Users\bubba7882\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2016-01-02 21:13 - 2015-01-21 10:01 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-01-02 02:07 - 2015-01-20 18:42 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-02 02:07 - 2014-12-22 21:36 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-02 02:07 - 2014-12-22 21:36 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-18 14:46 - 2014-12-22 22:08 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-17 21:19 - 2015-04-04 19:21 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-17 21:19 - 2015-04-04 19:21 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-17 18:13 - 2015-03-11 07:35 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-17 18:11 - 2015-03-11 07:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-15 19:28 - 2015-10-29 19:23 - 00000000 ____D C:\Users\elijah\AppData\Roaming\InstallShield Installation Information
2015-12-11 15:22 - 2015-10-26 22:47 - 00001357 _____ C:\Users\elijah\Desktop\ROBLOX Player.lnk
2015-12-11 15:22 - 2015-10-26 22:46 - 00001176 _____ C:\Users\elijah\Desktop\ROBLOX Studio.lnk
2015-12-11 15:22 - 2015-10-26 22:46 - 00000000 ____D C:\Users\elijah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox

==================== Files in the root of some directories =======

2015-01-12 16:32 - 2015-02-16 00:49 - 0007597 _____ () C:\Users\bubba7882\AppData\Local\Resmon.ResmonCfg
2014-12-22 04:35 - 2014-12-22 04:35 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-01-10 05:04

==================== End of FRST.txt ============================

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-01-2015
Ran by bubba7882 (2016-01-10 12:10:43)
Running from H:\
Windows 7 Home Premium Service Pack 1 (X64) (2014-12-22 10:56:00)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3614536588-2617517549-1861796641-500 - Administrator - Disabled)
bubba7882 (S-1-5-21-3614536588-2617517549-1861796641-1000 - Administrator - Enabled) => C:\Users\bubba7882
elijah (S-1-5-21-3614536588-2617517549-1861796641-1004 - Limited - Enabled) => C:\Users\elijah
Guest (S-1-5-21-3614536588-2617517549-1861796641-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3614536588-2617517549-1861796641-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 8.0 (Enabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.12 (HKLM-x32\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19480 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.270 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version:  - Rebellion)
Andy OS (HKLM\...\Andy OS) (Version: 0.45.0.0 - Andy OS, Inc)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM-x32\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG2500 series User Registration (HKLM-x32\...\Canon MG2500 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Crysis (HKLM-x32\...\Steam App 17300) (Version:  - Crytek)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
DC Universe Online (HKLM-x32\...\Steam App 24200) (Version:  - Daybreak Games)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
DEFIANCE (HKLM-x32\...\{570174D7-87BF-4B48-878F-29C57E387D38}) (Version: 1.00.0000 - Trion Worlds, Inc.)
Dishonored (HKLM-x32\...\Steam App 205100) (Version:  - Arkane Studios)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EA Installer (HKLM-x32\...\EA Installer.140553725) (Version: 2.2.0.62 - Electronic Arts, Inc.)
EA Installer (HKLM-x32\...\EA Installer.1635480076) (Version: 2.2.0.62 - Electronic Arts, Inc.)
EA Installer (HKLM-x32\...\EA Installer.-2072690567) (Version: 2.2.0.62 - Electronic Arts, Inc.)
EA Shared Game Component: Activation (HKLM-x32\...\com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 2.2.0.62 - Electronic Arts)
EA Shared Game Component: Activation (x32 Version: 2.2.0 - Electronic Arts) Hidden
Elsword version v5.1117.4.3 (HKLM-x32\...\{E655DDFC-24DB-4FC3-8474-271E911309B4}_is1) (Version: v5.1117.4.3 - KOGGAMES)
ESET NOD32 Antivirus (HKLM\...\{5F2AE448-CD4B-40BD-B245-5F0CD06A09B0}) (Version: 8.0.319.0 - ESET, spol s r. o.)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.47.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.47.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version:  - Rockstar Games)
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Network Connections 18.3.72.0 (HKLM\...\PROSetDX) (Version: 18.3.72.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3186 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iolo technologies' System Mechanic Professional (HKLM-x32\...\{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1) (Version: 14.5.0 - iolo technologies, LLC)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Marvel Heroes 2015 (HKLM-x32\...\Steam App 226320) (Version:  - Gazillion Entertainment)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1035 - Marvell)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6366.2036 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 43.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.2 - Black Tree Gaming)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
ON_OFF Charge 2 B13.0506.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.0506.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
Pokémon Trading Card Game Online (HKLM-x32\...\{389E656E-5FE8-4266-858D-760345A997E8}) (Version: 2.33.0 - The Pokémon Company International)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
RAGE (HKLM-x32\...\Steam App 9200) (Version:  - id Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6849 - Realtek Semiconductor Corp.)
ROBLOX Player for bubba7882 (HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio for bubba7882 (HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)
Saints Row 2 (HKLM-x32\...\Steam App 9480) (Version:  - Volition)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 8.0.0.28 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1134 - SUPERAntiSpyware.com)
System Mechanic 14 Professional (x32 Version: 14.5.0 - ) Hidden
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.9.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.0.10.0 - GOG.com)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD Projekt RED)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
TP-LINK TL-WDN3200 Driver (HKLM-x32\...\{C0C6BCBC-0884-4C66-B5EF-0B7668FE2B10}) (Version: 1.3.1 - TP-LINK)
TP-LINK TL-WN727N Driver (HKLM-x32\...\{E796AA87-FE52-49A8-AD93-0236A9F87632}) (Version: 1.2.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.2.1 - TP-LINK)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {399AD6D2-4AB9-4F82-90D1-9CC61F506694} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-12-04] (Microsoft Corporation)
Task: {3C94A7BE-E4BC-4524-B19F-D2DE2AF5C86E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-12-04] (Microsoft Corporation)
Task: {3E0FA5E1-521C-4D15-A898-D367D93FF2C4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {3F1D2517-978C-4B54-A4E7-FA8B98A6C232} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {5880336E-0EAB-471A-9DEC-0B4D2EEED197} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {85489A88-D4A2-4BE7-86A4-E8843C38E55C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-02] (Adobe Systems Incorporated)
Task: {93E473FE-6679-4670-A916-FE4DBE67444F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {A00C6660-F7A1-4D53-88E2-4A5C3C4F8378} - System32\Tasks\{7B01D340-91EA-4167-8EB7-7FD0F392DFBB} => pcalua.exe -a G:\HijackThis.exe -d G:\
Task: {A0F6B80D-0CF1-4C63-BF4E-A0B2E3AFFE58} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
Task: {BCC80119-3E1E-4702-AF70-4455270ACCA6} - System32\Tasks\Open Hardware Monitor\Startup => C:\Users\bubba7882\Documents\openhardwaremonitor-v0.4.0-beta\OpenHardwareMonitor\OpenHardwareMonitor.exe
Task: {BD823E1D-AF47-4A01-86BB-BD40D777E9BF} - System32\Tasks\{2ECA3923-649B-4A51-A927-35062A6D354D} => pcalua.exe -a D:\EN_Fallout_3_DLC.EXE -d D:\
Task: {C9BEE70B-08B1-4F49-8A25-3A81047C141F} - System32\Tasks\{6D07E623-B05D-427B-9107-B5DF92DDEB29} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe -c /M{5588D686-D23B-4C9D-BDFA-2A7875CD3722} /l1033
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {FDCFDC49-9341-4D7A-860E-09FE94DEB612} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic Professional\iologovernor64.exe [2015-02-12] (iolo technologies, LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-12-03 17:35 - 2015-12-04 03:52 - 00162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-01-21 10:01 - 2012-03-27 20:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2015-12-17 18:04 - 2015-12-17 18:04 - 08903848 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2015-01-01 17:23 - 2015-07-07 15:58 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-04-15 10:13 - 2015-11-12 11:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2015-02-13 20:17 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\bubba7882\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GIGABYTE OC_GURU.lnk => C:\Windows\pss\GIGABYTE OC_GURU.lnk.CommonStartup
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{987333F1-D922-4E31-81D8-340DA00D1C7C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2DF5DA84-5304-426A-8F49-54E69E3068B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6683C428-AD66-4AB6-98BF-51DB8A4B7139}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{934762D8-3514-4E82-A636-A8EC4803C666}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EAA342CF-29A4-4B13-9291-54993BFB8959}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{AA237C5B-8B25-413D-8993-6D0E53853831}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{37AC8D26-B48E-4117-8BAF-B3247DD586F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{3F3CD6F4-5D4C-4D6E-B201-637A9D0E3832}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{B3836900-4AC5-48BC-A75F-C5A36F357008}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{D46B8666-9198-4851-95E1-7C2592C354E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{20B26D79-A11B-4F4F-B0F6-FE7DF2DD54D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{5529F112-D3D4-4682-99CD-37CE6C9D8A26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{7068DF4E-ABA1-4D82-BC85-5BA5FD735620}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{3A454BC0-D356-49E9-B703-9E42C4066E4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{1C64E937-EB3C-4C34-80FA-1784B606E896}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis\Bin32\Crysis.exe
FirewallRules: [{F1DDD5E6-0338-4913-82BF-7FFD350D04BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis\Bin32\Crysis.exe
FirewallRules: [{1C44920D-3003-4998-9CB4-C5D38A735596}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{3CD9F7C1-EB90-4E23-9568-B7B7A6AA9186}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{60CEAE71-93D1-4567-A70F-5508069D89CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{E057878F-7788-4835-B41E-9D4ECC230FA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{6A4BCA96-38B6-49EF-A8D0-F01FFE6652E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{E4E5D765-35BA-4DC9-8925-A94B2E9F2928}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{61FB93E3-59CF-48AD-A898-F8847E0FC1D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{2CC81EBA-0341-477A-9C20-F8D7E313132B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{D0B0FD34-0BD5-40B0-B07E-BFCF02ECD7B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{8C006E4A-E842-46BB-8949-94080CAE521A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{831DCF65-5A13-45DC-BF79-93B5A6D57FEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAGE\Rage.exe
FirewallRules: [{2EDE7E1A-8843-469F-99C4-718BAF132C8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAGE\Rage.exe
FirewallRules: [{23130AF6-8FC6-4873-A551-86822D18A6DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAGE\Rage64.exe
FirewallRules: [{60992B2B-3ECA-4A88-A8ED-1FB87A3A0542}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAGE\Rage64.exe
FirewallRules: [{6EFE7CB4-0033-45AE-AF50-517AACF9DAF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{A91A4AEE-B18E-4819-AE5E-ECF48889208E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{46CAE61F-7F76-4622-8F2A-D4F9C9CD15CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{E2A8CBD8-58E7-4A23-A188-755E4E6A90A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{275F6CF9-9AD4-47EB-A906-4CB98267E8AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [{F7006856-13A3-4C1A-9ACB-FB2568D7EBA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [{04CE1324-5932-4D99-932E-F207C435DFE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{D897BFA5-4069-4485-B4AE-3BC91C3E358F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{A1B54959-30CF-4710-AF06-5135C5C95F89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{7C5F46C8-65E0-4A52-BB1B-1601AB84A2F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{14B64843-EADF-40E8-BB82-B24AA85C6489}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{16C47997-8246-416D-AFB2-276088F8E927}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{7418F4FC-8FAC-4A5C-89C3-0259FA354C9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{61B056B1-0FF4-41FD-A8E3-3938882E3A03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{D293F8D3-5CB8-4BB1-8FA8-B7BC2B56CD89}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{442771E7-61EC-4FBC-852F-9E9F3A93EE80}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EAABA5DC-F576-4775-BE25-36AC49E96BA3}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{28C9991E-9E65-4132-B8AB-4DC98683A3B5}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{6FEF72D5-1774-4276-B861-4CED32CF55B8}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{7EBA7E52-124F-47E2-A9FB-D62B1CF2CA71}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{2DB0A937-C2DD-4429-953C-FADFE69DB93A}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{1EE6D595-6D98-4DEB-B0DD-04533E448ECE}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [TCP Query User{CAC1C754-6D6A-484D-9E34-809856C89758}C:\program files (x86)\origin games\dragon age\bin_ship\eacoreserver.exe] => (Allow) C:\program files (x86)\origin games\dragon age\bin_ship\eacoreserver.exe
FirewallRules: [UDP Query User{B1099C36-534D-4D66-93CF-628C1403B750}C:\program files (x86)\origin games\dragon age\bin_ship\eacoreserver.exe] => (Allow) C:\program files (x86)\origin games\dragon age\bin_ship\eacoreserver.exe
FirewallRules: [{58CCFB4A-3F5E-421B-830B-6C5D2BB5608E}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{0F64D10F-6A55-452F-9C3D-852A775A3620}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{A548F6F7-DC47-4C05-BC1A-D9A3E03CA031}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{742D911F-6A38-421F-AFEA-29C4D6734BAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{502B69C2-73B1-4DF4-8689-2FC114435F63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{78F87FF8-723F-47CB-8748-826B55751FAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{836DD813-6032-4592-BFCE-7DFFBFDB4E13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{C546A84C-EBE4-4895-A2E4-EF5C2717F3EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{389CA7DF-58DE-4EAE-84FD-D22487E62816}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1C20685C-C4D9-4484-98F8-3B3A995C9CDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{630E8E1D-B3DF-4DF3-83DC-36A1C1CEC7F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{3B93099D-77F9-4416-B69A-89E8FEB4EEF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{9A247614-2326-4C85-8B3F-2B1DF6636145}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{D3DE60B3-DD20-429A-BFC1-CB5C8152CD78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{6B4D9751-2E4F-4D77-B6D0-CC335684D920}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{88294451-1A15-4C39-9A93-C6A9A87F8472}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{63E46DAE-8302-4A9E-8F2A-2CC4E9968167}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{3DAA1F24-8E8D-408A-B25A-5C51858A52AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{BEBB03D0-9ADC-4DB5-AFAF-2DFF8268F36E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{E3C5AA2C-2D1B-4AC9-8D79-30FDFDCE2FBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{28C0CF1D-5967-4BEF-BFE8-16DF9A37B0DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{7A49FF48-60C8-4390-A54B-09F8630C9675}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{D725462F-06F2-43D2-B7C4-03701AFA86BD}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{DACBE283-22B1-4BAB-B8CA-186AD9DE9679}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{2942BE88-65EC-4283-A050-9D8E7C071EFB}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{FFA33A09-5B25-4A5E-AAC8-BAD7BAFE5536}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{41024990-FB6F-44DB-8D83-9F592B278D6C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{52035B55-B941-4B67-B763-E5BC37E066E8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C7556DC6-60F8-4F05-9DA3-3E699A264B11}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0097D3EF-045D-4A4B-8B57-2FC7629CD301}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{A9D15F61-41EF-44FA-8C54-62E75D82BEC5}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{B2352213-DF95-4E2C-8F5B-D31DD0B9DFC5}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{338EB7EF-3747-4303-96EF-13B977D6B4CD}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{4AAFB049-14D3-4418-BF40-4BB52F641C52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{C2FE15E3-0570-4A1C-B08E-2E566AE48800}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [TCP Query User{D2AAFBE3-00EC-4517-B23A-E15AA2F7DA26}C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [UDP Query User{7EC199E3-078F-4216-9045-981809E2D2EB}C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [TCP Query User{4067D69C-5AC6-4417-81FE-54BC258B146C}C:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe] => (Allow) C:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe
FirewallRules: [UDP Query User{7934258E-AB03-42C2-8DFA-EBC540C0845E}C:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe] => (Allow) C:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe
FirewallRules: [{71E79C57-D463-4988-88CC-51F94D812DD8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{339FAFCF-09C0-4B31-8C91-BB51406426BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{357BC0AD-1883-4CAF-8AFC-4C72DD999588}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CA5E9D22-0DCF-42DD-A1D7-E2E0A35E3CAA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{635F8309-1D55-4E36-B184-3C1CC3220888}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{64FF56D6-CEDE-45B5-B970-27F3C2151A09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{46013318-4CC1-4443-9A5F-261C366833CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{07C51593-C2A2-4D8D-81D4-73CEA02B96C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{CECB24A9-2843-40CD-9005-51F7C3D70284}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FAFEC09D-FFF4-4821-9D35-E861BAEA5318}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{497BEE47-ABD1-4522-81E8-EDF033CE5AF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{234745F5-C809-4EA8-9580-F3BC387D910C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6F2DCF45-B12E-4B42-B81B-32280EB7C280}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EAA42935-C53B-40A3-9810-A8900712FDF4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5751B6C0-F136-40FB-ACD2-F64076910AB9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2AA17FE-BB23-43A2-BC5D-FCCD7CB98749}] => (Allow) C:\Users\bubba7882\AppData\Roaming\Andy_45_Online\Setup.exe
FirewallRules: [{7AC512B6-6340-413C-9E0F-43B65DC24D2E}] => (Allow) C:\Users\bubba7882\AppData\Roaming\Andy_45_Online\Setup.exe
FirewallRules: [{08956593-0566-4B61-8C17-C5B6CD7A64D7}] => (Allow) C:\Program Files\Andy\Andy.exe
FirewallRules: [{6F2CA510-59B3-4DC1-AA1A-57EC90A9F702}] => (Allow) C:\Program Files\Andy\Andy.exe
FirewallRules: [{0807E1E4-F27E-4634-A6D2-C34A18535293}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{FEB00019-EA8B-48FB-A7F7-FD4DF6DB6A9F}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{34A6B416-563D-45C1-AA8B-E6B637D20D0C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{DC310020-47D5-4F91-A1C6-B9D4194DCA73}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{AE3B1017-AE02-4923-8841-F2E2E480ABC3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{7569BF4E-1C8E-4133-A216-2CD4194C34A2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{3723632A-7AA8-4EA9-9172-C5BBEB42FE46}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A662B742-64F0-41E2-BF2F-596540A4E89A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{89987AAD-9EE9-41B6-8E9C-8019C022F6AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{AFE19235-3A66-4D38-9239-FEFC6481E371}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{1DE55BE6-9F31-4E90-ABA9-DDF88257C862}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{0F947A2B-DC76-423E-8C5B-E5F2045F8B82}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{E1A78C05-DF3F-4FF9-ABF7-F82193D371DB}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{0EBF46F3-D303-4BCF-9094-01054E391AFE}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{A0922526-759C-4A0D-82D5-09A79BB767EF}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{37F68012-5C75-4DB1-B39E-76E3864F5B26}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{9D54658B-5642-4E6B-9216-B1323F80915F}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{BC6BDE34-AE09-45A5-AC4E-633F117F4157}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{BD056D4B-DEDB-4352-90FF-0A0E5AFCC9B7}] => (Allow) C:\KOGGAMES\Elsword\data\x2.exe
FirewallRules: [{F6430028-9A3B-42E1-8348-E1DFFBE2EACC}] => (Allow) C:\KOGGAMES\Elsword\data\x2.exe
FirewallRules: [TCP Query User{0386EB75-C508-4EF4-B44E-6473051193C6}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{EBFB6C2A-D583-4736-971C-30AF0BA209E2}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{B5EFAD69-AACF-4840-AECF-9A4A408B86BE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{06EA57E8-E028-40F3-B8B8-9240CF549280}C:\cyberstep\cosmicleague_us\programs\cosmic.exe] => (Block) C:\cyberstep\cosmicleague_us\programs\cosmic.exe
FirewallRules: [UDP Query User{2834A1D0-6FEC-4AD5-848D-D7795806D793}C:\cyberstep\cosmicleague_us\programs\cosmic.exe] => (Block) C:\cyberstep\cosmicleague_us\programs\cosmic.exe

==================== Restore Points =========================

05-01-2016 04:45:37 Windows Update
07-01-2016 15:45:08 Windows Update
07-01-2016 16:25:50 Windows Update
07-01-2016 16:44:38 Windows Update
10-01-2016 11:56:12 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/10/2016 11:54:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/10/2016 11:54:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   22 1.8.D.3.2.D.4.5.4.0.8.E.4.A.0.8.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR bubba7882-PC-2.local.

Error: (01/10/2016 11:54:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.2:5353   20 1.8.D.3.2.D.4.5.4.0.8.E.4.A.0.8.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR bubba7882-PC.local.

Error: (01/10/2016 11:54:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   22 2.0.0.10.in-addr.arpa. PTR bubba7882-PC-2.local.

Error: (01/10/2016 11:54:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.2:5353   20 2.0.0.10.in-addr.arpa. PTR bubba7882-PC.local.

Error: (01/10/2016 11:54:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname bubba7882-PC.local already in use; will try bubba7882-PC-2.local instead

Error: (01/10/2016 11:54:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister   16 bubba7882-PC.local. AAAA FE80:0000:0000:0000:80A4:E804:54D2:3D81

Error: (01/10/2016 11:54:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.2:5353   16 bubba7882-PC.local. AAAA 2601:0280:C201:EADB:80A4:E804:54D2:3D81

Error: (01/10/2016 11:54:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:    4 bubba7882-PC.local. Addr 10.0.0.2

Error: (01/10/2016 11:54:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 0000000000DF9FD0 Our Record 2 won:  89F16986   16 bubba7882-PC.local. AAAA FE80:0000:0000:0000:80A4:E804:54D2:3D81

System errors:
=============
Error: (01/10/2016 11:56:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/10/2016 11:53:07 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:52:11 AM on ‎1/‎10/‎2016 was unexpected.

Error: (01/10/2016 11:01:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Streamer Network Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/10/2016 09:47:37 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (01/10/2016 09:47:37 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

==================== Memory info ===========================

Processor: Intel® Core™ i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 15%
Total physical RAM: 16268.41 MB
Available physical RAM: 13763.24 MB
Total Virtual: 32535.04 MB
Available Virtual: 29826.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1085.67 GB) NTFS
Drive d: (DEFI NA Mar '13) (CDROM) (Total:7.88 GB) (Free:0 GB) UDF
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Fixed) (Total:931.41 GB) (Free:45.44 GB) NTFS
Drive g: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: () (Removable) (Total:3.65 GB) (Free:3.65 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 68D7B06A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 322C18E4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================



#6 satchfan

satchfan

  • Malware Response Team
  • 2,722 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:48 AM

Posted 10 January 2016 - 06:16 PM

Please send the AdwCleaner log and let me know if there is any improvement.

 

Satchfan


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#7 bubba7882

bubba7882
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:48 AM

Posted 10 January 2016 - 06:58 PM

the log came up with nothing

#8 bubba7882

bubba7882
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:48 AM

Posted 10 January 2016 - 07:01 PM

# AdwCleaner v5.028 - Logfile created 10/01/2016 at 17:00:37
# Updated 04/01/2016 by Xplode
# Database : 2016-01-04.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : bubba7882 - BUBBA7882-PC
# Running from : H:\adwcleaner_5.028.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [576 bytes] ##########

#9 satchfan

satchfan

  • Malware Response Team
  • 2,722 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:48 AM

Posted 11 January 2016 - 03:57 AM

It's not a good idea to use registry cleaners/boosters besides which IOLO has a pretty bad reputation and some versions have been known to disable virus scanners which is why Windows Defender won’t turn on.

Apart from that, the usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid and erroneous entries does not affect system performance but it can result in "unpredictable results". Unless you have a particular problem that requires a registry edit to correct it, (and you are expert in the registry), I would suggest you leave the registry alone.

I strongly advise you to uninstall System Mechanic and any other cleaner/optimizer/booster/tuneup/tweak type utilities that you have on this or any other computer.

One of the malware experts, miekiemoes, has an excellent write-up here
Another excellent article by Bill Castner is located here

===================================================

You need to move Farbar Recovery Scan Tool to your desktop otherwise fixes will not work.

  • go to where you saved FRST, (H drive)
  • right click and select Cut
  • go to an empty spot on your desktop, right click and select Paste

Farbar Recovery Scan Tool should now be on your desktop.

Run Farbar Recovery Scan Tool

Open notepad. Please copy the contents of the code box below and paste it into Notepad.


HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\MountPoints2: {0a2ccf4b-89cc-11e4-b820-806e6f6e6963} - D:\setup.exe
GroupPolicyUsers\S-1-5-21-3614536588-2617517549-1861796641-1004\User: Restriction <======= ATTENTION
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
EmptyTemp:

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system


  • save the files as fixlist.txt in the same folder as FRST – NOTE: It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work
  • run FRST64 then click Fix just once and wait
  • it will create a log on your desktop, (Fixlog.txt); please post it to your reply.

================================================

Run Security Check

Download Security Check by screen317 from here or here.

  • save it to your Desktop.
  • double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • a Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE: If you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED!, try rebooting the system and then run SecurityCheck again.

================================================

Your AdwCleaner log shows that you have run it more than once. Please send AdwCleaner[S1].txt so that I can see what was previously found and deleted.

Logs to include with next post:

Fixlog.txt
checkup.txt
AdwCleaner[S1].txt


Thanks

Satchfan

 

 


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#10 bubba7882

bubba7882
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:48 AM

Posted 12 January 2016 - 05:46 PM

Fix result of Farbar Recovery Scan Tool (x64) Version:09-01-2015
Ran by bubba7882 (2016-01-12 15:40:40) Run:1
Running from C:\Users\bubba7882\Desktop
Loaded Profiles: bubba7882 (Available Profiles: bubba7882 & elijah)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\...\MountPoints2: {0a2ccf4b-89cc-11e4-b820-806e6f6e6963} - D:\setup.exe
GroupPolicyUsers\S-1-5-21-3614536588-2617517549-1861796641-1004\User: Restriction <======= ATTENTION
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
EmptyTemp:
*****************

"HKU\S-1-5-21-3614536588-2617517549-1861796641-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a2ccf4b-89cc-11e4-b820-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{0a2ccf4b-89cc-11e4-b820-806e6f6e6963} => key not found.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-3614536588-2617517549-1861796641-1004\User => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
BRDriver64_1_3_3_E02B25FC => service removed successfully
gdrv => service removed successfully
EmptyTemp: => 438 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 15:41:10 ====



#11 bubba7882

bubba7882
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:48 AM

Posted 12 January 2016 - 05:54 PM

Results of screen317's Security Check version 1.009 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
ESET NOD32 Antivirus 8.0  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Reader XI 
 Mozilla Firefox (43.0.4)
````````Process Check: objlist.exe by Laurent```````` 
 ESET NOD32 Antivirus egui.exe 
 ESET NOD32 Antivirus ekrn.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

 



#12 bubba7882

bubba7882
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:48 AM

Posted 12 January 2016 - 06:01 PM

# AdwCleaner v5.028 - Logfile created 10/01/2016 at 11:52:09
# Updated 04/01/2016 by Xplode
# Database : 2016-01-04.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : bubba7882 - BUBBA7882-PC
# Running from : C:\Users\bubba7882\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H7869Q9W\adwcleaner_5.028.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

[-] File Deleted : C:\END

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}

***** [ Web browsers ] *****

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1281 bytes] ##########


# AdwCleaner v5.028 - Logfile created 10/01/2016 at 11:43:20
# Updated 04/01/2016 by Xplode
# Database : 2016-01-04.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : bubba7882 - BUBBA7882-PC
# Running from : C:\Users\bubba7882\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H7869Q9W\adwcleaner_5.028.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

File Found : C:\END

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}

***** [ Web browsers ] *****

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1159 bytes] ##########



#13 satchfan

satchfan

  • Malware Response Team
  • 2,722 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:48 AM

Posted 13 January 2016 - 02:34 AM

Thank you for the logs.

How is your computer running now?


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#14 bubba7882

bubba7882
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:48 AM

Posted 14 January 2016 - 08:28 PM

its ok but my wifi sucks



#15 satchfan

satchfan

  • Malware Response Team
  • 2,722 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:48 AM

Posted 15 January 2016 - 09:34 AM

my wifi sucks

 

Let’s have a look with a different tool.

Run MiniToolBox

Note: When using the "Reset FF Proxy Settings" option, Firefox should be closed.

Please download MiniToolBox, save it to your desktop and run it.

Place a checkmark in the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List devices (Check Only Problems or No driver or All)
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Thanks

Satchfan


Edited by satchfan, 15 January 2016 - 09:38 AM.

My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users