Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox, Adobe Acrobat, etc. - not running


  • Please log in to reply
1 reply to this topic

#1 ivankaclinton

ivankaclinton

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 27 October 2017 - 12:07 PM

Hi there!

 

Something is preventing me from running several programs.

 

If memory serves me well I am supposed to paste the "first.txt" and "addition.txt" file here...

 

Here is "first.txt"

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2017
Ran by mickeymouse (administrator) on ASUSPC (27-10-2017 09:49:07)
Running from C:\Users\mickeymouse\Desktop
Loaded Profiles: mickeymouse (Available Profiles: mickeymouse)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\AstSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Bayer Healthcare LLC) C:\Program Files (x86)\Bayer HealthCare SmartLaunch\bin\BayerHCService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\DRScanner\DRScanner.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\Program Files (x86)\NetTime\NetTimeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Palm, Inc.) C:\Program Files (x86)\palmOne\HOTSYNC.EXE
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Adobe Systems Inc.) D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\NetTime\NetTime.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Wheatworks Software, LLC) C:\Program Files (x86)\SSC\SSC1003.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7158344 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc.)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-18] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-08-29] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-05-22] (cyberlink)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-01-17] (CANON INC.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [624248 2007-05-10] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0EYTHM] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NetTime] => C:\Program Files (x86)\NetTime\NetTime.exe [772096 2012-05-12] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\mickeymouse\AppData\Local\slack\Update.exe [1584656 2017-10-17] ()
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-09-18] (Apple Inc.)
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\MountPoints2: {1e387a38-4b6e-11e4-bece-d850e6c2cf2b} - "I:\AutoRun.exe" 
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\MountPoints2: {505cd13f-a084-11e6-bfa1-d850e6c2cf2b} - "K:\AutoRun.exe" 
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\MountPoints2: {5f186be1-9005-11e6-bf9a-d850e6c2cf2b} - "I:\LG_PC_Programs.exe" 
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\MountPoints2: {6baae71c-8b35-11e5-bf37-d850e6c2cf2b} - "K:\LG_PC_Programs.exe" 
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\MountPoints2: {966b7b29-3846-11e5-bf1e-d850e6c2cf2b} - "K:\LG_PC_Programs.exe" 
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [67384 2017-09-18] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2017-03-29]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2014-05-18]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
Startup: C:\Users\mickeymouse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HotSync Manager.lnk [2014-02-23]
ShortcutTarget: HotSync Manager.lnk -> C:\Program Files (x86)\palmOne\HOTSYNC.EXE (Palm, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{8AF8D45E-DA00-45B2-A2E9-2BE5CF3032E4}: [DhcpNameServer] 192.168.0.1 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-1644347244-160312638-2928786626-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D101717-A9FCDBB39EF&form=CONBDF&conlogo=CT3335799&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1644347244-160312638-2928786626-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D101717-A9FCDBB39EF&form=CONBDF&conlogo=CT3335799&q={searchTerms}
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems Incorporated)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> D:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16] (Adobe Systems Incorporated.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-20] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-20] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16] (Adobe Systems Incorporated.)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
 
FireFox:
========
FF ProfilePath: C:\Users\mickeymouse\AppData\Roaming\Mozilla\Firefox\Profiles\mewisx1q.default [2017-10-27]
FF NewTab: Mozilla\Firefox\Profiles\mewisx1q.default -> hxxp://www.bing.com/?pc=COSP&ptag=D101717-A9FCDBB39EF&form=CONMHP&conlogo=CT3335799
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\mewisx1q.default -> Bing®
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\mewisx1q.default -> Bing®
FF Homepage: Mozilla\Firefox\Profiles\mewisx1q.default -> hxxp://www.bing.com/?pc=COSP&ptag=D101717-A9FCDBB39EF&form=CONMHP&conlogo=CT3335799
FF Extension: (Scribd Downloader Free) - C:\Users\mickeymouse\AppData\Roaming\Mozilla\Firefox\Profiles\mewisx1q.default\Extensions\@scribddownload.xpi [2017-10-15]
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\mickeymouse\AppData\Roaming\Mozilla\Firefox\Profiles\mewisx1q.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-05-23]
FF Extension: (youtubetmadblock) - C:\Users\mickeymouse\AppData\Roaming\Mozilla\Firefox\Profiles\mewisx1q.default\Extensions\jid1-w4wG5nJhx4LJZr@jetpack.xpi [2017-04-19]
FF Extension: (FlashGot) - C:\Users\mickeymouse\AppData\Roaming\Mozilla\Firefox\Profiles\mewisx1q.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2017-01-29]
FF Extension: (Greasemonkey) - C:\Users\mickeymouse\AppData\Roaming\Mozilla\Firefox\Profiles\mewisx1q.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-10-15]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-15] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-15] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default [2017-10-26]
CHR Extension: (Slides) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-26]
CHR Extension: (Docs) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-26]
CHR Extension: (Google Drive) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-28]
CHR Extension: (YouTube) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-28]
CHR Extension: (Adblock for Youtube™) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-05-28]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2017-08-18]
CHR Extension: (Google Docs Offline) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-28]
CHR Extension: (Deluminate) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\iebboopaeangfpceklajfohhbpkkfiaa [2017-10-26]
CHR Extension: (Grammarly for Chrome) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-10-26]
CHR Extension: (WavesLiteApp) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfmcaklajknfekomaflnhkjjkcjabogm [2017-10-26]
CHR Extension: (MetaMask) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2017-10-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Gmail) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-28]
CHR Extension: (Chrome Media Router) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-10]
 
Opera: 
=======
OPR Extension: (AdBlock) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-05-17]
OPR Extension: (Ghostery) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2017-10-26]
OPR Extension: (Tic Tac Toe 5 in a row) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\dfaakjjdamafnfigpibbgbnjbbldmabl [2014-02-17]
OPR Extension: (HTTPS Everywhere) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\edaplhobcmdaneconioghljnnopmkhgm [2017-10-06]
OPR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2017-03-17]
OPR Extension: (YouTube Downloader) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba [2017-04-24]
OPR Extension: (Terms of Service; Didn’t Read) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\lolkidmnimmcadfncfemieniekkkabcn [2014-03-18]
OPR Extension: (Web2PDFConvert) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\nlkfhjhojmjhgacahkealjkffnmeicfl [2014-02-18]
OPR Extension: (SaveFrom.net helper) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2017-10-26]
OPR Extension: (Adblock Plus) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-10-06]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-16] (ASUSTeK Computer Inc.)
R2 Ast Service; C:\WINDOWS\SysWOW64\\AstSrv.exe [57344 2007-02-16] (Nalpeiron Ltd.) [File not signed]
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-18] () [File not signed]
R2 BayerHealthcareService; C:\Program Files (x86)\Bayer HealthCare SmartLaunch\bin\BayerHCService.exe [162232 2012-10-30] (Bayer Healthcare LLC)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-05-23] (CyberLink)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2015-02-18] (Macrovision Europe Ltd.) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2017-07-18] (Ellora Assets Corp.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-02-15] (Intel Corporation)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE [2541248 2006-10-31] (Symantec Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 NetTimeSvc; C:\Program Files (x86)\NetTime\NetTimeService.exe [473088 2012-05-12] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1254736 2017-04-11] (Bitdefender)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [File not signed]
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-07-04] (Ralink Technology, Corp.) [File not signed]
S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [100392 2017-08-29] (Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [100392 2017-08-29] (Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [100392 2017-08-29] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe [437392 2016-10-10] (Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [116368 2016-10-18] (Wondershare)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R0 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1019880 2017-10-13] (BitDefender S.R.L. Bucharest, ROMANIA)
R3 AU8168; C:\WINDOWS\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1763744 2017-08-29] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Bitdefender Antivirus Free\bdfwfpf.sys [127312 2016-02-22] (BitDefender LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [250504 2017-10-06] (BitDefender S.R.L. Bucharest, ROMANIA)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-10-04] ()
R0 gzflt; C:\WINDOWS\System32\drivers\gzflt.sys [187688 2017-07-24] (BitDefender LLC)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [192952 2017-10-16] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-10-26] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45504 2017-10-26] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-10-16] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-10-27] (Malwarebytes)
R3 MTKSCVAD; C:\WINDOWS\system32\drivers\mtkvadx.sys [44544 2012-07-16] (Ralink Technology, Corp.)
U3 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [14304 1999-07-28] () [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-10-27 09:49 - 2017-10-27 09:49 - 000030522 _____ C:\Users\mickeymouse\Desktop\FRST.txt
2017-10-26 23:36 - 2017-10-26 23:36 - 000003644 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-10-26 23:26 - 2017-10-26 23:26 - 008250832 _____ (Malwarebytes) C:\Users\mickeymouse\Desktop\adwcleaner_7.0.3.1.exe
2017-10-26 23:08 - 2017-10-26 23:08 - 001210848 _____ (Adobe Systems Incorporated) C:\Users\mickeymouse\Desktop\reader11_en_fa_install.exe
2017-10-26 23:07 - 2017-10-26 23:53 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-10-26 23:06 - 2017-10-26 23:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-10-26 23:06 - 2017-10-26 23:06 - 000002074 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-10-26 13:23 - 2017-10-26 13:23 - 000651191 _____ C:\Users\mickeymouse\Desktop\tokenpaper.pdf
2017-10-25 12:39 - 2017-10-25 12:39 - 000003066 _____ C:\Users\mickeymouse\Desktop\SFF.pdf
2017-10-22 21:21 - 2017-10-22 21:21 - 000000000 ____D C:\Users\mickeymouse\AppData\LocalLow\uTorrent
2017-10-19 13:02 - 2017-10-19 13:02 - 000000000 ____D C:\Users\mickeymouse\Documents\Monero
2017-10-17 15:29 - 2017-10-27 02:37 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-10-17 15:29 - 2017-10-26 23:35 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-10-16 17:39 - 2017-10-16 17:39 - 000003128 _____ C:\WINDOWS\System32\Tasks\DRScanner Startup
2017-10-16 17:39 - 2017-10-16 17:39 - 000002061 _____ C:\Users\Public\Desktop\HouseCall for Home IoT Devices.lnk
2017-10-16 17:39 - 2017-10-16 17:39 - 000000000 ____D C:\Users\mickeymouse\AppData\Local\Trend Micro
2017-10-16 17:39 - 2017-10-16 17:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HouseCall for Home IoT Devices
2017-10-16 17:38 - 2017-10-16 17:38 - 000000000 ____D C:\Program Files (x86)\Trend Micro
2017-10-16 17:33 - 2017-10-16 17:34 - 000000000 ____D C:\ProgramData\Trend Micro
2017-10-16 17:11 - 2017-10-16 17:11 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-10-16 17:11 - 2017-10-16 17:11 - 000001890 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-10-16 17:11 - 2017-10-16 17:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-10-16 17:11 - 2017-10-16 17:11 - 000000000 ____D C:\ProgramData\MB2Migration
2017-10-16 17:11 - 2017-10-16 17:11 - 000000000 ____D C:\Program Files\Malwarebytes
2017-10-16 17:11 - 2017-10-04 13:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-10-16 17:02 - 2017-10-26 23:29 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\Lavasoft
2017-10-16 17:02 - 2017-10-26 23:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2017-10-16 17:02 - 2017-10-26 23:29 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2017-10-16 17:02 - 2017-10-16 17:02 - 000000000 ____D C:\Users\mickeymouse\AppData\Local\Lavasoft
2017-10-16 17:01 - 2017-10-26 23:29 - 000000000 ____D C:\ProgramData\Lavasoft
2017-10-16 17:01 - 2017-10-16 17:01 - 000000909 _____ C:\Users\mickeymouse\Desktop\µTorrent.lnk
2017-10-15 22:40 - 2017-10-15 22:40 - 001691437 _____ C:\Users\mickeymouse\Desktop\_pol_ - I need info - Politically Incorrect - 4chan.pdf
2017-10-15 22:30 - 2017-10-15 22:30 - 000135700 _____ C:\Users\mickeymouse\Desktop\_pol_ - Politically Incorrect » Searching for posts with the unique id ‘LAbNFEtv’_.pdf
2017-10-15 17:20 - 2017-10-15 17:20 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\UmmyVideoDownloader
2017-10-15 17:20 - 2017-10-15 17:20 - 000000000 ____D C:\Users\mickeymouse\AppData\Local\{C1C46F64-CDA0-44F3-B198-D652F918E413}
2017-10-15 17:20 - 2017-10-15 17:20 - 000000000 ____D C:\Users\mickeymouse\AppData\Local\{6859D162-847E-4525-84F5-77CE958BACA9}
2017-10-15 17:19 - 2017-10-15 17:19 - 000000000 ____D C:\Users\mickeymouse\AppData\Local\{0F376500-DFBE-47DE-A1F0-B86761A82BF2}
2017-10-15 17:18 - 2017-10-15 17:18 - 000002407 _____ C:\Users\mickeymouse\AppData\Roaming\Microsoft\Windows\Start Menu\Ummy Video Downloader.lnk
2017-10-15 17:18 - 2017-10-15 17:18 - 000002383 _____ C:\Users\mickeymouse\Desktop\Ummy Video Downloader.lnk
2017-10-15 17:18 - 2017-10-15 17:18 - 000000000 ____D C:\Program Files (x86)\Mirzahaji.blogspot.com
2017-10-15 17:17 - 2017-10-15 17:17 - 000000000 ____D C:\Users\mickeymouse\Desktop\UMMY
2017-10-15 17:16 - 2017-10-15 17:16 - 028166351 _____ C:\Users\mickeymouse\Desktop\Ummy Youtube Video Downloader.rar
2017-10-15 10:02 - 2017-10-15 10:02 - 000180044 _____ C:\Users\mickeymouse\Desktop\Monday, 3_7 reversal date.pdf
2017-10-15 09:56 - 2017-10-15 09:56 - 000120987 _____ C:\Users\mickeymouse\Desktop\MurreyMath Rules (1).pdf
2017-10-15 09:51 - 2017-10-15 09:51 - 000150189 _____ C:\Users\mickeymouse\Desktop\160167906-Automatic-Reversal-Days-2012.pdf
2017-10-15 09:51 - 2017-10-15 09:51 - 000129794 _____ C:\Users\mickeymouse\Desktop\277805891-Setting-Gann-and-Murrey-Math.pdf
2017-10-15 09:50 - 2017-10-15 09:50 - 000063650 _____ C:\Users\mickeymouse\Desktop\39931449-The-Murrey-Math-Trading-System.pdf
2017-10-15 09:48 - 2017-10-15 09:49 - 039835273 _____ C:\Users\mickeymouse\Desktop\213972934-How-to-Study-Divisional-Charts-V-K-CHOUDHRY.pdf
2017-10-15 09:47 - 2017-10-15 09:47 - 021942260 _____ C:\Users\mickeymouse\Desktop\228933054-Conjunction-of-Planets.pdf
2017-10-15 09:45 - 2017-10-15 09:47 - 048502031 _____ C:\Users\mickeymouse\Desktop\318474748-250256424-Astrology-at-the-Speed-of-Light-PDF.pdf
2017-10-14 22:54 - 2017-10-14 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-10-14 22:53 - 2017-10-14 22:53 - 000001766 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-10-14 22:53 - 2017-10-14 22:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-10-14 22:53 - 2017-10-14 22:53 - 000000000 ____D C:\Program Files\iTunes
2017-10-14 22:53 - 2017-10-14 22:53 - 000000000 ____D C:\Program Files\iPod
2017-10-14 22:47 - 2017-10-14 22:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-10-14 22:47 - 2017-10-14 22:47 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2017-10-14 03:46 - 2017-10-14 03:46 - 000002248 _____ C:\Users\mickeymouse\Desktop\Brave.lnk
2017-10-14 03:46 - 2017-10-14 03:46 - 000000000 ____D C:\Users\mickeymouse\AppData\Local\brave
2017-10-12 16:45 - 2017-10-12 16:45 - 011365376 _____ C:\Users\mickeymouse\Desktop\66.pdf
2017-10-12 15:51 - 2017-10-12 15:51 - 000000000 ____D C:\Users\mickeymouse\AppData\Local\exodus
2017-10-12 09:34 - 2017-10-12 09:35 - 025745306 _____ C:\Users\mickeymouse\Desktop\Amazon flex part 1 - Introduction Video.mp4
2017-10-11 08:40 - 2017-10-11 08:40 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\SumokoinGUIWallet
2017-10-11 08:40 - 2017-10-11 08:40 - 000000000 ____D C:\ProgramData\SumokoinGUIWallet
2017-10-11 08:40 - 2017-10-11 08:40 - 000000000 ____D C:\ProgramData\sumokoin
2017-10-08 21:28 - 2017-10-12 15:45 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\Exodus Eden
2017-10-08 21:27 - 2017-10-08 21:28 - 000000000 ____D C:\Users\mickeymouse\AppData\Local\exodus-eden
2017-10-08 21:27 - 2017-10-08 21:27 - 000002387 _____ C:\Users\mickeymouse\Desktop\ExodusEden.lnk
2017-10-07 22:54 - 2017-10-07 22:54 - 000633110 _____ C:\Users\mickeymouse\Desktop\Drame Mitke korektura.pdf
2017-10-06 16:40 - 2017-10-25 01:33 - 000000000 ____D C:\Users\mickeymouse\Documents\ViberDownloads
2017-10-06 16:39 - 2017-10-22 20:23 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\ViberPC
2017-10-06 16:39 - 2017-10-06 16:39 - 000001014 _____ C:\Users\mickeymouse\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk
2017-10-06 16:39 - 2017-10-06 16:39 - 000001012 _____ C:\Users\mickeymouse\Desktop\Viber.lnk
2017-10-06 16:39 - 2017-10-06 16:39 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber
2017-10-06 16:39 - 2017-10-06 16:39 - 000000000 ____D C:\Users\mickeymouse\AppData\Local\Viber Media S.à r.l
2017-10-06 16:39 - 2017-10-06 16:39 - 000000000 ____D C:\Users\mickeymouse\AppData\Local\Viber
2017-10-06 16:39 - 2017-10-06 16:39 - 000000000 ____D C:\Users\mickeymouse\AppData\Local\Package Cache
2017-10-06 16:39 - 2017-10-06 16:39 - 000000000 ____D C:\Users\mickeymouse\AppData\Local\cache
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-10-27 09:49 - 2017-04-18 19:53 - 000000000 ____D C:\FRST
2017-10-27 09:36 - 2017-06-28 04:02 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2017-10-27 09:35 - 2016-12-26 18:11 - 000000000 ____D C:\Program Files\Bitdefender Agent
2017-10-27 07:39 - 2013-08-22 06:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2017-10-27 05:00 - 2013-08-22 06:36 - 000000000 ____D C:\WINDOWS\Inf
2017-10-27 01:23 - 2017-06-06 15:40 - 000000000 ____D C:\Users\mickeymouse\Desktop\D A T A  AAA
2017-10-27 00:27 - 2014-02-09 05:11 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1644347244-160312638-2928786626-1001
2017-10-26 23:37 - 2017-04-17 10:21 - 000000000 ____D C:\AdwCleaner
2017-10-26 23:35 - 2017-06-30 20:05 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\Slack
2017-10-26 23:35 - 2014-02-18 21:27 - 007650304 ___SH C:\Users\mickeymouse\Desktop\Thumbs.db
2017-10-26 23:35 - 2014-02-12 18:07 - 000045504 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-10-26 23:34 - 2014-02-09 22:28 - 000000000 ____D C:\ProgramData\NVIDIA
2017-10-26 23:34 - 2013-08-22 07:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-26 23:20 - 2017-04-18 19:44 - 002403328 _____ (Farbar) C:\Users\mickeymouse\Desktop\FRST64.exe
2017-10-26 23:11 - 2014-02-12 18:25 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\uTorrent
2017-10-26 23:07 - 2014-08-18 18:27 - 000000000 ____D C:\Users\mickeymouse\AppData\Local\Adobe
2017-10-26 23:06 - 2013-08-29 03:17 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-10-26 22:58 - 2013-08-29 03:17 - 000000000 ____D C:\ProgramData\Adobe
2017-10-26 09:55 - 2016-11-28 22:20 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\Kodi
2017-10-26 06:38 - 2014-06-11 15:23 - 000003842 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1392252495
2017-10-26 06:38 - 2014-02-12 17:48 - 000000000 ____D C:\Program Files (x86)\Opera
2017-10-24 22:32 - 2016-12-21 22:21 - 000000000 ____D C:\Users\mickeymouse\AppData\LocalLow\Mozilla
2017-10-22 21:36 - 2014-02-14 11:55 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\vlc
2017-10-22 20:31 - 2016-09-29 16:46 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\brave
2017-10-21 14:05 - 2017-07-21 19:37 - 000000000 ____D C:\Users\mickeymouse\Desktop\T i t o
2017-10-19 13:34 - 2017-04-02 03:31 - 000000000 ____D C:\ProgramData\bitmonero
2017-10-18 16:50 - 2015-11-05 17:03 - 000004434 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-18 16:50 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-18 16:50 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-18 07:44 - 2013-08-22 06:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2017-10-17 22:59 - 2017-06-30 20:05 - 000002206 _____ C:\Users\mickeymouse\Desktop\Slack.lnk
2017-10-17 22:59 - 2017-06-30 20:05 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies
2017-10-17 22:59 - 2017-06-30 20:05 - 000000000 ____D C:\Users\mickeymouse\AppData\Local\slack
2017-10-17 22:59 - 2016-09-29 16:46 - 000000000 ____D C:\Users\mickeymouse\AppData\Local\SquirrelTemp
2017-10-17 10:03 - 2016-03-27 05:48 - 000030025 _____ C:\Users\mickeymouse\Desktop\pspbrwse.jbf
2017-10-16 17:11 - 2015-07-22 11:40 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-10-16 17:11 - 2015-07-22 11:39 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-10-16 17:11 - 2014-02-12 18:07 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-16 17:01 - 2014-02-23 23:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-16 17:01 - 2014-02-12 18:26 - 000000889 _____ C:\Users\mickeymouse\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-10-14 22:55 - 2015-01-20 18:42 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-10-14 22:55 - 2014-11-17 15:05 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\Apple Computer
2017-10-14 22:55 - 2014-11-17 15:05 - 000000000 ____D C:\Users\mickeymouse\AppData\Local\Apple Computer
2017-10-14 22:52 - 2014-11-17 15:03 - 000000000 ____D C:\Program Files\Common Files\Apple
2017-10-14 22:47 - 2014-11-17 15:03 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-10-14 03:46 - 2017-09-03 02:53 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave Software
2017-10-13 00:20 - 2017-06-28 04:03 - 001019880 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2017-10-12 15:52 - 2017-06-02 17:56 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\Exodus
2017-10-12 15:51 - 2017-06-02 17:56 - 000002294 _____ C:\Users\mickeymouse\Desktop\Exodus.lnk
2017-10-12 15:51 - 2017-06-02 17:56 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc
2017-10-12 15:39 - 2017-07-13 18:26 - 000000000 ____D C:\Users\mickeymouse\Desktop\X-RAY
2017-10-08 19:49 - 2014-02-09 05:03 - 000000000 ____D C:\Users\mickeymouse\AppData\Roaming\Adobe
2017-10-07 08:17 - 2014-02-14 11:37 - 000000000 ____D C:\ProgramData\Freemake
2017-10-07 08:16 - 2014-02-14 11:37 - 000001355 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2017-10-07 08:16 - 2014-02-14 11:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2017-10-06 15:49 - 2017-06-28 04:03 - 000250504 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys
2017-10-06 15:31 - 2017-05-28 12:45 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
 
==================== Files in the root of some directories =======
 
2017-02-12 10:49 - 2017-02-12 10:49 - 000000132 _____ () C:\Users\mickeymouse\AppData\Roaming\Adobe GIF Format CS6 Prefs
2017-03-19 23:01 - 2017-05-21 08:41 - 000000056 _____ () C:\Users\mickeymouse\AppData\Roaming\Stock Calculator.ini
2015-05-21 13:29 - 2015-11-24 21:57 - 000007168 _____ () C:\Users\mickeymouse\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-20 13:51 - 2017-04-09 21:51 - 000004096 ____H () C:\Users\mickeymouse\AppData\Local\keyfile3.drm
2014-03-06 12:24 - 2014-03-06 12:24 - 000000017 _____ () C:\Users\mickeymouse\AppData\Local\resmon.resmoncfg
2015-01-23 10:06 - 2015-01-23 10:06 - 000353118 _____ () C:\Users\mickeymouse\AppData\Local\SquareClock.Production_HBMV1Icon.ico
2017-05-21 16:12 - 2017-05-21 16:12 - 000001587 _____ () C:\ProgramData\agent.1495408377.bdinstall.bin
2017-06-28 03:43 - 2017-06-28 03:43 - 000047030 _____ () C:\ProgramData\agent.1498646611.bdinstall.bin
2017-06-28 17:51 - 2017-06-28 17:51 - 000030975 _____ () C:\ProgramData\agent.update.1498697478.bdinstall.bin
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-10-26 04:00
 
==================== End of FRST.txt ============================
 
 
 
 
Here is "addition.txt".
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2017
Ran by mickeymouse (27-10-2017 09:49:42)
Running from C:\Users\mickeymouse\Desktop
Windows 8.1 (Update) (X64) (2014-02-10 05:48:27)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1644347244-160312638-2928786626-500 - Administrator - Disabled)
Guest (S-1-5-21-1644347244-160312638-2928786626-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1644347244-160312638-2928786626-1004 - Limited - Enabled)
mickeymouse (S-1-5-21-1644347244-160312638-2928786626-1001 - Administrator - Enabled) => C:\Users\mickeymouse
UpdatusUser (S-1-5-21-1644347244-160312638-2928786626-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
Add or Remove Adobe Creative Suite 3 Master Collection (HKLM-x32\...\Adobe_4dcfd9b7e901b57f81f667144603236) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}) (Version: 9.0.45.0 - Adobe Systems, Inc.)
AHV content for Acrobat and Flash (HKLM-x32\...\{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}) (Version: 1 - Adobe Systems Incorporated) Hidden
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.01 - ASUSTeK Computer Inc.)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\{5DA7ED45-2322-45AA-99B6-B8F94EBF859F}) (Version: 20.06.6362.4423 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\InstallShield_{5DA7ED45-2322-45AA-99B6-B8F94EBF859F}) (Version: 20.06.6362.4423 - Alcor Micro Corp.)
Apple Application Support (32-bit) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.03.00 - ASUSTeK Computer Inc.)
ASUS Easy Update 2 (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 3.00.06 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM\...\{5E00D8DF-905B-41C7-B562-C126DE3A4167}) (Version: 18.0.3.3 - MAGIX AG) Hidden
ASUS Music Maker (HKLM-x32\...\MAGIX_{5E00D8DF-905B-41C7-B562-C126DE3A4167}) (Version: 18.0.3.3 - MAGIX AG)
ASUS MX Suite (HKLM\...\{9204F334-2A46-49F1-89C4-65CEB7AC1974}) (Version: 1.13.0.121 - MAGIX AG) Hidden
ASUS MX Suite (HKLM-x32\...\MAGIX_{9204F334-2A46-49F1-89C4-65CEB7AC1974}) (Version: 1.13.0.121 - MAGIX AG)
ASUS Video easy (HKLM\...\{7DB84618-76E3-4999-A9A0-D7D756E14129}) (Version: 3.0.1.42 - MAGIX AG) Hidden
ASUS Video easy (HKLM-x32\...\MAGIX_{7DB84618-76E3-4999-A9A0-D7D756E14129}) (Version: 3.0.1.42 - MAGIX AG)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4127.52 - CyberLink Corp.) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4127.52 - CyberLink Corp.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 5.1 - Autodesk, Inc.)
BB FlashBack Express 5 (HKLM-x32\...\BB FlashBack Express 5) (Version: 5.7.0.3607 - Blueberry)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bisq (HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\{io.bisq.gui.app}}_is1) (Version: 0.5.3 - Bisq)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.8.20 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brave (HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\brave) (Version: 0.19.48 - Brave Software)
Canon CanoScan LiDE 120 On-screen Manual (HKLM-x32\...\Canon CanoScan LiDE 120 On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.11.1 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.0 - Canon Inc.)
CanoScan LiDE 120 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2415) (Version: 1.00 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Command & Conquer Tiberian Sun (HKLM-x32\...\Tiberian Sun) (Version:  - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.06 - ASUSTeK Computer Inc.)
EmeraldWallet 0.2.0 (only current user) (HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\e78f9130-878e-5e2a-a5da-7e9f5c0a7222) (Version: 0.2.0 - Igor Artamonov)
Exodus (HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\exodus) (Version: 1.35.5 - Exodus Movement Inc)
ExodusEden (HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\exodus-eden) (Version: 1.32.0 - Exodus Movement Inc)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Fotogalerie (HKLM-x32\...\{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.0 - Ellora Assets Corporation)
Galeria de Fotografias (HKLM-x32\...\{6DFF6F1B-F876-4007-AC82-42D5DDF0E090}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{F7314CA2-F900-46D7-9EA1-FBDD9D73F765}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GLUCOFACTS™ Deluxe Smart Launch (HKLM-x32\...\{8C3ADE22-5B38-4331-A75C-00E116128D3D}) (Version: 1.21.01 - Bayer HealthCare)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HGTV Home & Landscape Platinum Suite (HKLM-x32\...\{FDA11A0A-9D5A-4E0E-9975-3FF131B03461}) (Version: 12.01 - Nova Development) Hidden
HGTV Home & Landscape Platinum Suite (HKLM-x32\...\InstallShield_{FDA11A0A-9D5A-4E0E-9975-3FF131B03461}) (Version: 12.01 - Nova Development)
HouseCall for Home IoT Devices (HKLM\...\DRScanner) (Version: 3.0.1066 - Trend Micro Inc.)
iCloud (HKLM\...\{7464D896-C63C-412E-8ED3-3261C9F14E21}) (Version: 7.0.1.210 - Apple Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{94E81D4F-FB5A-4B29-B385-33896CC9BE7E}) (Version: 12.7.0.166 - Apple Inc.)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Kingo ROOT version 1.2.7.2149 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.2.7.2149 - Kingosoft Technology Ltd.)
Kodi (HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\Kodi) (Version:  - XBMC-Foundation)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
Lisk Nano 1.0.2 (only current user) (HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\5cb54643-a0c0-58ee-97a6-2ab7b13c24f7) (Version: 1.0.2 - Lisk Foundation)
LiveUpdate 3.2 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.2.0.26 - Symantec Corporation)
Magic ISO Maker v5.4 (build 0239) (HKLM-x32\...\Magic ISO Maker v5.4 (build 0239)) (Version:  - )
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
MetaStock Professional 10.1 (HKLM-x32\...\MetaStock Professional 10.1) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM-x32\...\{90170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{268F956D-2FE7-4D10-8070-A4AC3BEF54EF}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{4FB56489-F34B-42AA-9437-FB9E0B0543F7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{7693587D-5D66-4208-ABEA-C370217D1D9B}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B1865FCC-BE34-4800-AF2F-FB0120821B6A}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DE9C585C-8578-4A8A-B92A-BA8DF2540E21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{E169436E-49D8-419B-A5C0-D245EAF99611}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F25C8769-16B6-4B19-BB0B-76F213829AC6}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 51.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 en-US)) (Version: 51.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Murrey Math RT eSignal Version 36.5 (HKLM-x32\...\Murrey Math RT eSignal_is1) (Version:  - Murrey Math Inc)
MurreyMath EOD 2015 Version 38 (HKLM-x32\...\MurreyMath EOD_is1) (Version:  - MurreyMath Marketing)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.2.11000.12.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}) (Version: 10.5.10300 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10300.0.102 - Nero AG)
NetTime (HKLM-x32\...\NetTime_is1) (Version:  - Mark Griffiths)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA 3D Vision Controller Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Opera Stable 48.0.2685.52 (HKLM-x32\...\Opera 48.0.2685.52) (Version: 48.0.2685.52 - Opera Software)
Paint Shop Pro 5.0 (HKLM-x32\...\Paint Shop Pro 5.0) (Version:  - )
Palm Desktop (HKLM-x32\...\{E89D78B8-28F7-412F-8B26-C684739CBBDC}) (Version: 4.1.0410 - Palm, Inc.)
PDF Settings (HKLM-x32\...\{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Raccolta foto (HKLM-x32\...\{FA6BC7A5-85B3-4DC2-825C-D508E386151A}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.19.2 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Screencast-O-Matic (HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\Screencast-O-Matic) (Version:  - Screencast-O-Matic)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.13.65 - NVIDIA Corporation) Hidden
SimSolar v2.0 (HKLM-x32\...\SimSolar_is1) (Version:  - Engineering Power Tools Software)
SketchUp 2015 (HKLM\...\{319CD380-1AAB-4CAD-BE1D-59189A780FA6}) (Version: 15.2.685 - Trimble Navigation Limited)
Slack (HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\slack) (Version: 2.8.2 - Slack Technologies)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Ummy Video Downloader 1.7.2.2 (HKLM-x32\...\Ummy Video Downloader 1.7.2.2) (Version:  - )
Viber (HKLM-x32\...\{FD0A4A74-9CF1-4619-A691-8B520E700A6D}) (Version: 6.9.6.16 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\{cbbefdcb-c7ee-4854-a1bc-c96d22b9d367}) (Version: 6.9.6.16 - Viber Media Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Waterfox 54.0.0.1 (x64 en-US) (HKLM\...\Waterfox 54.0.0.1 (x64 en-US)) (Version: 54.0.0.1 - Waterfox Ltd)
Web Companion (HKLM-x32\...\{13552b0c-d97d-4edd-9bd3-2c91bff37358}) (Version: 3.2.1708.3237 - Lavasoft)
Westwood Shared Internet Components (HKLM-x32\...\WOLAPI) (Version:  - )
Why ASUS PC (HKLM-x32\...\{5648F9D9-299E-408C-AC1F-59DC75894A1F}) (Version: 1.00.02 - ASUSTeK Computer Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
Wise Memory Optimizer 3.49 (HKLM-x32\...\Wise Memory Optimizer_is1) (Version: 3.49 - WiseCleaner.com, Inc.)
Wondershare MobileGo(Version 8.2.3) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.2.3 - Wondershare)
Συλλογή φωτογραφιών (HKLM-x32\...\{032CB0D7-FDBF-4CA9-901B-A4C1B01B1777}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
影像中心 (HKLM-x32\...\{7DB15F28-5E38-476A-A773-EA07EAEAB1B3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
照片库 (HKLM-x32\...\{25716F85-7DB7-4CB4-8BD3-1992DBA3F59C}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1644347244-160312638-2928786626-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\mickeymouse\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1644347244-160312638-2928786626-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\mickeymouse\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1644347244-160312638-2928786626-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\mickeymouse\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1644347244-160312638-2928786626-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\mickeymouse\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1644347244-160312638-2928786626-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\mickeymouse\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2007-05-11] (Adobe Systems Inc.)
ContextMenuHandlers1: [BB FlashBack 2] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> No File
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2014-02-05] (Piriform Ltd)
ContextMenuHandlers1-x32: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh.dll [2006-06-05] (MagicISO, Inc.)
ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-09-18] (Apple Inc.)
ContextMenuHandlers1-x32: [QuickShare] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> No File
ContextMenuHandlers1-x32-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-12-26] ()
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4-x32: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh.dll [2006-06-05] (MagicISO, Inc.)
ContextMenuHandlers4-x32: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd)
ContextMenuHandlers4-x32-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-12-26] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2014-11-12] (NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2007-05-11] (Adobe Systems Inc.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2014-02-05] (Piriform Ltd)
ContextMenuHandlers6-x32: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh.dll [2006-06-05] (MagicISO, Inc.)
ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6-x32: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd)
ContextMenuHandlers6-x32-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-12-26] ()
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1ED672C4-EBB9-4243-88D3-1361D669A23B} - System32\Tasks\Opera scheduled Autoupdate 1392252495 => C:\Program Files (x86)\Opera\launcher.exe [2017-10-23] (Opera Software)
Task: {21F69C03-E75B-482F-8110-9709C50A5C13} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {21F69C03-E75B-482F-8110-9709C50A5C13} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\WINDOWS\system32\GWX\GWXDetector.exe [2015-12-04] (Microsoft Corporation)
Task: {244D7FDB-1700-4ECA-86D9-CD7429FA17A7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {2D6A584C-D6DF-4F32-BC3E-544935F9518D} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {518CEAFF-5A6E-460C-886A-5CEB4948A364} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {518CEAFF-5A6E-460C-886A-5CEB4948A364} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\WINDOWS\system32\GWX\GWXDetector.exe [2015-12-04] (Microsoft Corporation)
Task: {5DB8FCD6-EFB8-4AFF-9414-CD99A13ACE5C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {6FA2155F-7AAC-4845-BEDB-0E952A9D4418} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {7C9266BA-4B43-4DF7-8F1D-91BFEAFD833E} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {7C9266BA-4B43-4DF7-8F1D-91BFEAFD833E} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {7C9266BA-4B43-4DF7-8F1D-91BFEAFD833E} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\WINDOWS\system32\GWX\GWXDetector.exe [2015-12-04] (Microsoft Corporation)
Task: {8EF130F4-B9CB-4476-8A02-5463BF0A914D} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {92A63569-5466-47AF-B0F0-0179179E0F7F} - System32\Tasks\DRScanner Startup => C:\Program Files (x86)\Trend Micro\DRScanner\DRScanner.exe [2017-08-24] (Trend Micro Inc.)
Task: {C15349CC-1B5E-429D-A6B4-45E99AC5B618} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe [2017-10-18] (Adobe Systems Incorporated)
Task: {C86A40B0-9750-4D0A-8233-05B5C9FD1CA3} - System32\Tasks\{D2853FAE-9721-4F62-879F-285D2F406100} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\mickeymouse\Desktop\WG111_SW1.2Beta13\AUTORUN.exe -d C:\Users\mickeymouse\Desktop\WG111_SW1.2Beta13
Task: {C9F5415D-FD2F-41F3-8D3B-23F0ACA87935} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {D0FC5012-998A-41C1-BE08-2AA1359F9069} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {D0FC5012-998A-41C1-BE08-2AA1359F9069} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\WINDOWS\system32\GWX\GWXDetector.exe [2015-12-04] (Microsoft Corporation)
Task: {E3EC89F0-0A5F-469E-A65C-12D5D4FFB00E} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {F7F585F3-970E-4EAC-926B-C65AA7F11B1C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {F840152A-7F2B-4E7D-A38E-4929A9215A89} - System32\Tasks\ASUS\ASUS Easy Update 2 => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [2013-04-01] (ASUSTeK Computer Inc.)
Task: {F896EEC2-8629-43AB-8163-108477FF9BE0} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-04-11] (Bitdefender)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\mickeymouse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\WavesLiteApp.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=kfmcaklajknfekomaflnhkjjkcjabogm
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-02-09 22:28 - 2014-11-12 14:56 - 000118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-29 03:18 - 2012-06-01 02:42 - 000920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2012-12-18 23:10 - 2012-12-18 23:10 - 000072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2015-01-20 18:42 - 2013-06-28 08:28 - 000084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-07-16 21:59 - 2012-05-12 01:27 - 000473088 _____ () C:\Program Files (x86)\NetTime\NetTimeService.exe
2017-06-28 04:03 - 2016-04-16 21:07 - 000280576 _____ () C:\Program Files\Bitdefender Antivirus Free\txmlutil.dll
2017-06-28 04:03 - 2017-02-07 12:29 - 001008448 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpbr.mdl
2017-06-28 04:03 - 2017-02-07 12:29 - 000541952 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpdsp.mdl
2017-06-28 04:03 - 2017-02-07 12:29 - 003243920 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpph.mdl
2017-06-28 04:03 - 2017-02-07 12:29 - 001544568 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttprbl.mdl
2017-10-16 17:11 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-10-16 17:11 - 2017-10-04 13:15 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-07-16 21:59 - 2012-05-12 09:28 - 000772096 _____ () C:\Program Files (x86)\NetTime\NetTime.exe
2013-08-29 03:18 - 2017-10-26 23:34 - 000025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-08-29 03:18 - 2010-06-28 19:58 - 000104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2017-10-16 17:38 - 2017-08-24 01:22 - 003068560 _____ () C:\Program Files (x86)\Trend Micro\DRScanner\sdk\DrsSDK.dll
2014-05-18 12:58 - 2012-10-12 22:56 - 001210256 _____ () C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll
2013-11-05 12:29 - 2013-02-15 17:15 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:AstInfo [0]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\localhost -> localhost
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2016-12-26 20:39 - 000000850 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ASUSPRP"
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{EDC0A538-E581-4AF3-A4B3-D79EA4422FC4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{64FBC398-B9A2-4348-B783-F62E117EEDB4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{8159B81B-FC68-457D-9017-AE7B6A5E77B9}] => (Allow) LPort=1900
FirewallRules: [{976399C4-32B2-4797-B806-5A0D16A15331}] => (Allow) LPort=2869
FirewallRules: [{8B8BEFCB-2F93-48D2-951C-57D747FE9053}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7937EFDE-5505-45D5-AA4E-ABEBBAA95BEF}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{A3431218-B857-4F1E-A762-DA6B4933C5C6}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{59DCC091-F32E-4699-8AFC-19930AD77AB3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C091CC8B-9446-455F-8FC4-BA4C90CD0EB7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B2955A09-87C1-47A5-8FB2-BA664EDE4891}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4B06E623-B5C3-4254-9A46-967301530349}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7B1C803E-28A7-43B8-876E-626366A577E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DE077ADC-7F56-410C-B5D1-209A95107690}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4B792494-7BCD-4E36-BF96-4DAD7866B2E0}] => (Allow) C:\Users\mickeymouse\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F410F3F2-5E54-4AA4-BA60-053F6DF75B54}] => (Allow) C:\Users\mickeymouse\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5F3A3B06-51DC-4948-A2C6-CD1002DA10E4}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{C74E23E3-4F69-4211-AF3E-6854E6DB7B51}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{40F86063-D6DD-4061-8079-CB73968716D9}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{404DB81A-6BB4-4884-87CA-C0779A03AD22}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{41847978-E85D-4BFF-AFE5-1A474061B0EA}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{1CE8781F-7E2F-43C2-9D53-0815D1C995DE}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [TCP Query User{CDC62211-A18E-4C0A-8754-C3657371C7B3}C:\program files (x86)\microsoft office\office11\outlook.exe] => (Block) C:\program files (x86)\microsoft office\office11\outlook.exe
FirewallRules: [UDP Query User{9B4359FE-F2FC-4FA5-8A90-4C3C8CB109CB}C:\program files (x86)\microsoft office\office11\outlook.exe] => (Block) C:\program files (x86)\microsoft office\office11\outlook.exe
FirewallRules: [{5FC8BF2B-D19F-4768-9DD1-1730A7BD6748}] => (Allow) LPort=3703
FirewallRules: [{4247DF8A-79D3-4676-83C5-D2C5B61E8CE0}] => (Allow) LPort=3704
FirewallRules: [{C66EB162-48D3-4785-848B-27E822BD205B}] => (Allow) LPort=50900
FirewallRules: [{0AA24033-F912-404A-978D-C0202C6A9363}] => (Allow) LPort=50901
FirewallRules: [{2FEF7482-6811-444E-BF90-A3ECDA858D2A}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
FirewallRules: [{5B3A35CE-137A-4D55-85AA-04E857B93B02}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
FirewallRules: [TCP Query User{88C81B86-7072-44F6-89CF-B9D090391646}C:\users\mickeymouse\desktop\cool pool\coolpool.exe] => (Block) C:\users\mickeymouse\desktop\cool pool\coolpool.exe
FirewallRules: [UDP Query User{9C4451E2-39F5-4D96-B144-FF93C4137AAA}C:\users\mickeymouse\desktop\cool pool\coolpool.exe] => (Block) C:\users\mickeymouse\desktop\cool pool\coolpool.exe
FirewallRules: [{A90153DE-C4B0-4539-8FAA-EB98EF67DA97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5B094E3A-85C6-494B-942B-D5BC41DA311F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{46FFDB04-F43D-4157-94E4-6A29AAEEC0BD}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{3F9F1597-CE72-4EA7-A1AD-0082A59B521D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{E98295DD-A4DF-43B6-BB92-661F01B032CF}] => (Allow) C:\Users\mickeymouse\AppData\Local\Vivaldi\Application\vivaldi.exe
FirewallRules: [{FC07ADCA-39D6-4677-AE36-84EDB643CAA6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{12E14BAD-9039-49D3-B50B-556008656168}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6B91A7F8-E6B7-4F91-B9CB-2EC75AEA7D30}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6DA70EA5-6027-40A3-BC66-69ECE796E258}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{4598943A-3D02-4A5B-A7A7-78363253B710}C:\program files (x86)\lg electronics\lg pc suite\smartsharera.exe] => (Block) C:\program files (x86)\lg electronics\lg pc suite\smartsharera.exe
FirewallRules: [UDP Query User{65CE169B-1E2C-4E01-95C4-438409BA1D75}C:\program files (x86)\lg electronics\lg pc suite\smartsharera.exe] => (Block) C:\program files (x86)\lg electronics\lg pc suite\smartsharera.exe
FirewallRules: [{FB79410D-5C16-4A90-B6CF-83E49242544B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E8DECE7B-B309-49B1-8A91-17E1DCA0C3EE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B0BD7AC6-BB19-4339-AF22-69BD16E552D7}C:\westwood\sun\patchget.dat] => (Allow) C:\westwood\sun\patchget.dat
FirewallRules: [UDP Query User{8D006C35-A807-4AB0-A13A-767F65791EE6}C:\westwood\sun\patchget.dat] => (Allow) C:\westwood\sun\patchget.dat
FirewallRules: [TCP Query User{F8EAB8D2-A9FE-49B1-8E3E-B3991455E6F8}C:\games\cncnet\tiberiandawn_online\cncnet5.exe] => (Block) C:\games\cncnet\tiberiandawn_online\cncnet5.exe
FirewallRules: [UDP Query User{2C8327BC-055E-491F-8590-35D922E11367}C:\games\cncnet\tiberiandawn_online\cncnet5.exe] => (Block) C:\games\cncnet\tiberiandawn_online\cncnet5.exe
FirewallRules: [TCP Query User{260A748F-519D-4144-B06C-7080E65CABB9}C:\program files\comicrack\comicrack.exe] => (Block) C:\program files\comicrack\comicrack.exe
FirewallRules: [UDP Query User{9FDDC2C7-D3B8-4C45-B53A-EA564FBB697F}C:\program files\comicrack\comicrack.exe] => (Block) C:\program files\comicrack\comicrack.exe
FirewallRules: [{B0AFD06A-F675-4395-8625-FCEE41F5571C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{8AA68B22-FBEF-499D-BA41-41A5895829A4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [TCP Query User{3D7235D7-167F-4D51-A520-1CC470C7C5E4}C:\program files (x86)\java\jre1.8.0_91\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\java.exe
FirewallRules: [UDP Query User{3E14B1E8-BF9A-4C4B-9713-0811D347DAC1}C:\program files (x86)\java\jre1.8.0_91\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\java.exe
FirewallRules: [TCP Query User{19A1AF85-7069-4AF8-ADDC-80C820126BE7}C:\program files (x86)\java\jre1.8.0_101\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\java.exe
FirewallRules: [UDP Query User{93DE8D10-8619-427C-9E87-7DC5F9F20945}C:\program files (x86)\java\jre1.8.0_101\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\java.exe
FirewallRules: [TCP Query User{F3D76AA5-E5A6-44BB-89FD-CDD672C488CF}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [UDP Query User{96856EF6-DF48-4566-89F5-09F7E109580F}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{5935A80E-6A05-4E91-8130-8137922B815C}] => (Block) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{145B7B05-50CC-4C7B-8334-BDFAABD5960A}] => (Block) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [TCP Query User{8BA2D2DB-6694-4677-BE37-CAF01140AFAF}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [UDP Query User{AB805E4C-F307-46CB-9CBF-41CAC5EFD3C5}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [{AD3E59B3-BDB0-4FF2-AA60-A89B61D208A9}] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [{F1F107AE-8554-40FA-B09D-03765C61A8BF}] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [TCP Query User{23C245C7-E0B9-48A2-8790-CF30C4374CA1}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe
FirewallRules: [UDP Query User{A73B7726-B5F7-4C63-9FE6-38E14C35C1DA}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe
FirewallRules: [TCP Query User{4D9AE038-A57C-4F80-BD82-AA4F9720CB9C}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{0AA2E794-C6F9-4182-8EBF-66AB951717BB}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{06EED361-A470-4A79-A667-76A233BED04A}] => (Allow) C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{2D41C093-28D4-4247-9679-ACF4A3E7C055}] => (Allow) C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [TCP Query User{34101A9D-34C5-448D-BD21-585D35DB8BC8}C:\users\mickeymouse\appdata\roaming\ethereum wallet\binaries\geth\unpacked\geth.exe] => (Block) C:\users\mickeymouse\appdata\roaming\ethereum wallet\binaries\geth\unpacked\geth.exe
FirewallRules: [UDP Query User{A149C094-E181-49F7-AC36-76A5EB0DE7C2}C:\users\mickeymouse\appdata\roaming\ethereum wallet\binaries\geth\unpacked\geth.exe] => (Block) C:\users\mickeymouse\appdata\roaming\ethereum wallet\binaries\geth\unpacked\geth.exe
FirewallRules: [TCP Query User{41C791B8-1ACE-4437-AC7E-24224941F840}C:\users\mickeymouse\desktop\m-wallet-1.2.3.1-win\64\magi-qt.exe] => (Block) C:\users\mickeymouse\desktop\m-wallet-1.2.3.1-win\64\magi-qt.exe
FirewallRules: [UDP Query User{CACD8B89-4E3B-4EFC-A937-355515678E28}C:\users\mickeymouse\desktop\m-wallet-1.2.3.1-win\64\magi-qt.exe] => (Block) C:\users\mickeymouse\desktop\m-wallet-1.2.3.1-win\64\magi-qt.exe
FirewallRules: [TCP Query User{F7EAF6ED-CF6B-465A-9261-51108B1938EF}C:\users\mickeymouse\desktop\stratis-qt.exe] => (Block) C:\users\mickeymouse\desktop\stratis-qt.exe
FirewallRules: [UDP Query User{43FD6546-7D33-4FBA-883C-8F78895BB133}C:\users\mickeymouse\desktop\stratis-qt.exe] => (Block) C:\users\mickeymouse\desktop\stratis-qt.exe
FirewallRules: [TCP Query User{E8F9AC95-8275-4EDB-929F-C7641F6076D8}C:\users\mickeymouse\appdata\roaming\utorrent\updates\3.4.9_43388.exe] => (Block) C:\users\mickeymouse\appdata\roaming\utorrent\updates\3.4.9_43388.exe
FirewallRules: [UDP Query User{EDD3CAE0-37DA-4CA4-9F73-5696DF56C403}C:\users\mickeymouse\appdata\roaming\utorrent\updates\3.4.9_43388.exe] => (Block) C:\users\mickeymouse\appdata\roaming\utorrent\updates\3.4.9_43388.exe
FirewallRules: [TCP Query User{E96C5DD3-1A5B-4580-9511-6A2D1038F4D1}C:\users\mickeymouse\desktop\s i a\resources\app\sia\siad.exe] => (Allow) C:\users\mickeymouse\desktop\s i a\resources\app\sia\siad.exe
FirewallRules: [UDP Query User{067738AA-17DF-41C4-BCDC-C8015E812B05}C:\users\mickeymouse\desktop\s i a\resources\app\sia\siad.exe] => (Allow) C:\users\mickeymouse\desktop\s i a\resources\app\sia\siad.exe
FirewallRules: [TCP Query User{E8A679AA-852C-4EE6-A224-916348898B42}C:\users\mickeymouse\desktop\monero-v0.10.3.1\monerod.exe] => (Block) C:\users\mickeymouse\desktop\monero-v0.10.3.1\monerod.exe
FirewallRules: [UDP Query User{C46931C7-B89A-4746-850B-8A722D2E2992}C:\users\mickeymouse\desktop\monero-v0.10.3.1\monerod.exe] => (Block) C:\users\mickeymouse\desktop\monero-v0.10.3.1\monerod.exe
FirewallRules: [TCP Query User{3CA2020A-091A-495D-A1F0-9E3B4F19458F}C:\program files\riecoin\riecoin-qt.exe] => (Allow) C:\program files\riecoin\riecoin-qt.exe
FirewallRules: [UDP Query User{A1AF0BB4-D226-44CA-B839-0C9D8F8CA59F}C:\program files\riecoin\riecoin-qt.exe] => (Allow) C:\program files\riecoin\riecoin-qt.exe
FirewallRules: [TCP Query User{5E258101-2A50-4B15-AB0D-7E85C122D2CF}C:\program files\digibyte\digibyte-qt.exe] => (Allow) C:\program files\digibyte\digibyte-qt.exe
FirewallRules: [UDP Query User{4BA9C165-E03A-490E-8A4B-247A9899400A}C:\program files\digibyte\digibyte-qt.exe] => (Allow) C:\program files\digibyte\digibyte-qt.exe
FirewallRules: [TCP Query User{D63D55C4-DD67-46B5-A4EE-E1560AEA957B}C:\users\mickeymouse\desktop\bytecoinwallet-win64\bytecoinwallet.exe] => (Allow) C:\users\mickeymouse\desktop\bytecoinwallet-win64\bytecoinwallet.exe
FirewallRules: [UDP Query User{40BFC1AA-8CBA-460C-ADD3-4CA53BA3BCAA}C:\users\mickeymouse\desktop\bytecoinwallet-win64\bytecoinwallet.exe] => (Allow) C:\users\mickeymouse\desktop\bytecoinwallet-win64\bytecoinwallet.exe
FirewallRules: [TCP Query User{B3ABE6C6-E443-4598-B563-FFCE0F9C3216}C:\users\mickeymouse\appdata\local\programs\emeraldwallet\resources\geth.exe] => (Block) C:\users\mickeymouse\appdata\local\programs\emeraldwallet\resources\geth.exe
FirewallRules: [UDP Query User{2B0084B0-F435-4F11-A026-0BE2A2A973CA}C:\users\mickeymouse\appdata\local\programs\emeraldwallet\resources\geth.exe] => (Block) C:\users\mickeymouse\appdata\local\programs\emeraldwallet\resources\geth.exe
FirewallRules: [TCP Query User{AB19DD04-E804-4F22-9463-7B36A53ABBC4}C:\users\mickeymouse\desktop\nexus 2.2.3 - lld stable - win x64 - build 01-09-17\nexus-qt.exe] => (Block) C:\users\mickeymouse\desktop\nexus 2.2.3 - lld stable - win x64 - build 01-09-17\nexus-qt.exe
FirewallRules: [UDP Query User{8FD2A73F-3423-49D0-AE03-5DFA7B94BB75}C:\users\mickeymouse\desktop\nexus 2.2.3 - lld stable - win x64 - build 01-09-17\nexus-qt.exe] => (Block) C:\users\mickeymouse\desktop\nexus 2.2.3 - lld stable - win x64 - build 01-09-17\nexus-qt.exe
FirewallRules: [{F3B22B39-3955-4215-A711-39A56842BC6D}] => (Allow) C:\Users\MICKEY~1\AppData\Local\Temp\in19E8B0F0\3F3403E1_stp.exe
FirewallRules: [{8B6DFD24-07BD-47F4-9B04-F8FE5517D125}] => (Allow) C:\Users\MICKEY~1\AppData\Local\Temp\in19E8B0F0\3F3403E1_stp.exe
FirewallRules: [{7E3CD081-2CFF-4E8B-9913-B99E43CDDE7C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{DBA632A3-5832-49BA-B185-F2FC907EAA9C}C:\users\mickeymouse\desktop\sumokoin_wallet-v0.0.1-b1.1-x86-64\resources\bin\sumokoind.exe] => (Block) C:\users\mickeymouse\desktop\sumokoin_wallet-v0.0.1-b1.1-x86-64\resources\bin\sumokoind.exe
FirewallRules: [UDP Query User{5159A8BC-6C49-4338-B24B-3FC18F05D9A0}C:\users\mickeymouse\desktop\sumokoin_wallet-v0.0.1-b1.1-x86-64\resources\bin\sumokoind.exe] => (Block) C:\users\mickeymouse\desktop\sumokoin_wallet-v0.0.1-b1.1-x86-64\resources\bin\sumokoind.exe
FirewallRules: [{4E812BC8-5EAE-4D8F-B7D0-FF2692A15837}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{EDC9547A-84A7-4F62-B6B3-951409AFF666}] => (Allow) C:\Users\mickeymouse\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C7931FB0-AC69-404F-9BA4-A9147AD4EE3F}] => (Allow) C:\Users\mickeymouse\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FE919393-D029-47EF-8621-E84507D15D43}] => (Allow) C:\Program Files (x86)\Trend Micro\DRScanner\DRScanner.exe
FirewallRules: [{1C2DAF27-AF4D-44D6-926A-7B7D625C6C83}] => (Allow) C:\Program Files (x86)\Trend Micro\DRScanner\sdk\nmap\nmap.exe
FirewallRules: [TCP Query User{E712CBD3-5124-4FE1-9F29-1376314E5269}C:\users\mickeymouse\desktop\aeon\aeond.exe] => (Block) C:\users\mickeymouse\desktop\aeon\aeond.exe
FirewallRules: [UDP Query User{5777198D-925D-4E37-A30D-2AE3A88C4021}C:\users\mickeymouse\desktop\aeon\aeond.exe] => (Block) C:\users\mickeymouse\desktop\aeon\aeond.exe
FirewallRules: [TCP Query User{71259467-91CA-4884-BDF6-BB24FCC9BEB3}C:\users\mickeymouse\desktop\monero wallet\monero-gui-0.11.0.0\monero-wallet-gui.exe] => (Allow) C:\users\mickeymouse\desktop\monero wallet\monero-gui-0.11.0.0\monero-wallet-gui.exe
FirewallRules: [UDP Query User{647708B1-9880-4E66-BF1F-4C5ED95B0D15}C:\users\mickeymouse\desktop\monero wallet\monero-gui-0.11.0.0\monero-wallet-gui.exe] => (Allow) C:\users\mickeymouse\desktop\monero wallet\monero-gui-0.11.0.0\monero-wallet-gui.exe
FirewallRules: [TCP Query User{1D332760-B473-420C-8E60-0D7A2B72A698}C:\users\mickeymouse\desktop\monero wallet\monero-gui-0.11.0.0\monerod.exe] => (Allow) C:\users\mickeymouse\desktop\monero wallet\monero-gui-0.11.0.0\monerod.exe
FirewallRules: [UDP Query User{A7F5A7A1-3327-4B75-9FD6-11D5A302278C}C:\users\mickeymouse\desktop\monero wallet\monero-gui-0.11.0.0\monerod.exe] => (Allow) C:\users\mickeymouse\desktop\monero wallet\monero-gui-0.11.0.0\monerod.exe
FirewallRules: [{26DDB385-8FA9-4672-BEFA-A49A5DAB1ED0}] => (Allow) C:\Program Files (x86)\Opera\48.0.2685.50\opera.exe
FirewallRules: [{87932F78-F1A1-4A9D-B8F1-4CC68F397DB8}] => (Allow) C:\Program Files (x86)\Opera\48.0.2685.52\opera.exe
 
==================== Restore Points =========================
 
17-10-2017 07:50:04 Scheduled Checkpoint
25-10-2017 06:41:41 Scheduled Checkpoint
26-10-2017 23:00:38 Removed Adobe Acrobat Reader DC.
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/26/2017 11:41:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcroRd32.exe, version: 17.12.20093.41392, time stamp: 0x597fa415
Faulting module name: KERNELBASE.dll, version: 6.3.9600.18007, time stamp: 0x55c4bcfc
Exception code: 0xc0000005
Fault offset: 0x00012a69
Faulting process id: 0x1348
Faulting application start time: 0x01d34eee9a7100f3
Faulting application path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Faulting module path: C:\WINDOWS\SYSTEM32\KERNELBASE.dll
Report Id: d84614e6-bae1-11e7-8004-d850e6c2cf2b
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 11:32:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcroRd32.exe, version: 17.12.20093.41392, time stamp: 0x597fa415
Faulting module name: mbae.dll, version: 1.9.4.245, time stamp: 0x599f0ac5
Exception code: 0xc0000005
Fault offset: 0x0001cd12
Faulting process id: 0xd0c
Faulting application start time: 0x01d34eed5b01147b
Faulting application path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\mbae.dll
Report Id: 9924d5ec-bae0-11e7-8003-d850e6c2cf2b
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 11:11:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 51.0.1.6234, time stamp: 0x5888f28c
Faulting module name: ntdll.dll, version: 6.3.9600.18185, time stamp: 0x5683eff4
Exception code: 0xc0000005
Fault offset: 0x00042c96
Faulting process id: 0x1e04
Faulting application start time: 0x01d34eea67bcb290
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: a57b9258-badd-11e7-8002-d850e6c2cf2b
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 11:11:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 51.0.1.6234, time stamp: 0x5888f28c
Faulting module name: ntdll.dll, version: 6.3.9600.18185, time stamp: 0x5683eff4
Exception code: 0xc0000005
Fault offset: 0x000411b2
Faulting process id: 0x1fb8
Faulting application start time: 0x01d34eea5f5c27fd
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 9da617c5-badd-11e7-8002-d850e6c2cf2b
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 11:08:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcroRd32.exe, version: 17.12.20093.41392, time stamp: 0x597fa415
Faulting module name: ntdll.dll, version: 6.3.9600.18185, time stamp: 0x5683eff4
Exception code: 0xc0000005
Fault offset: 0x000411b2
Faulting process id: 0xe3c
Faulting application start time: 0x01d34eea081eb3b6
Faulting application path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 45dbf04c-badd-11e7-8002-d850e6c2cf2b
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 11:07:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcroRd32.exe, version: 17.12.20093.41392, time stamp: 0x597fa415
Faulting module name: ntdll.dll, version: 6.3.9600.18185, time stamp: 0x5683eff4
Exception code: 0xc0000005
Fault offset: 0x000411b2
Faulting process id: 0x1fc4
Faulting application start time: 0x01d34ee9df0960b5
Faulting application path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 1cc8ffc7-badd-11e7-8002-d850e6c2cf2b
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 11:07:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.18123 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1ca8
 
Start Time: 01d34ee9d194bc81
 
Termination Time: 0
 
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
 
Report Id: 15d39d32-badd-11e7-8002-d850e6c2cf2b
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (10/26/2017 11:07:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18124, time stamp: 0x5641278d
Faulting module name: ntdll.dll, version: 6.3.9600.18185, time stamp: 0x5683eff4
Exception code: 0xc0000005
Fault offset: 0x00041052
Faulting process id: 0x1dc8
Faulting application start time: 0x01d34ee9d1b158e2
Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 0f75bc53-badd-11e7-8002-d850e6c2cf2b
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 11:00:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcroRd32.exe, version: 17.12.20093.41392, time stamp: 0x597fa415
Faulting module name: avcuf32.dll, version: 3.13.17967.6537, time stamp: 0x59e8cc72
Exception code: 0xc0000005
Fault offset: 0x0002c6be
Faulting process id: 0xdcc
Faulting application start time: 0x01d34ee8d4d9a4e2
Faulting application path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Faulting module path: C:\Program Files\Bitdefender Antivirus Free\Active Virus Control\avc3_00171_030\avcuf32.dll
Report Id: 1299439c-badc-11e7-8002-d850e6c2cf2b
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 10:59:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.18123 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1a58
 
Start Time: 01d34ee8c3f3c69f
 
Termination Time: 15
 
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
 
Report Id: 0c7c3316-badc-11e7-8002-d850e6c2cf2b
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (10/27/2017 05:01:25 AM) (Source: DCOM) (EventID: 10010) (User: ASUSPC)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Error: (10/27/2017 05:00:55 AM) (Source: DCOM) (EventID: 10010) (User: ASUSPC)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Error: (10/26/2017 11:34:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
The service has not been started.
 
Error: (10/26/2017 11:33:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (10/26/2017 11:33:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The RalinkRegistryWriter64 service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/26/2017 11:33:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ProductAgentService service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/26/2017 11:33:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SAMSUNG Mobile Connectivity Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/26/2017 11:33:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ASUS System Control Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/26/2017 11:33:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Wondershare Application Framework Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/26/2017 11:33:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The FLEXnet Licensing Service service terminated unexpectedly.  It has done this 1 time(s).
 
 
CodeIntegrity:
===================================
  Date: 2017-06-06 17:39:36.576
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-06-06 17:39:36.466
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-06-06 17:39:36.341
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-06-06 17:39:36.216
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-06-06 17:39:36.091
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-06-06 17:39:35.935
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-06-06 17:39:35.794
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-06-06 17:39:35.654
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-06-06 17:39:35.529
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-06-06 17:39:35.404
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 15%
Total physical RAM: 16291.16 MB
Available physical RAM: 13780.99 MB
Total Virtual: 18723.16 MB
Available Virtual: 14513.75 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:149.66 GB) (Free:26.36 GB) NTFS
Drive d: (Data) (Fixed) (Total:1690.71 GB) (Free:838.16 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 07FC92C1)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
TY!

 



BC AdBot (Login to Remove)

 


#2 ivankaclinton

ivankaclinton
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 27 October 2017 - 12:12 PM

Sorry about multiple posts... the page was hanging.

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users