Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

microsoft update not updating my windows... stuck at 0%


  • This topic is locked This topic is locked
3 replies to this topic

#1 kiritosoham

kiritosoham

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 25 December 2017 - 03:39 AM

well i tried to update my windows but i dosent and is stuck at 0% .......

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-12-2017 01
Ran by Soham (administrator) on SOHAM (25-12-2017 13:57:23)
Running from C:\Users\Soham\Downloads
Loaded Profiles: Soham (Available Profiles: Soham & killbot & Administrator)
Platform: Windows 10 Home Single Language Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(Mr. John aka japamd) C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Unistal Systems Pvt. Ltd.) C:\Program Files\Unistal\Protegent Anti-Virus\acs.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Unistal Systems Pvt. Ltd.) C:\Program Files\Unistal\Protegent Anti-Virus\op_mon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(BlueStack Systems, Inc.) C:\ProgramData\BlueStacks\Client\Bluestacks.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Player.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Bluestack System Inc. ) C:\Program Files (x86)\BlueStacks\BstkSVC.exe
(BlueStack Systems, Inc.) C:\ProgramData\BlueStacks\Client\Bluestacks.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\bcastdvr.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\GamePanel.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16152792 2015-07-17] (Realtek Semiconductor)
HKLM\...\Run: [ProtegentMonitor] => C:\Program Files\Unistal\Protegent Anti-Virus\op_mon.exe [4948432 2015-09-22] (Unistal Systems Pvt. Ltd.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2017-09-28] ()
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1657856 2017-01-25] (Informer Technologies, Inc.)
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation)
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\MountPoints2: {50170e75-45e1-11e6-9bf8-b886872b8601} - "H:\Setup.exe" /Auto
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\MountPoints2: {64807659-60a2-11e7-9c8f-b886872b8601} - "I:\setup.exe"
AppInit_DLLs: c:\progra~1\unistal\proteg~1\wl_hoo~1.dll => c:\Program Files\Unistal\Protegent Anti-Virus\wl_hook64.dll [1415168 2015-09-22] (Unistal Systems Pvt. Ltd.)
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{12e02d91-4fe2-457b-a4a6-1b17d05b249e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{82f4b845-dd2e-4ad0-82f0-2e4f2a59a3e8}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{88026f9c-1725-46da-989e-811ebc02275b}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{dca3ce53-4361-4390-adcc-724c82d32c45}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{e1deb7ec-140c-40cf-ae6c-3fbe132dda5e}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://in.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://in.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-466014504-2981248741-1711811290-1004 -> DefaultScope {43312F50-7EE8-49E9-BB77-31FF772BB7A6} URL =
SearchScopes: HKU\S-1-5-21-466014504-2981248741-1711811290-1004 -> {102FB332-88A3-11E6-9C1F-F0761CCAD919} URL = hxxps://www.bing.com/search?pc=cosp&ptag=AB59A10D666&form=CONBDF&conlogo=CT3210127&q={searchTerms}
SearchScopes: HKU\S-1-5-21-466014504-2981248741-1711811290-1004 -> {3707D511-AE1D-11E6-9C35-F0761CCAD919} URL = hxxps://www.bing.com/search?pc=cosp&ptag=AB59A10D666&form=CONBDF&conlogo=CT3210127&q={searchTerms}
SearchScopes: HKU\S-1-5-21-466014504-2981248741-1711811290-1004 -> {43312F50-7EE8-49E9-BB77-31FF772BB7A6} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-22] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-22] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Soham\AppData\Roaming\Mozilla\Firefox\Profiles\2wymc7s0.default [2017-12-25]
FF Homepage: Mozilla\Firefox\Profiles\2wymc7s0.default -> hxxps://search-startpage.com/?s=acer&m=start&brw=ff
FF SearchPlugin: C:\Users\Soham\AppData\Roaming\Mozilla\Firefox\Profiles\2wymc7s0.default\searchplugins\Search Start Page.xml [2016-11-21]
FF SearchPlugin: C:\Users\Soham\AppData\Roaming\Mozilla\Firefox\Profiles\2wymc7s0.default\searchplugins\Start Search.xml [2016-11-21]
FF SearchPlugin: C:\Users\Soham\AppData\Roaming\Mozilla\Firefox\Profiles\2wymc7s0.default\searchplugins\Web Search.xml [2016-10-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-17] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-17] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.)
R2 acssrv; C:\Program Files\Unistal\Protegent Anti-Virus\acs.exe [3413232 2015-09-22] (Unistal Systems Pvt. Ltd.)
R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2017-10-04] ()
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-07-21] (Advanced Micro Devices) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-06-29] (Windows ® Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278688 2017-09-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-15] (WildTangent)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-04-18] ()
R2 MYSQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [39496704 2017-06-22] () [File not signed]
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [395616 2015-07-17] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-17] (Acer Incorporated)
R2 RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [20608 2013-11-04] (Mr. John aka japamd) [File not signed]
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-06-22] ()
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [33224 2016-04-15] (SHAREit Technologies Co.Ltd)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2016-09-23] (SHAREit Technologies Co.Ltd)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 afw; C:\WINDOWS\system32\DRIVERS\afw.sys [52904 2015-07-21] (Agnitum Ltd.)
S3 afwcore; C:\WINDOWS\System32\drivers\afwcore.sys [465072 2015-07-21] (Agnitum Ltd.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2017-12-17] (Bluestack System Inc. )
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2015-07-17] (Acer Incorporated)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2015-07-17] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
R1 SandBox; C:\Windows\system32\drivers\SandBox64.sys [1704936 2015-08-07] (Agnitum Ltd.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-08-13] (Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [47784 2015-07-29] (Synaptics Incorporated)
R3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2016-07-16] (Microsoft Corporation)
U3 VBCoreNT.0; C:\WINDOWS\System32\Filt\tmp\8wwd60ew.vbt [2193008 2017-12-21] (Agnitum Ltd.)
R3 VBEngNT; C:\Windows\system32\drivers\VBEngNT.sys [329952 2015-07-24] (Agnitum Ltd.)
R3 VBFilt; C:\Windows\system32\Filt\VBFilt64.dll [95104 2015-07-24] (Agnitum Ltd.)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [205952 2017-04-28] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 OSFMount; \??\D:\Games\Counter-Strike Global Offensive\image\x64\OSFMount.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-25 13:57 - 2017-12-25 13:58 - 000019168 _____ C:\Users\Soham\Downloads\FRST.txt
2017-12-25 13:57 - 2017-12-25 13:57 - 000000000 ____D C:\FRST
2017-12-25 13:54 - 2017-12-25 13:57 - 002392064 _____ (Farbar) C:\Users\Soham\Downloads\FRST64.exe
2017-12-24 23:27 - 2017-12-24 23:28 - 000000000 ____D C:\Users\Soham\Desktop\BlueStacksBackup_2145243568
2017-12-24 15:21 - 2017-12-24 15:24 - 000000000 ____D C:\Users\Soham\Desktop\New folder (2)
2017-12-24 14:46 - 2017-12-24 14:47 - 031793465 _____ C:\Users\Soham\Downloads\G-Eazy & Halsey - Him & I (Official Video).mp4
2017-12-24 14:43 - 2017-12-24 14:46 - 050122903 _____ C:\Users\Soham\Downloads\The Chainsmokers, Skrillex ft. Halsey - Kiss Me Slowly (Official Music Video).mp4
2017-12-24 14:43 - 2017-12-24 14:43 - 000000000 ____D C:\Users\Soham\AppData\Local\CEF
2017-12-24 14:43 - 2017-12-24 14:42 - 000001521 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2017-12-24 14:42 - 2017-12-24 14:42 - 000001521 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2017-12-24 14:40 - 2017-12-24 14:42 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2017-12-24 14:39 - 2017-12-24 14:43 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2017-12-24 14:39 - 2017-12-24 14:41 - 000000000 ____D C:\Users\Soham\AppData\Local\Bluestacks
2017-12-24 14:23 - 2017-12-24 14:38 - 275584208 _____ (BlueStack Systems Inc.) C:\Users\Soham\Downloads\BlueStacks-Installer_BS3_native.exe
2017-12-21 09:22 - 2017-12-25 13:57 - 000003068 _____ C:\WINDOWS\system32\config\rules.rdb
2017-12-15 11:48 - 2017-12-15 11:48 - 000000000 ____D C:\Users\Soham\AppData\Roaming\InstallShield Installation Information
2017-12-15 11:45 - 2017-12-15 11:45 - 000000000 ____D C:\Users\Soham\Documents\Assassin's Creed Liberation HD
2017-12-15 11:45 - 2017-12-15 11:45 - 000000000 ____D C:\Saves
2017-12-15 00:52 - 2017-12-15 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2017-12-14 22:03 - 2017-12-14 22:03 - 000000000 ____D C:\Users\Soham\Documents\Square Enix
2017-12-14 19:22 - 2017-12-14 19:22 - 000000000 ____D C:\Users\Soham\Documents\Assassin's Creed Rogue
2017-12-14 19:22 - 2017-12-14 19:22 - 000000000 ____D C:\Users\Soham\AppData\Roaming\uplay
2017-12-12 13:06 - 2017-12-15 11:40 - 000000000 ____D C:\Users\Soham\AppData\Local\Fallout3
2017-12-12 10:51 - 2017-12-12 10:51 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
2017-12-11 05:44 - 2017-12-11 05:44 - 000000000 ____D C:\Users\Soham\Documents\WB Games
2017-12-11 01:51 - 2017-12-11 01:51 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-12-11 01:51 - 2017-12-11 01:51 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2017-12-11 01:49 - 2017-12-11 01:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Batman - Arkham Origins
2017-12-11 00:35 - 2017-12-11 00:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2017-12-10 23:03 - 2017-12-10 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-12-10 22:22 - 2017-12-10 22:22 - 000000000 ____D C:\Users\Soham\Documents\FeedbackHub
2017-12-10 21:21 - 2017-12-10 21:21 - 000000000 ____D C:\Users\Soham\Documents\Rockstar Games
2017-12-10 21:21 - 2017-12-10 21:21 - 000000000 ____D C:\Users\Soham\AppData\Local\Rockstar Games
2017-12-10 21:21 - 2017-12-10 21:21 - 000000000 ____D C:\ProgramData\Socialclub
2017-12-10 14:06 - 2017-12-10 14:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V
2017-12-10 10:55 - 2017-12-10 21:08 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2017-12-10 10:52 - 2017-12-10 21:08 - 000000000 ____D C:\Program Files\Rockstar Games
2017-12-09 10:46 - 2017-12-09 10:46 - 000592131 _____ C:\WINDOWS\Condition Zero - Xtreme Edition Uninstaller.exe
2017-12-09 10:43 - 2017-01-29 16:50 - 000682497 _____ C:\WINDOWS\Condition Zero - Xtreme Edition Uninstaller.exe.bak
2017-12-09 10:38 - 2017-12-09 10:38 - 000000000 ____D C:\Users\Soham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Condition Zero
2017-12-04 17:05 - 2017-12-04 17:05 - 000000000 ____D C:\Users\Soham\AppData\Local\UNP
2017-12-03 21:30 - 2017-12-23 00:26 - 000000000 ____D C:\Users\Soham\Desktop\sa
2017-12-03 21:25 - 2017-12-24 15:22 - 000000000 ____D C:\Users\Soham\Desktop\fiitjee
2017-12-01 23:23 - 2017-12-02 00:01 - 096382723 _____ C:\Users\Soham\Downloads\My-Hero-Academia-2nd-Season-Episode-21.mp4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-25 13:49 - 2016-06-23 11:41 - 000000000 ____D C:\Users\Soham\AppData\Local\CrashDumps
2017-12-25 13:18 - 2015-07-16 09:59 - 002889798 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-25 11:53 - 2016-11-19 11:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-25 11:11 - 2016-06-25 10:41 - 000000000 ____D C:\Users\Soham\AppData\Roaming\vlc
2017-12-25 08:46 - 2017-11-01 19:55 - 000000000 ____D C:\Users\Soham\Desktop\new
2017-12-25 08:35 - 2016-06-07 22:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Global Offensive
2017-12-25 08:32 - 2017-07-02 19:58 - 000000000 ____D C:\Users\Soham\VirtualBox VMs
2017-12-24 14:42 - 2016-06-07 16:18 - 000000000 ____D C:\ProgramData\BlueStacks
2017-12-22 11:19 - 2016-08-21 15:37 - 000000000 ____D C:\Users\Soham\Downloads\SHAREit
2017-12-22 09:56 - 2017-05-06 17:03 - 000000000 ____D C:\Users\Soham\Desktop\New folder
2017-12-22 09:41 - 2015-07-16 10:00 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
2017-12-21 11:50 - 2016-06-23 11:34 - 000000000 ____D C:\Users\Soham\AppData\Local\Host App Service
2017-12-21 09:19 - 2016-11-19 12:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-20 11:17 - 2016-07-24 13:18 - 000000000 ____D C:\Users\Soham\AppData\Local\ElevatedDiagnostics
2017-12-19 13:27 - 2016-11-19 11:57 - 020681728 _____ C:\WINDOWS\system32\config\sscan.xas
2017-12-18 15:57 - 2016-11-19 11:57 - 004512768 _____ C:\WINDOWS\system32\config\sscan.0
2017-12-15 11:57 - 2016-06-23 12:57 - 000000000 ____D C:\Users\Soham\Documents\My Games
2017-12-15 09:30 - 2017-07-03 20:52 - 000000000 ____D C:\Users\Soham\AppData\Local\Activision
2017-12-14 22:04 - 2016-09-26 20:18 - 000000000 ____D C:\Users\Soham\AppData\Local\SKIDROW
2017-12-12 11:40 - 2016-11-19 11:48 - 000000000 ____D C:\Users\Soham
2017-12-10 11:12 - 2015-09-06 05:20 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-09 10:47 - 2016-11-19 11:44 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-12-09 10:47 - 2016-07-16 11:34 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-12-05 07:10 - 2017-08-06 13:19 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-12-04 18:36 - 2016-06-06 20:01 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-12-04 18:04 - 2017-07-02 04:40 - 000000000 ____D C:\Users\Soham\.VirtualBox
2017-12-01 21:26 - 2016-09-22 18:23 - 000000661 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-11-30 19:59 - 2016-06-23 11:34 - 000000000 ____D C:\Users\Soham\AppData\Roaming\Adobe
2017-11-30 14:13 - 2016-07-16 17:17 - 000000000 ____D C:\WINDOWS\AppReadiness
==================== Files in the root of some directories =======
2016-09-05 13:15 - 2016-09-05 13:15 - 000007605 _____ () C:\Users\Soham\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
2007-09-18 14:58 - 2007-09-18 14:58 - 000077160 _____ (Microsoft Corporation) C:\Users\Soham\AppData\Local\Temp\DSETUP.dll
2007-09-18 14:58 - 2007-09-18 14:58 - 001673576 _____ (Microsoft Corporation) C:\Users\Soham\AppData\Local\Temp\dsetup32.dll
2007-09-18 14:58 - 2007-09-18 14:58 - 000503144 _____ (Microsoft Corporation) C:\Users\Soham\AppData\Local\Temp\DXSETUP.exe
2017-08-06 13:12 - 2013-04-10 09:55 - 001044048 ____N (CANON INC.) C:\Users\Soham\AppData\Local\Temp\MSETUP4.EXE
2017-12-01 16:43 - 2017-12-01 16:45 - 047052696 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\oct1F6F.tmp.exe
2017-12-20 22:29 - 2017-12-21 11:50 - 047064176 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\oct39E8.tmp.exe
2017-10-04 07:04 - 2017-10-05 20:04 - 039234048 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\oct412E.tmp.exe
2017-12-04 16:40 - 2017-12-06 15:10 - 047052696 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\oct5B2E.tmp.exe
2017-08-28 18:38 - 2017-08-28 18:40 - 039245368 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\oct6A2C.tmp.exe
2017-10-02 23:27 - 2017-10-02 23:41 - 039245368 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\oct95FA.tmp.exe
2017-09-10 06:03 - 2017-09-10 06:04 - 039245368 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\octA1F0.tmp.exe
2017-11-07 05:39 - 2017-11-07 05:39 - 039236800 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\octC4F3.tmp.exe
2017-09-22 20:01 - 2017-09-22 20:18 - 039245368 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\octC59E.tmp.exe
2017-10-07 19:49 - 2017-10-07 19:51 - 039234048 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\octDCB7.tmp.exe
2017-11-26 01:48 - 2017-11-30 13:37 - 047052696 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\octE051.tmp.exe
2017-12-09 11:53 - 2010-02-01 17:33 - 000724667 __RSH () C:\Users\Soham\AppData\Local\Temp\systemw.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-12-25 13:27
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-12-2017 01
Ran by Soham (25-12-2017 14:02:13)
Running from C:\Users\Soham\Downloads
Windows 10 Home Single Language Version 1607 (X64) (2016-11-19 06:38:27)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-466014504-2981248741-1711811290-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-466014504-2981248741-1711811290-503 - Limited - Disabled)
Guest (S-1-5-21-466014504-2981248741-1711811290-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-466014504-2981248741-1711811290-1003 - Limited - Enabled)
killbot (S-1-5-21-466014504-2981248741-1711811290-1005 - Limited - Enabled) => C:\Users\killbot
Soham (S-1-5-21-466014504-2981248741-1711811290-1004 - Administrator - Enabled) => C:\Users\Soham
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Protegent Anti-Virus (Disabled - Out of date) {970DB431-5C23-ED6B-8C4B-5DCD23AB1CB9}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Protegent Anti-Virus (Disabled - Out of date) {2C6C55D5-7A19-E2E5-B6FB-66BF582C5604}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
"Batman - Arkham Origins" (HKLM-x32\...\{C0E2E169-E84A-435A-B680-AB7E3BB1F23C}_is1) (Version: 1.0.0.0 - )
"FIFA 14" (HKLM-x32\...\{6049054B-DB11-48E1-A583-9A565D5C8856}_is1) (Version: 1.4.0.0 - )
µTorrent (HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3024 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3006 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
ACP Application (HKLM\...\{82FED5E0-7A6D-5DA9-4310-7FEBD0B22BA8}) (Version: 2.15.30.0019 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe PageMaker 7.0 (HKLM-x32\...\Adobe PageMaker 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop CC by Sidmon (HKLM-x32\...\{B82E1A93-C4B6-462E-A3F9-08B73171A8AD}_is1) (Version: 14.2.1.570 - Adobe Systems Inc.)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Amazon Assistant (HKLM-x32\...\{EDA2A064-F600-47BA-9EBA-58BE807BF6D2}) (Version: 10.17.0926 - Amazon) <==== ATTENTION
AMD Catalyst Install Manager (HKLM\...\{566F2BB3-9031-D010-E31F-BE5D49984768}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
App Explorer (HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\Host App Service) (Version: 0.273.2.371 - SweetLabs)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{34985F59-8F6F-46F4-9AD5-53E2714294D2}) (Version: 3.0.189 - ArcSoft)
Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.01 (HKLM-x32\...\Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.01_is1) (Version: Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.01 - RiP by Fenixx (15.11.2013))
Assassin's Creed III (HKLM-x32\...\Assassin's Creed III_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Assassin's Creed III 1.01 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.01 - Ubisoft)
Assassin's Creed Liberation HD (HKLM-x32\...\Assassin's Creed Liberation HD_is1) (Version:  - )
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.54.65.1755 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version:  - )
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version:  - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM-x32\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Condition Zero - Xtreme Edition Uninstaller (HKLM-x32\...\Condition Zero - Xtreme Edition) (Version: 1.2.0.0 - )
Counter-Strike 1.6 (HKLM-x32\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - )
Counter-Strike Global Offensive [No-Steam] (HKLM-x32\...\Counter-Strike Global Offensive_is1) (Version: 1.32.3.0 - Valve software)
Counter-Strike: Condition Zero v1.0 [FINAL ONE] (HKLM-x32\...\Counter-Strike: Condition Zero) (Version: v1.0 [FINAL ONE] - ibm86@mangalia.astral.ro)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5427.02 - CyberLink Corp.)
Driver San Franisco version 1.0.8.0 (HKLM-x32\...\Driver San Franisco_is1) (Version: 1.0.8.0 - Driver San Franisco RePack By Himanshu dxd)
eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM)
Fallout 3 (HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
Farm to Fork Collector's Edition (HKLM-x32\...\WTA-7dcf93a2-3844-4a62-b1f1-5ae41388a21b) (Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.53.5169 - Gretech Corporation)
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-91a2d1f9-6b63-4b4f-9bfd-a4de9e0c7838) (Version: 3.0.2.59 - WildTangent) Hidden
Grand Theft Auto V version 1.0.573.1 (HKLM-x32\...\{D22681B9-93A5-4EBC-A1DD-A6B2189CBD4D}_is1) (Version: 1.0.573.1 - )
Idea Smart WiFi (HKLM-x32\...\Idea Smart WiFi) (Version: 22.001.22.03.356 - Huawei Technologies Co.,Ltd)
James Cameron's AVATAR™: THE GAME (HKLM-x32\...\{7E19B002-4CA3-4C9F-BA92-91D101B97219}) (Version: 1.01.00 - Ubisoft)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-9e629135-7681-46ea-9323-35aaced88a1a) (Version: 2.2.0.97 - WildTangent) Hidden
KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation)
King Oddball (HKLM-x32\...\WTA-39b7f979-b3da-40cd-90b2-d94c1aca94b2) (Version: 3.0.2.48 - WildTangent) Hidden
Kingo Android ROOT version 1.2.2.1915 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.2.2.1915 - Kingosoft Technology Ltd.)
Metal Gear Solid V Phantom Pain, âåðñèÿ 1.0.0.1 (HKLM-x32\...\Metal Gear Solid V Phantom Pain_is1) (Version: 1.0.0.1 - RePack by SEYTER)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 48.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 en-US)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.0.6051 - Mozilla)
MySQL Connector C++ 1.1.9 (HKLM\...\{C91610F0-0500-4C1D-90DF-B050E2DFD6E9}) (Version: 1.1.9 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{9F9DCBD0-6C06-445C-B407-B2FF16C98B63}) (Version: 5.1.42 - Oracle Corporation)
MySQL Connector Net 6.9.9 (HKLM-x32\...\{E09F82E9-3EB3-4725-BDC8-3C77F83E262C}) (Version: 6.9.9 - Oracle)
MySQL Connector/ODBC 5.3 (HKLM\...\{EB0CFCBD-B0C8-4F0F-ACF4-8B674A19B459}) (Version: 5.3.8 - Oracle Corporation)
MySQL Documents 5.7 (HKLM-x32\...\{8C8CBA1C-D702-4A31-83C4-8E7CC048E9C6}) (Version: 5.7.19 - Oracle Corporation)
MySQL Examples and Samples 5.7 (HKLM-x32\...\{3B5A0B2A-08D3-468E-8033-1AF859A9862B}) (Version: 5.7.19 - Oracle Corporation)
MySQL Installer - Community (HKLM-x32\...\{75C31CA9-8A61-43AD-B653-C4BF5B6BDD1A}) (Version: 1.4.19.0 - Oracle Corporation)
MySQL Notifier 1.1.7 (HKLM-x32\...\{724CDD73-430E-47DA-8F4E-7DF2000BA268}) (Version: 1.1.7 - Oracle)
MySQL Server 5.7 (HKLM\...\{F08E9C75-A42E-4962-8760-4CBD9CF35D7A}) (Version: 5.7.19 - Oracle Corporation)
MySQL Utilities (HKLM\...\{BEDAC2EF-DBA2-4B25-857A-7DF385FA645E}) (Version: 1.6.5 - Oracle Corporation)
NET Framework 3.5 Enabler version 1.0 (HKLM-x32\...\{0BCC2701-8B28-456B-B0AC-D5AB9EEA302A}_is1) (Version: 1.0 - Sidmon, Inc.)
Nullsoft Install System (HKLM-x32\...\NSIS) (Version: 3.0 - )
NVIDIA PhysX (HKLM-x32\...\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}) (Version: 9.13.0725 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{60499BF0-C3D1-40CC-8600-8A7246534466}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Oracle VM VirtualBox 5.1.22 (HKLM\...\{8D5E4D4D-5E0C-4448-B018-5DDEF1E208D9}) (Version: 5.1.22 - Oracle Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Protegent Anti-Virus a13.7 (HKLM\...\Unistal Protegent Anti-Virus_is1) (Version: a13.7 - Unistal Systems Pvt. Ltd.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.55 - Qualcomm Atheros)
RadeonPro 1.0 (Build 1.1.1.0) (HKLM-x32\...\RadeonPro_is1) (Version:  - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.8 - Rockstar Games)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1144 - Lenovo)
SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.4.152 - SHAREit Technologies Co.Ltd)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Sniper Elite 3 (HKLM-x32\...\{XXXXXXXX-XXXX-XXXX-XXXX-BLACKBOX0005}) (Version: 6.0 - Black Box)
Software Informer 1.5.1324.0 (HKLM\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
Trinklit Supreme (HKLM-x32\...\WTA-04553613-8700-4855-9083-0a8c284fc0d0) (Version: 2.2.0.98 - WildTangent) Hidden
Turbo C++ 3.2 (HKLM-x32\...\{16FEECA3-A0BF-44ED-A894-C0E7B29FAA2B}) (Version: 3.2.2.0 - Turbo C++)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.16 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.64  - Nullsoft, Inc)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinRAR 4.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.2 - win.rar GmbH)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinZip (HKLM-x32\...\WinZip) (Version:  8.1  (4331) - WinZip Computing, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [Protegent] -> {33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} => C:\Program Files\Unistal\Protegent Anti-Virus\op_shell.dll [2015-09-22] (Unistal Systems Pvt. Ltd.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers1: [ASW] -> {33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} => C:\Program Files\Unistal\Protegent Anti-Virus\op_shell.dll [2015-09-22] (Unistal Systems Pvt. Ltd.)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-27] (Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-10-30] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-10-30] ()
ContextMenuHandlers1-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\WZSHLSTB.DLL [2001-11-27] (WinZip Computing, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers4: [ASW] -> {33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} => C:\Program Files\Unistal\Protegent Anti-Virus\op_shell.dll [2015-09-22] (Unistal Systems Pvt. Ltd.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-10-30] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-10-30] ()
ContextMenuHandlers4-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\WZSHLSTB.DLL [2001-11-27] (WinZip Computing, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-07-21] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers6: [ASW] -> {33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} => C:\Program Files\Unistal\Protegent Anti-Virus\op_shell.dll [2015-09-22] (Unistal Systems Pvt. Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-10-30] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-10-30] ()
ContextMenuHandlers6-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\WZSHLSTB.DLL [2001-11-27] (WinZip Computing, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {005F5300-EE64-4A29-BFFB-486C55E51AC7} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-17] (Acer Incorporated)
Task: {04F31979-0A1B-4911-A4AE-5FE9A6E86647} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {08B429BF-11B0-44BE-B779-6EF3CE0F0B7B} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-09-26] (Acer Incorporated)
Task: {0CFD7605-2775-4117-8EE3-F536B0BD0275} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2017-01-25] (Informer Technologies, Inc.)
Task: {11B75F09-2A4E-4D4C-B208-AF2636F07133} - System32\Tasks\CareCenter\StartCCC_Reg_HKLMWow6432Run => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-07-21] (Advanced Micro Devices, Inc.)
Task: {1384BE93-ADB5-46E7-BCDB-B26207908915} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2017-09-28] ()
Task: {16B85DB5-8292-424B-8F81-828850ECA03A} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {265107A4-6185-46AB-B2B2-4B231E1C3EF1} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {29D147B8-EAD8-4E6B-BA48-558AFC110B61} - System32\Tasks\CareCenter\Host App Service_Reg_HKCURun_S-1-5-21-466014504-2981248741-1711811290-1004 => C:\Users\Soham\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2017-09-19] (SweetLabs, Inc) <==== ATTENTION
Task: {2F01545A-5626-4037-8FE1-54BDEC82D370} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-06-22] (AVAST Software)
Task: {38769667-3F5D-4BC1-B201-22DBB5AD488D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {3A5E11B2-A510-4139-99C1-E5806E0C2633} - System32\Tasks\CareCenter\BCSSync_Reg_HKLMWow6432Run => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-01-21] (Microsoft Corporation)
Task: {452B563B-E612-4D73-AADC-FEE56F8383ED} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-10] (Acer Incorporated)
Task: {5682FE4B-1334-4947-9FF5-7266DD54ABD1} - System32\Tasks\CareCenter\RTHDVCPL_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-17] (Realtek Semiconductor)
Task: {57F94101-CE4B-41F6-B1AC-FA14594C1CE9} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-06-22] (AVAST Software)
Task: {5BDCA57B-E9D4-4A54-8590-9AB2FB45F26D} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [2017-04-10] (Oracle Corporation)
Task: {5CD5702A-8BA0-498D-A8C4-BFAB8338B2A6} - System32\Tasks\App Explorer => C:\Users\Soham\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2017-09-19] (SweetLabs, Inc) <==== ATTENTION
Task: {625EDC42-F270-43DD-BC30-1881F0511012} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {89C36DB3-57D8-4C5F-96E7-CB04E546AFAD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {8B592CD7-F74C-436D-B28A-CB91C4D7A8DA} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {923E0D04-FA55-46E8-951F-BE0D9736A7E9} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {A2C9FDBE-9F75-42CF-8E04-8C40079E5ABF} - System32\Tasks\CareCenter\ProtegentMonitor_Reg_HKLMRun => C:\Program Files\Unistal\Protegent Anti-Virus\op_mon.exe [2015-09-22] (Unistal Systems Pvt. Ltd.)
Task: {A5ECCC4B-36A9-45B1-B5A5-1B04120779ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-17] (Adobe Systems Incorporated)
Task: {A8C1E43F-E5FE-40E7-AE47-617305CF2E7A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {B956913A-8E02-4971-8DE5-4CC250FA1767} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {EB073C4B-1EE8-41F2-AF15-2D5838A82630} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2016-06-24] ()
Task: {EC17F64C-B7B4-466F-A566-37E4F24FEC6C} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2017-10-02] (Acer)
Task: {F59AA34B-9AD4-4198-A038-38F081B754E9} - System32\Tasks\CareCenter\Adobe ARM_Reg_HKLMWow6432Run => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {F96F4B92-BE20-4181-B3B3-EC79B5E98279} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2016-06-24] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============
2017-08-06 13:19 - 2013-05-14 15:20 - 000140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-10-04 13:06 - 2017-10-04 13:06 - 000105136 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
2016-06-07 09:43 - 2014-10-21 11:51 - 000241664 _____ () C:\Program Files\Unistal\Protegent Anti-Virus\zlib.dll
2016-06-07 09:43 - 2014-10-21 11:51 - 000403456 _____ () C:\Program Files\Unistal\Protegent Anti-Virus\unrar.dll
2016-06-22 13:10 - 2016-06-22 13:10 - 000592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2017-06-22 17:07 - 2017-06-22 17:07 - 039496704 _____ () C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
2017-06-22 17:07 - 2017-06-22 17:07 - 001721856 _____ () C:\Program Files\MySQL\MySQL Server 5.7\lib\plugin\mysqlx.DLL
2016-06-22 13:07 - 2014-04-18 14:30 - 000239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2016-07-16 17:12 - 2016-07-16 17:12 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-28 17:21 - 2017-09-28 17:21 - 001769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2016-06-24 18:54 - 2016-06-24 18:54 - 004644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2015-07-16 10:10 - 2015-05-08 23:11 - 000111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-11-19 12:23 - 2016-11-19 12:23 - 000959168 _____ () C:\Users\Soham\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2010-01-09 20:17 - 2010-01-09 20:17 - 004254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 008794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-07-16 17:13 - 2016-07-16 19:46 - 001400320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-10-03 20:33 - 2017-10-03 20:33 - 003918848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-07-16 19:50 - 2016-07-16 19:50 - 000017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-07-16 19:50 - 2016-07-16 19:50 - 012473856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-07-16 19:50 - 2016-07-16 19:50 - 000291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 000130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 17:13 - 2016-07-16 17:13 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 17:13 - 2016-07-16 17:13 - 000693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-12-24 14:41 - 2017-10-25 16:47 - 004238432 _____ () C:\Program Files (x86)\BlueStacks\libGLESv2.dll
2017-12-24 14:41 - 2017-10-25 16:47 - 000151136 _____ () C:\Program Files (x86)\BlueStacks\libEGL.dll
2015-09-06 05:35 - 2015-02-09 08:48 - 000124440 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2016-07-16 17:12 - 2016-07-16 17:12 - 000025088 _____ () C:\Windows\System32\GamePanelExternalHook.dll
2016-07-16 17:13 - 2016-07-16 19:46 - 009761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-16 17:13 - 2016-07-16 19:46 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 17:13 - 2016-07-16 19:46 - 001033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-07-16 17:13 - 2016-07-16 19:46 - 002438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-16 17:13 - 2016-07-16 19:46 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-09-22 15:14 - 2017-09-22 15:14 - 000202528 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2017-09-22 15:17 - 2017-09-22 15:17 - 000641312 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2017-09-22 15:17 - 2017-09-22 15:17 - 000654072 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2017-09-22 15:16 - 2017-09-22 15:16 - 000119072 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2017-11-15 20:28 - 2017-11-15 20:28 - 000015136 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2017-09-26 12:35 - 2017-09-26 12:35 - 000013088 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2017-09-26 12:34 - 2017-09-26 12:34 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2017-10-02 14:56 - 2017-10-02 14:56 - 000202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2017-10-02 14:56 - 2017-10-02 14:56 - 000119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2017-12-24 14:39 - 2017-12-18 12:30 - 048935936 _____ () C:\ProgramData\BlueStacks\CefData\libcef.dll
2016-11-19 12:23 - 2016-11-19 12:23 - 000679624 _____ () C:\Users\Soham\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 004254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 008793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\amazon.in -> hxxps://amazon.in
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 16:34 - 2015-07-10 16:32 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Soham\Pictures\vlcsnap-2017-09-24-01h29m01s128.png
DNS Servers: 192.168.42.129
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\StartupApproved\StartupFolder: => "Key.exe"
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\StartupApproved\Run: => "Software Informer"
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\StartupApproved\Run: => "MySQL Notifier"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{F2452853-D0CB-402C-9044-57377B2E34C6}F:\devil may cry-5\binaries\win32\dmc-devilmaycry.exe] => (Block) F:\devil may cry-5\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [TCP Query User{1FED40E5-9543-47DC-AC4C-996970ED81AC}F:\devil may cry-5\binaries\win32\dmc-devilmaycry.exe] => (Block) F:\devil may cry-5\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [{B6F5B467-1EB7-4226-84A6-DF7FE6FFF034}] => (Allow) C:\Users\Soham\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B17E0422-E298-4D8A-AB1B-0CFCF2457952}] => (Allow) C:\Users\Soham\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8291FA48-4733-4712-A0AC-58311D3058C7}] => (Allow) C:\Users\Soham\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{001F4E50-CAD8-46CF-9EF6-0FDC0B2106B6}] => (Allow) C:\Users\Soham\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{56530919-1E19-423F-A89E-906E3878ED60}] => (Allow) C:\Users\Soham\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E2F29FE7-2496-406C-A0C0-CE9D306D8264}] => (Allow) C:\Users\Soham\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{394AC86B-8BD0-4FCD-92CF-D49A558288FA}] => (Allow) D:\Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{797BC46F-E15E-4CC5-9FDA-D1F784BC4855}] => (Allow) D:\Games\FIFA 14\Game\fifa14.exe
FirewallRules: [UDP Query User{79C1B57E-E1B5-4998-967B-9DFAAAA2DB4E}D:\games\assassin's creed iii\ac3sp.exe] => (Allow) D:\games\assassin's creed iii\ac3sp.exe
FirewallRules: [TCP Query User{6700A3A2-DEF8-4CF7-9BC6-387A24AFA33E}D:\games\assassin's creed iii\ac3sp.exe] => (Allow) D:\games\assassin's creed iii\ac3sp.exe
FirewallRules: [UDP Query User{95B5F10F-1832-4E94-B47D-5709156F83F4}D:\games\crysis2\bin32\crysis2.exe] => (Allow) D:\games\crysis2\bin32\crysis2.exe
FirewallRules: [TCP Query User{7DABAB81-DD0F-4093-9E00-4A1F86D76B54}D:\games\crysis2\bin32\crysis2.exe] => (Allow) D:\games\crysis2\bin32\crysis2.exe
FirewallRules: [{82ACF9F3-AF03-426A-9F0E-9BBDFDB1D7A8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{8EFC882F-3878-43F7-A5A6-7B81691667A2}D:\games\skidrow\call of duty - black ops\blackops.exe] => (Block) D:\games\skidrow\call of duty - black ops\blackops.exe
FirewallRules: [TCP Query User{26DE29A3-A162-407F-BEAB-C563F3598D75}D:\games\skidrow\call of duty - black ops\blackops.exe] => (Block) D:\games\skidrow\call of duty - black ops\blackops.exe
FirewallRules: [UDP Query User{C4EF9909-FAC5-4D9B-9665-62C9A12D159C}D:\games\counter-strike global offensive\csgo.exe] => (Block) D:\games\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{6003CC21-8D44-40B8-9475-4F91F540C829}D:\games\counter-strike global offensive\csgo.exe] => (Block) D:\games\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{524BE0C2-0C58-44E4-94A7-4B751759B122}D:\games\counter-strike global offensive\csgo.exe] => (Allow) D:\games\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{9E239A4B-50AF-4297-8002-4EF431CFA61F}D:\games\counter-strike global offensive\csgo.exe] => (Allow) D:\games\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{82E5620F-2D3E-4675-B6C0-570ECD24BC51}D:\games\far cry 4\bin\farcry4.exe] => (Block) D:\games\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{5928520B-288B-4D23-8F0D-6277415F6CE6}D:\games\far cry 4\bin\farcry4.exe] => (Block) D:\games\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{A1158F67-3439-4829-8DCE-E92AFBE4117B}D:\games\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Block) D:\games\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [TCP Query User{02A326EF-CAF6-43E1-A81A-E389C5F7507C}D:\games\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Block) D:\games\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [UDP Query User{1DC0ACAB-BB0F-403A-AE6A-D6ED9986F1E8}D:\games\prototype 2\prototype2.exe] => (Block) D:\games\prototype 2\prototype2.exe
FirewallRules: [TCP Query User{FA1B2B6C-9BCA-4F83-87D8-84FE490B069F}D:\games\prototype 2\prototype2.exe] => (Block) D:\games\prototype 2\prototype2.exe
FirewallRules: [UDP Query User{6D7C624C-4676-4B73-ACE1-497E3BE93017}D:\games\crysis2\bin32\crysis2.exe] => (Block) D:\games\crysis2\bin32\crysis2.exe
FirewallRules: [TCP Query User{01FFAD82-5E3C-41AE-84AC-7EB2522BEE1F}D:\games\crysis2\bin32\crysis2.exe] => (Block) D:\games\crysis2\bin32\crysis2.exe
FirewallRules: [UDP Query User{9315EECB-7B53-424B-92AF-42A908E32DE7}D:\games\blur\blur.exe] => (Allow) D:\games\blur\blur.exe
FirewallRules: [TCP Query User{21476276-828D-4419-98BB-84C063BA8067}D:\games\blur\blur.exe] => (Allow) D:\games\blur\blur.exe
FirewallRules: [UDP Query User{F8C671DA-BB29-4986-89C7-BC1F1EC04C60}D:\games\far cry 3\fc3\far cry 3 nosteam\far cry 3\bin\farcry3.exe] => (Block) D:\games\far cry 3\fc3\far cry 3 nosteam\far cry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{084A0A2B-F7C2-42CB-B55F-3EC6301F6231}D:\games\far cry 3\fc3\far cry 3 nosteam\far cry 3\bin\farcry3.exe] => (Block) D:\games\far cry 3\fc3\far cry 3 nosteam\far cry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{76401739-D00D-4A65-AD38-A9CD2CD0C43A}F:\prototype 2\prototype2.exe] => (Block) F:\prototype 2\prototype2.exe
FirewallRules: [TCP Query User{21BF7468-58A1-42C0-8352-5104FB0C3638}F:\prototype 2\prototype2.exe] => (Block) F:\prototype 2\prototype2.exe
FirewallRules: [UDP Query User{ED0B9324-09AB-4A40-BB16-C0962AE1C598}F:\crysis2\bin32\crysis2.exe] => (Block) F:\crysis2\bin32\crysis2.exe
FirewallRules: [TCP Query User{2C59072B-BA49-4982-AAEB-36D35E2E65A4}F:\crysis2\bin32\crysis2.exe] => (Block) F:\crysis2\bin32\crysis2.exe
FirewallRules: [{BB679E0B-8BA0-4E71-B8CF-D63150DFFEC8}] => (Allow) C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe
FirewallRules: [{6138D33A-156C-490D-8A31-DAF3BEE16C2F}] => (Allow) C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe
FirewallRules: [{DBA8CAE1-CAF8-4326-9903-6242E3971CD3}] => (Allow) C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\Avatar.exe
FirewallRules: [{F9F0A100-C14E-4202-9FCF-110C604F6B1E}] => (Allow) C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\Avatar.exe
FirewallRules: [{88B8C4E9-7D00-4F99-A455-0FEA9AE430FE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{C10A261F-0E72-4CD0-B04F-E06818BEDC1C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{9748494C-523C-4C03-8729-133A678CDEB3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{285F2248-7492-4596-B331-068CD178113F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{E8D0D4A9-80FC-4C1D-8B73-111BCB85E242}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{66EE22AE-512D-4511-8CB4-92D858B85589}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{B6A0FC6B-63B1-44B3-B6A4-2BCDEBE0891E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{890147BC-2571-4562-8D4D-50E0EE8EB446}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A7550866-0D43-468F-BD1B-CBEBFFF855EB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{8CF45759-1D04-462C-84BA-D98575D690B7}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{8236DDDA-516C-4F32-B152-9685AA4B0E35}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{02E45722-CAEF-491A-A60A-9465F44E428F}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{479822EC-631D-4163-BFE6-7772B94A9911}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1DA7AC6B-0061-429A-B767-5EC625558F11}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{595670E6-67A6-41F3-9E1D-CDAED62F47BC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BF57D265-5353-43C5-87F1-4A8265F49020}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B83A7FA4-91FF-4F62-8D26-F05E3D3ED27B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8B08A991-1BB9-4DC2-AD21-B38D7381CB34}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{753FFAF6-6CD6-4169-9407-EC520F3ABEA6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BFDCA33A-9E52-4ADD-9F41-08BEB7C19F9F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{AC000337-1F13-463A-931F-7CA46F131A34}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{319C67AD-3EA8-4B0C-8EE1-240F4AE9CFBD}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{4E2AF8EA-03EC-4582-B3AF-DF1465B4EEAC}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{20F5FA5D-9164-4F7A-8C59-8B00ACF563C9}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{A0451CBC-C734-4DB7-B153-9A7995DF134D}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [TCP Query User{4621CF1E-F695-4170-A672-5B1D0A66E55C}C:\program files (x86)\condition zero - xtreme edition\czero.exe] => (Allow) C:\program files (x86)\condition zero - xtreme edition\czero.exe
FirewallRules: [UDP Query User{E45B8B92-17CC-4487-B7FB-A87CEA0748A3}C:\program files (x86)\condition zero - xtreme edition\czero.exe] => (Allow) C:\program files (x86)\condition zero - xtreme edition\czero.exe
FirewallRules: [{C6762375-D91C-4496-A77F-795A437311B9}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2EEF217A-6352-472C-B894-D44B9D0C5715}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{347F6881-7870-42A3-B261-07143D01169D}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{59CF9488-EB42-49B9-84F8-D414CDC4FD5B}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [{7B4DD62B-AD67-4BA1-94F4-3B84CBC889AC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B7560C3A-6779-42A0-9E13-59C2830061EF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1CDF72D7-3962-40B6-85DF-4ACC0DA6868B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1AF48B2F-8C82-44A8-B3CE-EBBC7FB59C05}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{035A10C9-2A5A-4556-AA46-AC8764D7953E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CAC718BC-1BDE-4603-B8B4-B716CFE92B5B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{FBE12537-BCA6-47B8-AE66-11BF701150B9}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8FBD4729-2706-4918-B46D-3715D940F570}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F130D021-0125-45CE-9BCD-2A63C25F3B7A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3E32A6EE-46A8-4DBE-A0F9-F44E25FA19D7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{80CC5822-38E5-4D05-8F43-2E2A203A5E13}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{D240A00D-4BC9-4C57-878E-3EB12B2A22D0}D:\games\blur\blur.exe] => (Allow) D:\games\blur\blur.exe
FirewallRules: [UDP Query User{07EC2208-5AE8-4CDA-A17A-2BF4942882AC}D:\games\blur\blur.exe] => (Allow) D:\games\blur\blur.exe
FirewallRules: [{8233663F-60EB-4324-9B5B-CF16EE809C75}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{12CF2B90-7F94-42E3-9803-D8D3F740D9F4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0999C805-0BF6-4C89-BAD6-1C7449F10D61}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5AC8CB1D-8DC3-48D1-BBB4-57076578EE95}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F1AF76C3-CC98-427F-AC14-53D4FB7414F3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{91DF6215-FD01-40AD-B04D-588027486DB5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{914CD2D0-06A0-4121-8DA3-ADA10FB1A141}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{08479790-FEBF-4349-8B17-BF8952F8A3CC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A0D9738B-F6F9-4AB2-830C-226EFFA14AB2}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C528228A-B26F-421C-913D-51F0820A5DEB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2CC9CBBE-C3B9-4130-96CA-5875A5964B33}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{ECFDCBC4-0D9F-4610-A6EF-4DFC118CECF4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8A7ACAEF-D2E3-4A16-9C33-4759457037E0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{86586050-F6AD-4018-BF2A-341E708C0C55}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{807633C6-105B-499A-8869-9A74DFAFD37F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{94D79390-7A39-476E-B6FD-6CD4C0D44A08}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4072D606-4F2C-42CA-930B-CE59F5C35C0E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5E9F487E-5D89-43A4-A1EC-F2345BED96F0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{77303298-DFD2-49FD-92FF-435FD8DA9B38}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{763DBC23-1761-46EB-9A39-EE7A50892D3E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BF0B1666-8622-4F64-87F4-CF8BB9134683}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1FD0117A-0DBA-47DD-AC6C-BFA8296BCCCE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{EA2D8706-2B15-4C0C-8C2B-64D045BFAEEF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{E4156FD6-E377-4D23-9F3E-D6613FEE9C8B}C:\users\soham\downloads\shareit\zuk z1\documents\left 4 dead\left4dead.exe] => (Allow) C:\users\soham\downloads\shareit\zuk z1\documents\left 4 dead\left4dead.exe
FirewallRules: [UDP Query User{D3034702-24F0-492F-8F4E-473B916597A5}C:\users\soham\downloads\shareit\zuk z1\documents\left 4 dead\left4dead.exe] => (Allow) C:\users\soham\downloads\shareit\zuk z1\documents\left 4 dead\left4dead.exe
FirewallRules: [{12948543-3699-4D1B-96C6-19AD7B67E734}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{342B79FE-5F6B-45C7-8C66-C85ECF1F04A1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{975811CB-966E-461C-857B-7D5654E5EF69}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E8B9C649-19F9-42D8-AA40-CD60D96F98CD}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{62BFC4A4-4018-44FA-BB74-0CE84CC51F56}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BE1980C1-EF23-46D5-A026-48D08554C7BB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6755CAC7-5D15-428A-9DBF-DBA225843B3F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CFA04469-5AA3-4CF3-B6B6-F4DFE424B744}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0B63A5E0-D36C-486D-B467-57288CC2BD9A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9F4CAA00-F12D-472F-8FD0-20ADEC658D56}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{60DB598D-D382-412F-9053-30A4F2AF4ED0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C9254A8D-81B9-4DF5-A7F6-5CB3C0CB1E7C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9320E501-9D17-4F88-AB95-63A6E089AC4E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{20093493-E39F-4CEA-9EEC-236CB9265B6B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{AA84CA96-955C-4E5C-B264-117BA77154E3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D41796E8-BDDB-44A7-AE1E-A6AEEE1BD39A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7D1BF4B6-49E3-43D5-83CD-9D305A47573C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9F5303AE-5A6B-45BC-B698-A63C4A43E784}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F5EDDEEE-E6FE-40CC-9C73-2458738819EC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{FFC961AD-11C0-49A5-8405-32F51ACC4BF0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{17ED5CA9-7B10-424F-BB51-B10772D94E72}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DED5B8BA-DDC3-4231-9C46-D788D24EBCAF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7A5247FD-635F-49B6-9429-FD49AED0DBF4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{270A7903-19FE-4FD5-9EB8-83D6A1264995}D:\games\call of duty world at war\codwaw.exe] => (Block) D:\games\call of duty world at war\codwaw.exe
FirewallRules: [UDP Query User{6BAFBA4F-D227-4A77-9067-FAC4F6E087B7}D:\games\call of duty world at war\codwaw.exe] => (Block) D:\games\call of duty world at war\codwaw.exe
FirewallRules: [{BB9D90AF-5DCE-4522-BDD5-61CF3B38DA65}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{43008BA2-B9D5-45F9-AA19-A2D1CC33D697}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8CDA9E30-70A7-4B78-91AF-79E663023784}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{649A2ECE-7894-4E37-A6A3-7191110492C1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{AE9993FB-4BF8-4C8A-BDA2-C8D8493FC2FF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{810D1021-6842-4536-B36B-74809C03025B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{21A1977E-A9EB-415F-883B-AA3583F9EF89}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F9C5FF1F-52D5-4B2D-B524-12AD0AC4673C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{622DB5FF-89EB-4706-B8F3-63FF9BCFFE60}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A601FB74-97CD-450F-A9EC-01463330E9E8}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{90CAE99D-5180-48AE-B555-189D018E4678}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{EBE2DBF8-9A80-4294-AD99-18FA1B1C3F5E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CA8E919D-CB1E-4C2C-9B1B-0D5F89E97AC1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A608278B-FDDC-43BC-9CCA-EAEDE60C6D38}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0B8330DC-1C0F-4852-A569-347C8DF65F5B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{852E7C23-7350-49BB-889A-EA63F7EB04E2}D:\games\left 4 dead\left4dead.exe] => (Allow) D:\games\left 4 dead\left4dead.exe
FirewallRules: [UDP Query User{86B52675-814B-4B9B-A2AA-35AD61469A50}D:\games\left 4 dead\left4dead.exe] => (Allow) D:\games\left 4 dead\left4dead.exe
FirewallRules: [{1B02BEB3-6B20-4C26-B105-7EAD2C3C6BC8}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{157305A9-0D7D-4E72-974C-AC366052F1D6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C1AB1057-949F-487B-9B89-E709E319D216}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{92A26EB7-A305-4288-AECA-761AB64C8461}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{54A98A78-0C02-4959-8500-F1D3565F3126}] => (Allow) LPort=3306
FirewallRules: [{908A09E8-6523-46BD-A704-AF536B558777}] => (Allow) LPort=33060
FirewallRules: [{5FFF9435-2B9C-43EF-9419-D501E33F544C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{802C56BA-C823-432F-A2A4-21903D3A2110}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{EC900528-B044-434D-AA3B-1733581FE29B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1B351E61-7278-4454-9924-578649CF952A}] => (Allow) LPort=3306
FirewallRules: [{262C8568-B970-4005-8F11-712A024E102A}] => (Allow) LPort=33060
FirewallRules: [{877E5B7E-82E2-4FEA-84D7-A13CE7ED7FF6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2EA3E76C-CE7C-45BB-8689-CCF23FC3E401}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{05BB3A2B-7074-4B4E-976C-89EF66335519}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{15B63B10-0D8A-4895-9F40-4668C2909196}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2EFA3A8D-1302-485E-A20D-C63FDC097499}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C863F5C6-E71F-48A2-9A79-D6804F3AC4FD}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B118DE83-C509-442C-BF14-F5D518879606}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D299937C-DDD0-4EDF-B593-3D6438CF22C4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3CBD1D84-EC1B-4B31-B055-13A55FBE309F}] => (Allow) D:\Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{EFEBB589-BBDA-4204-9D1B-70734E707442}] => (Allow) D:\Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{E79D988B-3D6A-486F-8630-C2E792D130B3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1BD3F0E9-F35A-42FE-B0D7-6B383AA5F790}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{D239CC7A-BBA2-43A6-A33F-516149184EE4}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{0D94A9F5-FAF6-4C44-886F-60CE6BD8E89A}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [{EF047AE7-E48E-4EC9-891F-0825588C05AD}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9EF0D692-B16D-4927-861B-5D129103A321}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{932D46EA-234D-4CE6-8582-829DE4AF8A18}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{DA960E7E-C49D-4131-9D33-181D18FCD9F8}C:\program files (x86)\valve\hlds.exe] => (Allow) C:\program files (x86)\valve\hlds.exe
FirewallRules: [UDP Query User{7800BF9E-99F6-480C-A2F7-A1F1F6CFD65C}C:\program files (x86)\valve\hlds.exe] => (Allow) C:\program files (x86)\valve\hlds.exe
FirewallRules: [TCP Query User{5EE46D67-40D8-4A3A-B01B-FEDB9D6AC8BF}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{322649DD-C46B-4567-980A-DF4EEC588857}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
FirewallRules: [{EA803ABD-5CB7-4F82-99D3-4BCA3D9350CE}] => (Allow) F:\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{79FB8745-16C9-41C3-978A-9320CDB97B15}] => (Allow) F:\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{AFCAF077-8003-479C-BF1B-7EB05D9A10A0}] => (Allow) F:\Batman - Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{8ADE0E28-05AB-4855-98B9-5623AD195D51}] => (Allow) F:\Batman - Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [TCP Query User{DEFD4258-BEBE-4F60-99C8-A8184112CAFD}D:\games\left 4 dead 2\left 4 dead 2\left 4 dead 2\left4dead2.exe] => (Allow) D:\games\left 4 dead 2\left 4 dead 2\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{3A670800-DD22-4354-8968-BAAE5F8062C4}D:\games\left 4 dead 2\left 4 dead 2\left 4 dead 2\left4dead2.exe] => (Allow) D:\games\left 4 dead 2\left 4 dead 2\left 4 dead 2\left4dead2.exe
FirewallRules: [TCP Query User{7341CFBB-17A0-4690-9565-F862A333294F}F:\call of duty - black ops\blackops.exe] => (Block) F:\call of duty - black ops\blackops.exe
FirewallRules: [UDP Query User{1D57506A-A4DD-420A-AC7A-EE31E02EB6B5}F:\call of duty - black ops\blackops.exe] => (Block) F:\call of duty - black ops\blackops.exe
FirewallRules: [{5793E685-851D-4AF4-81EA-8A08134C59C6}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe
==================== Restore Points =========================
09-12-2017 10:41:19 Configured Counter-Strike 1.6
15-12-2017 11:43:31 Removed Fallout 3
23-12-2017 12:24:20 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (12/25/2017 01:49:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Windows.Media.BackgroundPlayback.exe, version: 10.0.14393.0, time stamp: 0x57899a35
Faulting module name: KERNELBASE.dll, version: 10.0.14393.0, time stamp: 0x57899809
Exception code: 0xc000010a
Fault offset: 0x0000000000017788
Faulting process id: 0x34b0
Faulting application start time: 0x01d37d5452ab7b62
Faulting application path: C:\WINDOWS\System32\Windows.Media.BackgroundPlayback.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: d9084f97-7c87-4b49-a8ca-4316f686a284
Faulting package full name: Microsoft.ZuneMusic_10.16092.10311.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (12/25/2017 01:15:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Windows.Media.BackgroundPlayback.exe, version: 10.0.14393.0, time stamp: 0x57899a35
Faulting module name: combase.dll, version: 10.0.14393.0, time stamp: 0x57899850
Exception code: 0xc0000005
Fault offset: 0x0000000000025eb8
Faulting process id: 0x2c3c
Faulting application start time: 0x01d37d4fc1f739cd
Faulting application path: C:\WINDOWS\System32\Windows.Media.BackgroundPlayback.exe
Faulting module path: C:\WINDOWS\System32\combase.dll
Report Id: 5638d957-1281-4843-aaab-bde5106374a2
Faulting package full name: Microsoft.ZuneMusic_10.16092.10311.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (12/25/2017 01:15:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Windows.Media.BackgroundPlayback.exe, version: 10.0.14393.0, time stamp: 0x57899a35
Faulting module name: KERNELBASE.dll, version: 10.0.14393.0, time stamp: 0x57899809
Exception code: 0xc000010a
Fault offset: 0x0000000000017788
Faulting process id: 0x2c3c
Faulting application start time: 0x01d37d4fc1f739cd
Faulting application path: C:\WINDOWS\System32\Windows.Media.BackgroundPlayback.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: ed100e4a-e5d4-487d-853e-d7fd52c954a2
Faulting package full name: Microsoft.ZuneMusic_10.16092.10311.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (12/25/2017 12:06:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (12/25/2017 12:06:59 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (12/25/2017 12:06:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "MSDTC" in DLL "C:\WINDOWS\system32\msdtcuiu.DLL" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (12/25/2017 12:06:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (12/25/2017 12:06:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "ESENT" in DLL "C:\WINDOWS\system32\esentprf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (12/25/2017 12:06:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (12/25/2017 12:06:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.14393.0, time stamp: 0x578999ab
Faulting module name: dwmcore.dll, version: 10.0.14393.0, time stamp: 0x5789985b
Exception code: 0x88982f04
Fault offset: 0x000000000004af43
Faulting process id: 0x2220
Faulting application start time: 0x01d37c94c1059919
Faulting application path: C:\WINDOWS\system32\dwm.exe
Faulting module path: C:\WINDOWS\system32\dwmcore.dll
Report Id: 479ecc2b-6745-4c83-9336-6f35fac233fb
Faulting package full name:
Faulting package-relative application ID:

System errors:
=============
Error: (12/25/2017 01:10:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/25/2017 11:53:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/25/2017 11:24:05 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/25/2017 07:59:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/24/2017 04:23:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/24/2017 12:54:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/24/2017 12:30:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/24/2017 10:18:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/23/2017 09:42:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/23/2017 09:11:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

CodeIntegrity:
===================================
  Date: 2017-12-13 00:49:45.085
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2017-12-11 21:01:52.104
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2017-12-10 12:39:10.414
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2017-04-03 09:19:44.798
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
  Date: 2017-04-03 09:19:44.722
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================
Processor: AMD A10-7300 Radeon R6, 10 Compute Cores 4C+6G
Percentage of memory in use: 72%
Total physical RAM: 7114.26 MB
Available physical RAM: 1928.2 MB
Total Virtual: 9110.39 MB
Available Virtual: 1472.14 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:200.25 GB) (Free:133.02 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:831.08 GB) (Free:820.63 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:736.08 GB) (Free:692.49 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:95 GB) (Free:83.79 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 8A9EA005)
Partition: GPT.
==================== End of Addition.txt ============================

 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 kiritosoham

kiritosoham
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 25 December 2017 - 03:45 AM

hello there ... well I have put my windows 10 on an udate but its been weeks that its stuck at 0% I don't know whats the problem but the Microsoft support had a link to your website so I just checked it ... and I thought you might help fighre it out...well it dosent show much but just dosent go more than 0%

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-12-2017 01
Ran by Soham (25-12-2017 14:02:13)
Running from C:\Users\Soham\Downloads
Windows 10 Home Single Language Version 1607 (X64) (2016-11-19 06:38:27)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-466014504-2981248741-1711811290-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-466014504-2981248741-1711811290-503 - Limited - Disabled)
Guest (S-1-5-21-466014504-2981248741-1711811290-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-466014504-2981248741-1711811290-1003 - Limited - Enabled)
killbot (S-1-5-21-466014504-2981248741-1711811290-1005 - Limited - Enabled) => C:\Users\killbot
Soham (S-1-5-21-466014504-2981248741-1711811290-1004 - Administrator - Enabled) => C:\Users\Soham
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Protegent Anti-Virus (Disabled - Out of date) {970DB431-5C23-ED6B-8C4B-5DCD23AB1CB9}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Protegent Anti-Virus (Disabled - Out of date) {2C6C55D5-7A19-E2E5-B6FB-66BF582C5604}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
"Batman - Arkham Origins" (HKLM-x32\...\{C0E2E169-E84A-435A-B680-AB7E3BB1F23C}_is1) (Version: 1.0.0.0 - )
"FIFA 14" (HKLM-x32\...\{6049054B-DB11-48E1-A583-9A565D5C8856}_is1) (Version: 1.4.0.0 - )
µTorrent (HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3024 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3006 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
ACP Application (HKLM\...\{82FED5E0-7A6D-5DA9-4310-7FEBD0B22BA8}) (Version: 2.15.30.0019 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe PageMaker 7.0 (HKLM-x32\...\Adobe PageMaker 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop CC by Sidmon (HKLM-x32\...\{B82E1A93-C4B6-462E-A3F9-08B73171A8AD}_is1) (Version: 14.2.1.570 - Adobe Systems Inc.)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Amazon Assistant (HKLM-x32\...\{EDA2A064-F600-47BA-9EBA-58BE807BF6D2}) (Version: 10.17.0926 - Amazon) <==== ATTENTION
AMD Catalyst Install Manager (HKLM\...\{566F2BB3-9031-D010-E31F-BE5D49984768}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
App Explorer (HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\Host App Service) (Version: 0.273.2.371 - SweetLabs)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{34985F59-8F6F-46F4-9AD5-53E2714294D2}) (Version: 3.0.189 - ArcSoft)
Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.01 (HKLM-x32\...\Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.01_is1) (Version: Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.01 - RiP by Fenixx (15.11.2013))
Assassin's Creed III (HKLM-x32\...\Assassin's Creed III_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Assassin's Creed III 1.01 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.01 - Ubisoft)
Assassin's Creed Liberation HD (HKLM-x32\...\Assassin's Creed Liberation HD_is1) (Version:  - )
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.54.65.1755 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version:  - )
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version:  - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM-x32\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Condition Zero - Xtreme Edition Uninstaller (HKLM-x32\...\Condition Zero - Xtreme Edition) (Version: 1.2.0.0 - )
Counter-Strike 1.6 (HKLM-x32\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - )
Counter-Strike Global Offensive [No-Steam] (HKLM-x32\...\Counter-Strike Global Offensive_is1) (Version: 1.32.3.0 - Valve software)
Counter-Strike: Condition Zero v1.0 [FINAL ONE] (HKLM-x32\...\Counter-Strike: Condition Zero) (Version: v1.0 [FINAL ONE] - ibm86@mangalia.astral.ro)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5427.02 - CyberLink Corp.)
Driver San Franisco version 1.0.8.0 (HKLM-x32\...\Driver San Franisco_is1) (Version: 1.0.8.0 - Driver San Franisco RePack By Himanshu dxd)
eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM)
Fallout 3 (HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
Farm to Fork Collector's Edition (HKLM-x32\...\WTA-7dcf93a2-3844-4a62-b1f1-5ae41388a21b) (Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.53.5169 - Gretech Corporation)
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-91a2d1f9-6b63-4b4f-9bfd-a4de9e0c7838) (Version: 3.0.2.59 - WildTangent) Hidden
Grand Theft Auto V version 1.0.573.1 (HKLM-x32\...\{D22681B9-93A5-4EBC-A1DD-A6B2189CBD4D}_is1) (Version: 1.0.573.1 - )
Idea Smart WiFi (HKLM-x32\...\Idea Smart WiFi) (Version: 22.001.22.03.356 - Huawei Technologies Co.,Ltd)
James Cameron's AVATAR™: THE GAME (HKLM-x32\...\{7E19B002-4CA3-4C9F-BA92-91D101B97219}) (Version: 1.01.00 - Ubisoft)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-9e629135-7681-46ea-9323-35aaced88a1a) (Version: 2.2.0.97 - WildTangent) Hidden
KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation)
King Oddball (HKLM-x32\...\WTA-39b7f979-b3da-40cd-90b2-d94c1aca94b2) (Version: 3.0.2.48 - WildTangent) Hidden
Kingo Android ROOT version 1.2.2.1915 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.2.2.1915 - Kingosoft Technology Ltd.)
Metal Gear Solid V Phantom Pain, âåðñèÿ 1.0.0.1 (HKLM-x32\...\Metal Gear Solid V Phantom Pain_is1) (Version: 1.0.0.1 - RePack by SEYTER)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 48.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 en-US)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.0.6051 - Mozilla)
MySQL Connector C++ 1.1.9 (HKLM\...\{C91610F0-0500-4C1D-90DF-B050E2DFD6E9}) (Version: 1.1.9 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{9F9DCBD0-6C06-445C-B407-B2FF16C98B63}) (Version: 5.1.42 - Oracle Corporation)
MySQL Connector Net 6.9.9 (HKLM-x32\...\{E09F82E9-3EB3-4725-BDC8-3C77F83E262C}) (Version: 6.9.9 - Oracle)
MySQL Connector/ODBC 5.3 (HKLM\...\{EB0CFCBD-B0C8-4F0F-ACF4-8B674A19B459}) (Version: 5.3.8 - Oracle Corporation)
MySQL Documents 5.7 (HKLM-x32\...\{8C8CBA1C-D702-4A31-83C4-8E7CC048E9C6}) (Version: 5.7.19 - Oracle Corporation)
MySQL Examples and Samples 5.7 (HKLM-x32\...\{3B5A0B2A-08D3-468E-8033-1AF859A9862B}) (Version: 5.7.19 - Oracle Corporation)
MySQL Installer - Community (HKLM-x32\...\{75C31CA9-8A61-43AD-B653-C4BF5B6BDD1A}) (Version: 1.4.19.0 - Oracle Corporation)
MySQL Notifier 1.1.7 (HKLM-x32\...\{724CDD73-430E-47DA-8F4E-7DF2000BA268}) (Version: 1.1.7 - Oracle)
MySQL Server 5.7 (HKLM\...\{F08E9C75-A42E-4962-8760-4CBD9CF35D7A}) (Version: 5.7.19 - Oracle Corporation)
MySQL Utilities (HKLM\...\{BEDAC2EF-DBA2-4B25-857A-7DF385FA645E}) (Version: 1.6.5 - Oracle Corporation)
NET Framework 3.5 Enabler version 1.0 (HKLM-x32\...\{0BCC2701-8B28-456B-B0AC-D5AB9EEA302A}_is1) (Version: 1.0 - Sidmon, Inc.)
Nullsoft Install System (HKLM-x32\...\NSIS) (Version: 3.0 - )
NVIDIA PhysX (HKLM-x32\...\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}) (Version: 9.13.0725 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{60499BF0-C3D1-40CC-8600-8A7246534466}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Oracle VM VirtualBox 5.1.22 (HKLM\...\{8D5E4D4D-5E0C-4448-B018-5DDEF1E208D9}) (Version: 5.1.22 - Oracle Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Protegent Anti-Virus a13.7 (HKLM\...\Unistal Protegent Anti-Virus_is1) (Version: a13.7 - Unistal Systems Pvt. Ltd.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.55 - Qualcomm Atheros)
RadeonPro 1.0 (Build 1.1.1.0) (HKLM-x32\...\RadeonPro_is1) (Version:  - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.8 - Rockstar Games)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1144 - Lenovo)
SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.4.152 - SHAREit Technologies Co.Ltd)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Sniper Elite 3 (HKLM-x32\...\{XXXXXXXX-XXXX-XXXX-XXXX-BLACKBOX0005}) (Version: 6.0 - Black Box)
Software Informer 1.5.1324.0 (HKLM\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
Trinklit Supreme (HKLM-x32\...\WTA-04553613-8700-4855-9083-0a8c284fc0d0) (Version: 2.2.0.98 - WildTangent) Hidden
Turbo C++ 3.2 (HKLM-x32\...\{16FEECA3-A0BF-44ED-A894-C0E7B29FAA2B}) (Version: 3.2.2.0 - Turbo C++)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.16 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.64  - Nullsoft, Inc)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinRAR 4.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.2 - win.rar GmbH)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinZip (HKLM-x32\...\WinZip) (Version:  8.1  (4331) - WinZip Computing, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [Protegent] -> {33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} => C:\Program Files\Unistal\Protegent Anti-Virus\op_shell.dll [2015-09-22] (Unistal Systems Pvt. Ltd.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers1: [ASW] -> {33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} => C:\Program Files\Unistal\Protegent Anti-Virus\op_shell.dll [2015-09-22] (Unistal Systems Pvt. Ltd.)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-27] (Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-10-30] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-10-30] ()
ContextMenuHandlers1-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\WZSHLSTB.DLL [2001-11-27] (WinZip Computing, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers4: [ASW] -> {33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} => C:\Program Files\Unistal\Protegent Anti-Virus\op_shell.dll [2015-09-22] (Unistal Systems Pvt. Ltd.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-10-30] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-10-30] ()
ContextMenuHandlers4-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\WZSHLSTB.DLL [2001-11-27] (WinZip Computing, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-07-21] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers6: [ASW] -> {33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} => C:\Program Files\Unistal\Protegent Anti-Virus\op_shell.dll [2015-09-22] (Unistal Systems Pvt. Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-10-30] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-10-30] ()
ContextMenuHandlers6-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\WZSHLSTB.DLL [2001-11-27] (WinZip Computing, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {005F5300-EE64-4A29-BFFB-486C55E51AC7} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-17] (Acer Incorporated)
Task: {04F31979-0A1B-4911-A4AE-5FE9A6E86647} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {08B429BF-11B0-44BE-B779-6EF3CE0F0B7B} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-09-26] (Acer Incorporated)
Task: {0CFD7605-2775-4117-8EE3-F536B0BD0275} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2017-01-25] (Informer Technologies, Inc.)
Task: {11B75F09-2A4E-4D4C-B208-AF2636F07133} - System32\Tasks\CareCenter\StartCCC_Reg_HKLMWow6432Run => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-07-21] (Advanced Micro Devices, Inc.)
Task: {1384BE93-ADB5-46E7-BCDB-B26207908915} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2017-09-28] ()
Task: {16B85DB5-8292-424B-8F81-828850ECA03A} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {265107A4-6185-46AB-B2B2-4B231E1C3EF1} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {29D147B8-EAD8-4E6B-BA48-558AFC110B61} - System32\Tasks\CareCenter\Host App Service_Reg_HKCURun_S-1-5-21-466014504-2981248741-1711811290-1004 => C:\Users\Soham\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2017-09-19] (SweetLabs, Inc) <==== ATTENTION
Task: {2F01545A-5626-4037-8FE1-54BDEC82D370} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-06-22] (AVAST Software)
Task: {38769667-3F5D-4BC1-B201-22DBB5AD488D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {3A5E11B2-A510-4139-99C1-E5806E0C2633} - System32\Tasks\CareCenter\BCSSync_Reg_HKLMWow6432Run => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-01-21] (Microsoft Corporation)
Task: {452B563B-E612-4D73-AADC-FEE56F8383ED} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-10] (Acer Incorporated)
Task: {5682FE4B-1334-4947-9FF5-7266DD54ABD1} - System32\Tasks\CareCenter\RTHDVCPL_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-17] (Realtek Semiconductor)
Task: {57F94101-CE4B-41F6-B1AC-FA14594C1CE9} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-06-22] (AVAST Software)
Task: {5BDCA57B-E9D4-4A54-8590-9AB2FB45F26D} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [2017-04-10] (Oracle Corporation)
Task: {5CD5702A-8BA0-498D-A8C4-BFAB8338B2A6} - System32\Tasks\App Explorer => C:\Users\Soham\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2017-09-19] (SweetLabs, Inc) <==== ATTENTION
Task: {625EDC42-F270-43DD-BC30-1881F0511012} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {89C36DB3-57D8-4C5F-96E7-CB04E546AFAD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {8B592CD7-F74C-436D-B28A-CB91C4D7A8DA} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {923E0D04-FA55-46E8-951F-BE0D9736A7E9} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {A2C9FDBE-9F75-42CF-8E04-8C40079E5ABF} - System32\Tasks\CareCenter\ProtegentMonitor_Reg_HKLMRun => C:\Program Files\Unistal\Protegent Anti-Virus\op_mon.exe [2015-09-22] (Unistal Systems Pvt. Ltd.)
Task: {A5ECCC4B-36A9-45B1-B5A5-1B04120779ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-17] (Adobe Systems Incorporated)
Task: {A8C1E43F-E5FE-40E7-AE47-617305CF2E7A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {B956913A-8E02-4971-8DE5-4CC250FA1767} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {EB073C4B-1EE8-41F2-AF15-2D5838A82630} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2016-06-24] ()
Task: {EC17F64C-B7B4-466F-A566-37E4F24FEC6C} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2017-10-02] (Acer)
Task: {F59AA34B-9AD4-4198-A038-38F081B754E9} - System32\Tasks\CareCenter\Adobe ARM_Reg_HKLMWow6432Run => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {F96F4B92-BE20-4181-B3B3-EC79B5E98279} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2016-06-24] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============
2017-08-06 13:19 - 2013-05-14 15:20 - 000140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-10-04 13:06 - 2017-10-04 13:06 - 000105136 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
2016-06-07 09:43 - 2014-10-21 11:51 - 000241664 _____ () C:\Program Files\Unistal\Protegent Anti-Virus\zlib.dll
2016-06-07 09:43 - 2014-10-21 11:51 - 000403456 _____ () C:\Program Files\Unistal\Protegent Anti-Virus\unrar.dll
2016-06-22 13:10 - 2016-06-22 13:10 - 000592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2017-06-22 17:07 - 2017-06-22 17:07 - 039496704 _____ () C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
2017-06-22 17:07 - 2017-06-22 17:07 - 001721856 _____ () C:\Program Files\MySQL\MySQL Server 5.7\lib\plugin\mysqlx.DLL
2016-06-22 13:07 - 2014-04-18 14:30 - 000239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2016-07-16 17:12 - 2016-07-16 17:12 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-28 17:21 - 2017-09-28 17:21 - 001769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2016-06-24 18:54 - 2016-06-24 18:54 - 004644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2015-07-16 10:10 - 2015-05-08 23:11 - 000111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-11-19 12:23 - 2016-11-19 12:23 - 000959168 _____ () C:\Users\Soham\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2010-01-09 20:17 - 2010-01-09 20:17 - 004254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 008794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-07-16 17:13 - 2016-07-16 19:46 - 001400320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-10-03 20:33 - 2017-10-03 20:33 - 003918848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-07-16 19:50 - 2016-07-16 19:50 - 000017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-07-16 19:50 - 2016-07-16 19:50 - 012473856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-07-16 19:50 - 2016-07-16 19:50 - 000291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 000130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 17:13 - 2016-07-16 17:13 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 17:13 - 2016-07-16 17:13 - 000693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-12-24 14:41 - 2017-10-25 16:47 - 004238432 _____ () C:\Program Files (x86)\BlueStacks\libGLESv2.dll
2017-12-24 14:41 - 2017-10-25 16:47 - 000151136 _____ () C:\Program Files (x86)\BlueStacks\libEGL.dll
2015-09-06 05:35 - 2015-02-09 08:48 - 000124440 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2016-07-16 17:12 - 2016-07-16 17:12 - 000025088 _____ () C:\Windows\System32\GamePanelExternalHook.dll
2016-07-16 17:13 - 2016-07-16 19:46 - 009761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-16 17:13 - 2016-07-16 19:46 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 17:13 - 2016-07-16 19:46 - 001033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-07-16 17:13 - 2016-07-16 19:46 - 002438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-16 17:13 - 2016-07-16 19:46 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-09-22 15:14 - 2017-09-22 15:14 - 000202528 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2017-09-22 15:17 - 2017-09-22 15:17 - 000641312 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2017-09-22 15:17 - 2017-09-22 15:17 - 000654072 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2017-09-22 15:16 - 2017-09-22 15:16 - 000119072 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2017-11-15 20:28 - 2017-11-15 20:28 - 000015136 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2017-09-26 12:35 - 2017-09-26 12:35 - 000013088 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2017-09-26 12:34 - 2017-09-26 12:34 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2017-10-02 14:56 - 2017-10-02 14:56 - 000202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2017-10-02 14:56 - 2017-10-02 14:56 - 000119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2017-12-24 14:39 - 2017-12-18 12:30 - 048935936 _____ () C:\ProgramData\BlueStacks\CefData\libcef.dll
2016-11-19 12:23 - 2016-11-19 12:23 - 000679624 _____ () C:\Users\Soham\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 004254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 008793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\amazon.in -> hxxps://amazon.in
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 16:34 - 2015-07-10 16:32 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Soham\Pictures\vlcsnap-2017-09-24-01h29m01s128.png
DNS Servers: 192.168.42.129
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\StartupApproved\StartupFolder: => "Key.exe"
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\StartupApproved\Run: => "Software Informer"
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\StartupApproved\Run: => "MySQL Notifier"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{F2452853-D0CB-402C-9044-57377B2E34C6}F:\devil may cry-5\binaries\win32\dmc-devilmaycry.exe] => (Block) F:\devil may cry-5\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [TCP Query User{1FED40E5-9543-47DC-AC4C-996970ED81AC}F:\devil may cry-5\binaries\win32\dmc-devilmaycry.exe] => (Block) F:\devil may cry-5\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [{B6F5B467-1EB7-4226-84A6-DF7FE6FFF034}] => (Allow) C:\Users\Soham\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B17E0422-E298-4D8A-AB1B-0CFCF2457952}] => (Allow) C:\Users\Soham\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8291FA48-4733-4712-A0AC-58311D3058C7}] => (Allow) C:\Users\Soham\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{001F4E50-CAD8-46CF-9EF6-0FDC0B2106B6}] => (Allow) C:\Users\Soham\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{56530919-1E19-423F-A89E-906E3878ED60}] => (Allow) C:\Users\Soham\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E2F29FE7-2496-406C-A0C0-CE9D306D8264}] => (Allow) C:\Users\Soham\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{394AC86B-8BD0-4FCD-92CF-D49A558288FA}] => (Allow) D:\Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{797BC46F-E15E-4CC5-9FDA-D1F784BC4855}] => (Allow) D:\Games\FIFA 14\Game\fifa14.exe
FirewallRules: [UDP Query User{79C1B57E-E1B5-4998-967B-9DFAAAA2DB4E}D:\games\assassin's creed iii\ac3sp.exe] => (Allow) D:\games\assassin's creed iii\ac3sp.exe
FirewallRules: [TCP Query User{6700A3A2-DEF8-4CF7-9BC6-387A24AFA33E}D:\games\assassin's creed iii\ac3sp.exe] => (Allow) D:\games\assassin's creed iii\ac3sp.exe
FirewallRules: [UDP Query User{95B5F10F-1832-4E94-B47D-5709156F83F4}D:\games\crysis2\bin32\crysis2.exe] => (Allow) D:\games\crysis2\bin32\crysis2.exe
FirewallRules: [TCP Query User{7DABAB81-DD0F-4093-9E00-4A1F86D76B54}D:\games\crysis2\bin32\crysis2.exe] => (Allow) D:\games\crysis2\bin32\crysis2.exe
FirewallRules: [{82ACF9F3-AF03-426A-9F0E-9BBDFDB1D7A8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{8EFC882F-3878-43F7-A5A6-7B81691667A2}D:\games\skidrow\call of duty - black ops\blackops.exe] => (Block) D:\games\skidrow\call of duty - black ops\blackops.exe
FirewallRules: [TCP Query User{26DE29A3-A162-407F-BEAB-C563F3598D75}D:\games\skidrow\call of duty - black ops\blackops.exe] => (Block) D:\games\skidrow\call of duty - black ops\blackops.exe
FirewallRules: [UDP Query User{C4EF9909-FAC5-4D9B-9665-62C9A12D159C}D:\games\counter-strike global offensive\csgo.exe] => (Block) D:\games\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{6003CC21-8D44-40B8-9475-4F91F540C829}D:\games\counter-strike global offensive\csgo.exe] => (Block) D:\games\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{524BE0C2-0C58-44E4-94A7-4B751759B122}D:\games\counter-strike global offensive\csgo.exe] => (Allow) D:\games\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{9E239A4B-50AF-4297-8002-4EF431CFA61F}D:\games\counter-strike global offensive\csgo.exe] => (Allow) D:\games\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{82E5620F-2D3E-4675-B6C0-570ECD24BC51}D:\games\far cry 4\bin\farcry4.exe] => (Block) D:\games\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{5928520B-288B-4D23-8F0D-6277415F6CE6}D:\games\far cry 4\bin\farcry4.exe] => (Block) D:\games\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{A1158F67-3439-4829-8DCE-E92AFBE4117B}D:\games\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Block) D:\games\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [TCP Query User{02A326EF-CAF6-43E1-A81A-E389C5F7507C}D:\games\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe] => (Block) D:\games\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [UDP Query User{1DC0ACAB-BB0F-403A-AE6A-D6ED9986F1E8}D:\games\prototype 2\prototype2.exe] => (Block) D:\games\prototype 2\prototype2.exe
FirewallRules: [TCP Query User{FA1B2B6C-9BCA-4F83-87D8-84FE490B069F}D:\games\prototype 2\prototype2.exe] => (Block) D:\games\prototype 2\prototype2.exe
FirewallRules: [UDP Query User{6D7C624C-4676-4B73-ACE1-497E3BE93017}D:\games\crysis2\bin32\crysis2.exe] => (Block) D:\games\crysis2\bin32\crysis2.exe
FirewallRules: [TCP Query User{01FFAD82-5E3C-41AE-84AC-7EB2522BEE1F}D:\games\crysis2\bin32\crysis2.exe] => (Block) D:\games\crysis2\bin32\crysis2.exe
FirewallRules: [UDP Query User{9315EECB-7B53-424B-92AF-42A908E32DE7}D:\games\blur\blur.exe] => (Allow) D:\games\blur\blur.exe
FirewallRules: [TCP Query User{21476276-828D-4419-98BB-84C063BA8067}D:\games\blur\blur.exe] => (Allow) D:\games\blur\blur.exe
FirewallRules: [UDP Query User{F8C671DA-BB29-4986-89C7-BC1F1EC04C60}D:\games\far cry 3\fc3\far cry 3 nosteam\far cry 3\bin\farcry3.exe] => (Block) D:\games\far cry 3\fc3\far cry 3 nosteam\far cry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{084A0A2B-F7C2-42CB-B55F-3EC6301F6231}D:\games\far cry 3\fc3\far cry 3 nosteam\far cry 3\bin\farcry3.exe] => (Block) D:\games\far cry 3\fc3\far cry 3 nosteam\far cry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{76401739-D00D-4A65-AD38-A9CD2CD0C43A}F:\prototype 2\prototype2.exe] => (Block) F:\prototype 2\prototype2.exe
FirewallRules: [TCP Query User{21BF7468-58A1-42C0-8352-5104FB0C3638}F:\prototype 2\prototype2.exe] => (Block) F:\prototype 2\prototype2.exe
FirewallRules: [UDP Query User{ED0B9324-09AB-4A40-BB16-C0962AE1C598}F:\crysis2\bin32\crysis2.exe] => (Block) F:\crysis2\bin32\crysis2.exe
FirewallRules: [TCP Query User{2C59072B-BA49-4982-AAEB-36D35E2E65A4}F:\crysis2\bin32\crysis2.exe] => (Block) F:\crysis2\bin32\crysis2.exe
FirewallRules: [{BB679E0B-8BA0-4E71-B8CF-D63150DFFEC8}] => (Allow) C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe
FirewallRules: [{6138D33A-156C-490D-8A31-DAF3BEE16C2F}] => (Allow) C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe
FirewallRules: [{DBA8CAE1-CAF8-4326-9903-6242E3971CD3}] => (Allow) C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\Avatar.exe
FirewallRules: [{F9F0A100-C14E-4202-9FCF-110C604F6B1E}] => (Allow) C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\Avatar.exe
FirewallRules: [{88B8C4E9-7D00-4F99-A455-0FEA9AE430FE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{C10A261F-0E72-4CD0-B04F-E06818BEDC1C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{9748494C-523C-4C03-8729-133A678CDEB3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{285F2248-7492-4596-B331-068CD178113F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{E8D0D4A9-80FC-4C1D-8B73-111BCB85E242}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{66EE22AE-512D-4511-8CB4-92D858B85589}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{B6A0FC6B-63B1-44B3-B6A4-2BCDEBE0891E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{890147BC-2571-4562-8D4D-50E0EE8EB446}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A7550866-0D43-468F-BD1B-CBEBFFF855EB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{8CF45759-1D04-462C-84BA-D98575D690B7}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{8236DDDA-516C-4F32-B152-9685AA4B0E35}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{02E45722-CAEF-491A-A60A-9465F44E428F}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{479822EC-631D-4163-BFE6-7772B94A9911}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1DA7AC6B-0061-429A-B767-5EC625558F11}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{595670E6-67A6-41F3-9E1D-CDAED62F47BC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BF57D265-5353-43C5-87F1-4A8265F49020}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B83A7FA4-91FF-4F62-8D26-F05E3D3ED27B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8B08A991-1BB9-4DC2-AD21-B38D7381CB34}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{753FFAF6-6CD6-4169-9407-EC520F3ABEA6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BFDCA33A-9E52-4ADD-9F41-08BEB7C19F9F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{AC000337-1F13-463A-931F-7CA46F131A34}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{319C67AD-3EA8-4B0C-8EE1-240F4AE9CFBD}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{4E2AF8EA-03EC-4582-B3AF-DF1465B4EEAC}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{20F5FA5D-9164-4F7A-8C59-8B00ACF563C9}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{A0451CBC-C734-4DB7-B153-9A7995DF134D}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [TCP Query User{4621CF1E-F695-4170-A672-5B1D0A66E55C}C:\program files (x86)\condition zero - xtreme edition\czero.exe] => (Allow) C:\program files (x86)\condition zero - xtreme edition\czero.exe
FirewallRules: [UDP Query User{E45B8B92-17CC-4487-B7FB-A87CEA0748A3}C:\program files (x86)\condition zero - xtreme edition\czero.exe] => (Allow) C:\program files (x86)\condition zero - xtreme edition\czero.exe
FirewallRules: [{C6762375-D91C-4496-A77F-795A437311B9}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2EEF217A-6352-472C-B894-D44B9D0C5715}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{347F6881-7870-42A3-B261-07143D01169D}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{59CF9488-EB42-49B9-84F8-D414CDC4FD5B}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [{7B4DD62B-AD67-4BA1-94F4-3B84CBC889AC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B7560C3A-6779-42A0-9E13-59C2830061EF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1CDF72D7-3962-40B6-85DF-4ACC0DA6868B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1AF48B2F-8C82-44A8-B3CE-EBBC7FB59C05}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{035A10C9-2A5A-4556-AA46-AC8764D7953E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CAC718BC-1BDE-4603-B8B4-B716CFE92B5B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{FBE12537-BCA6-47B8-AE66-11BF701150B9}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8FBD4729-2706-4918-B46D-3715D940F570}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F130D021-0125-45CE-9BCD-2A63C25F3B7A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3E32A6EE-46A8-4DBE-A0F9-F44E25FA19D7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{80CC5822-38E5-4D05-8F43-2E2A203A5E13}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{D240A00D-4BC9-4C57-878E-3EB12B2A22D0}D:\games\blur\blur.exe] => (Allow) D:\games\blur\blur.exe
FirewallRules: [UDP Query User{07EC2208-5AE8-4CDA-A17A-2BF4942882AC}D:\games\blur\blur.exe] => (Allow) D:\games\blur\blur.exe
FirewallRules: [{8233663F-60EB-4324-9B5B-CF16EE809C75}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{12CF2B90-7F94-42E3-9803-D8D3F740D9F4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0999C805-0BF6-4C89-BAD6-1C7449F10D61}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5AC8CB1D-8DC3-48D1-BBB4-57076578EE95}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F1AF76C3-CC98-427F-AC14-53D4FB7414F3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{91DF6215-FD01-40AD-B04D-588027486DB5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{914CD2D0-06A0-4121-8DA3-ADA10FB1A141}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{08479790-FEBF-4349-8B17-BF8952F8A3CC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A0D9738B-F6F9-4AB2-830C-226EFFA14AB2}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C528228A-B26F-421C-913D-51F0820A5DEB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2CC9CBBE-C3B9-4130-96CA-5875A5964B33}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{ECFDCBC4-0D9F-4610-A6EF-4DFC118CECF4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8A7ACAEF-D2E3-4A16-9C33-4759457037E0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{86586050-F6AD-4018-BF2A-341E708C0C55}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{807633C6-105B-499A-8869-9A74DFAFD37F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{94D79390-7A39-476E-B6FD-6CD4C0D44A08}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4072D606-4F2C-42CA-930B-CE59F5C35C0E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5E9F487E-5D89-43A4-A1EC-F2345BED96F0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{77303298-DFD2-49FD-92FF-435FD8DA9B38}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{763DBC23-1761-46EB-9A39-EE7A50892D3E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BF0B1666-8622-4F64-87F4-CF8BB9134683}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1FD0117A-0DBA-47DD-AC6C-BFA8296BCCCE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{EA2D8706-2B15-4C0C-8C2B-64D045BFAEEF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{E4156FD6-E377-4D23-9F3E-D6613FEE9C8B}C:\users\soham\downloads\shareit\zuk z1\documents\left 4 dead\left4dead.exe] => (Allow) C:\users\soham\downloads\shareit\zuk z1\documents\left 4 dead\left4dead.exe
FirewallRules: [UDP Query User{D3034702-24F0-492F-8F4E-473B916597A5}C:\users\soham\downloads\shareit\zuk z1\documents\left 4 dead\left4dead.exe] => (Allow) C:\users\soham\downloads\shareit\zuk z1\documents\left 4 dead\left4dead.exe
FirewallRules: [{12948543-3699-4D1B-96C6-19AD7B67E734}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{342B79FE-5F6B-45C7-8C66-C85ECF1F04A1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{975811CB-966E-461C-857B-7D5654E5EF69}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E8B9C649-19F9-42D8-AA40-CD60D96F98CD}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{62BFC4A4-4018-44FA-BB74-0CE84CC51F56}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BE1980C1-EF23-46D5-A026-48D08554C7BB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6755CAC7-5D15-428A-9DBF-DBA225843B3F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CFA04469-5AA3-4CF3-B6B6-F4DFE424B744}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0B63A5E0-D36C-486D-B467-57288CC2BD9A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9F4CAA00-F12D-472F-8FD0-20ADEC658D56}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{60DB598D-D382-412F-9053-30A4F2AF4ED0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C9254A8D-81B9-4DF5-A7F6-5CB3C0CB1E7C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9320E501-9D17-4F88-AB95-63A6E089AC4E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{20093493-E39F-4CEA-9EEC-236CB9265B6B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{AA84CA96-955C-4E5C-B264-117BA77154E3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D41796E8-BDDB-44A7-AE1E-A6AEEE1BD39A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7D1BF4B6-49E3-43D5-83CD-9D305A47573C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9F5303AE-5A6B-45BC-B698-A63C4A43E784}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F5EDDEEE-E6FE-40CC-9C73-2458738819EC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{FFC961AD-11C0-49A5-8405-32F51ACC4BF0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{17ED5CA9-7B10-424F-BB51-B10772D94E72}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DED5B8BA-DDC3-4231-9C46-D788D24EBCAF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7A5247FD-635F-49B6-9429-FD49AED0DBF4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{270A7903-19FE-4FD5-9EB8-83D6A1264995}D:\games\call of duty world at war\codwaw.exe] => (Block) D:\games\call of duty world at war\codwaw.exe
FirewallRules: [UDP Query User{6BAFBA4F-D227-4A77-9067-FAC4F6E087B7}D:\games\call of duty world at war\codwaw.exe] => (Block) D:\games\call of duty world at war\codwaw.exe
FirewallRules: [{BB9D90AF-5DCE-4522-BDD5-61CF3B38DA65}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{43008BA2-B9D5-45F9-AA19-A2D1CC33D697}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8CDA9E30-70A7-4B78-91AF-79E663023784}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{649A2ECE-7894-4E37-A6A3-7191110492C1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{AE9993FB-4BF8-4C8A-BDA2-C8D8493FC2FF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{810D1021-6842-4536-B36B-74809C03025B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{21A1977E-A9EB-415F-883B-AA3583F9EF89}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F9C5FF1F-52D5-4B2D-B524-12AD0AC4673C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{622DB5FF-89EB-4706-B8F3-63FF9BCFFE60}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A601FB74-97CD-450F-A9EC-01463330E9E8}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{90CAE99D-5180-48AE-B555-189D018E4678}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{EBE2DBF8-9A80-4294-AD99-18FA1B1C3F5E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CA8E919D-CB1E-4C2C-9B1B-0D5F89E97AC1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A608278B-FDDC-43BC-9CCA-EAEDE60C6D38}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0B8330DC-1C0F-4852-A569-347C8DF65F5B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{852E7C23-7350-49BB-889A-EA63F7EB04E2}D:\games\left 4 dead\left4dead.exe] => (Allow) D:\games\left 4 dead\left4dead.exe
FirewallRules: [UDP Query User{86B52675-814B-4B9B-A2AA-35AD61469A50}D:\games\left 4 dead\left4dead.exe] => (Allow) D:\games\left 4 dead\left4dead.exe
FirewallRules: [{1B02BEB3-6B20-4C26-B105-7EAD2C3C6BC8}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{157305A9-0D7D-4E72-974C-AC366052F1D6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C1AB1057-949F-487B-9B89-E709E319D216}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{92A26EB7-A305-4288-AECA-761AB64C8461}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{54A98A78-0C02-4959-8500-F1D3565F3126}] => (Allow) LPort=3306
FirewallRules: [{908A09E8-6523-46BD-A704-AF536B558777}] => (Allow) LPort=33060
FirewallRules: [{5FFF9435-2B9C-43EF-9419-D501E33F544C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{802C56BA-C823-432F-A2A4-21903D3A2110}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{EC900528-B044-434D-AA3B-1733581FE29B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1B351E61-7278-4454-9924-578649CF952A}] => (Allow) LPort=3306
FirewallRules: [{262C8568-B970-4005-8F11-712A024E102A}] => (Allow) LPort=33060
FirewallRules: [{877E5B7E-82E2-4FEA-84D7-A13CE7ED7FF6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2EA3E76C-CE7C-45BB-8689-CCF23FC3E401}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{05BB3A2B-7074-4B4E-976C-89EF66335519}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{15B63B10-0D8A-4895-9F40-4668C2909196}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2EFA3A8D-1302-485E-A20D-C63FDC097499}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C863F5C6-E71F-48A2-9A79-D6804F3AC4FD}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B118DE83-C509-442C-BF14-F5D518879606}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D299937C-DDD0-4EDF-B593-3D6438CF22C4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3CBD1D84-EC1B-4B31-B055-13A55FBE309F}] => (Allow) D:\Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{EFEBB589-BBDA-4204-9D1B-70734E707442}] => (Allow) D:\Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{E79D988B-3D6A-486F-8630-C2E792D130B3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1BD3F0E9-F35A-42FE-B0D7-6B383AA5F790}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{D239CC7A-BBA2-43A6-A33F-516149184EE4}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{0D94A9F5-FAF6-4C44-886F-60CE6BD8E89A}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [{EF047AE7-E48E-4EC9-891F-0825588C05AD}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9EF0D692-B16D-4927-861B-5D129103A321}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{932D46EA-234D-4CE6-8582-829DE4AF8A18}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{DA960E7E-C49D-4131-9D33-181D18FCD9F8}C:\program files (x86)\valve\hlds.exe] => (Allow) C:\program files (x86)\valve\hlds.exe
FirewallRules: [UDP Query User{7800BF9E-99F6-480C-A2F7-A1F1F6CFD65C}C:\program files (x86)\valve\hlds.exe] => (Allow) C:\program files (x86)\valve\hlds.exe
FirewallRules: [TCP Query User{5EE46D67-40D8-4A3A-B01B-FEDB9D6AC8BF}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{322649DD-C46B-4567-980A-DF4EEC588857}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
FirewallRules: [{EA803ABD-5CB7-4F82-99D3-4BCA3D9350CE}] => (Allow) F:\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{79FB8745-16C9-41C3-978A-9320CDB97B15}] => (Allow) F:\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{AFCAF077-8003-479C-BF1B-7EB05D9A10A0}] => (Allow) F:\Batman - Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{8ADE0E28-05AB-4855-98B9-5623AD195D51}] => (Allow) F:\Batman - Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [TCP Query User{DEFD4258-BEBE-4F60-99C8-A8184112CAFD}D:\games\left 4 dead 2\left 4 dead 2\left 4 dead 2\left4dead2.exe] => (Allow) D:\games\left 4 dead 2\left 4 dead 2\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{3A670800-DD22-4354-8968-BAAE5F8062C4}D:\games\left 4 dead 2\left 4 dead 2\left 4 dead 2\left4dead2.exe] => (Allow) D:\games\left 4 dead 2\left 4 dead 2\left 4 dead 2\left4dead2.exe
FirewallRules: [TCP Query User{7341CFBB-17A0-4690-9565-F862A333294F}F:\call of duty - black ops\blackops.exe] => (Block) F:\call of duty - black ops\blackops.exe
FirewallRules: [UDP Query User{1D57506A-A4DD-420A-AC7A-EE31E02EB6B5}F:\call of duty - black ops\blackops.exe] => (Block) F:\call of duty - black ops\blackops.exe
FirewallRules: [{5793E685-851D-4AF4-81EA-8A08134C59C6}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe
==================== Restore Points =========================
09-12-2017 10:41:19 Configured Counter-Strike 1.6
15-12-2017 11:43:31 Removed Fallout 3
23-12-2017 12:24:20 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (12/25/2017 01:49:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Windows.Media.BackgroundPlayback.exe, version: 10.0.14393.0, time stamp: 0x57899a35
Faulting module name: KERNELBASE.dll, version: 10.0.14393.0, time stamp: 0x57899809
Exception code: 0xc000010a
Fault offset: 0x0000000000017788
Faulting process id: 0x34b0
Faulting application start time: 0x01d37d5452ab7b62
Faulting application path: C:\WINDOWS\System32\Windows.Media.BackgroundPlayback.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: d9084f97-7c87-4b49-a8ca-4316f686a284
Faulting package full name: Microsoft.ZuneMusic_10.16092.10311.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (12/25/2017 01:15:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Windows.Media.BackgroundPlayback.exe, version: 10.0.14393.0, time stamp: 0x57899a35
Faulting module name: combase.dll, version: 10.0.14393.0, time stamp: 0x57899850
Exception code: 0xc0000005
Fault offset: 0x0000000000025eb8
Faulting process id: 0x2c3c
Faulting application start time: 0x01d37d4fc1f739cd
Faulting application path: C:\WINDOWS\System32\Windows.Media.BackgroundPlayback.exe
Faulting module path: C:\WINDOWS\System32\combase.dll
Report Id: 5638d957-1281-4843-aaab-bde5106374a2
Faulting package full name: Microsoft.ZuneMusic_10.16092.10311.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (12/25/2017 01:15:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Windows.Media.BackgroundPlayback.exe, version: 10.0.14393.0, time stamp: 0x57899a35
Faulting module name: KERNELBASE.dll, version: 10.0.14393.0, time stamp: 0x57899809
Exception code: 0xc000010a
Fault offset: 0x0000000000017788
Faulting process id: 0x2c3c
Faulting application start time: 0x01d37d4fc1f739cd
Faulting application path: C:\WINDOWS\System32\Windows.Media.BackgroundPlayback.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: ed100e4a-e5d4-487d-853e-d7fd52c954a2
Faulting package full name: Microsoft.ZuneMusic_10.16092.10311.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (12/25/2017 12:06:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (12/25/2017 12:06:59 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (12/25/2017 12:06:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "MSDTC" in DLL "C:\WINDOWS\system32\msdtcuiu.DLL" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (12/25/2017 12:06:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (12/25/2017 12:06:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "ESENT" in DLL "C:\WINDOWS\system32\esentprf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (12/25/2017 12:06:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (12/25/2017 12:06:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.14393.0, time stamp: 0x578999ab
Faulting module name: dwmcore.dll, version: 10.0.14393.0, time stamp: 0x5789985b
Exception code: 0x88982f04
Fault offset: 0x000000000004af43
Faulting process id: 0x2220
Faulting application start time: 0x01d37c94c1059919
Faulting application path: C:\WINDOWS\system32\dwm.exe
Faulting module path: C:\WINDOWS\system32\dwmcore.dll
Report Id: 479ecc2b-6745-4c83-9336-6f35fac233fb
Faulting package full name:
Faulting package-relative application ID:

System errors:
=============
Error: (12/25/2017 01:10:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/25/2017 11:53:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/25/2017 11:24:05 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/25/2017 07:59:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/24/2017 04:23:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/24/2017 12:54:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/24/2017 12:30:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/24/2017 10:18:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/23/2017 09:42:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/23/2017 09:11:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

CodeIntegrity:
===================================
  Date: 2017-12-13 00:49:45.085
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2017-12-11 21:01:52.104
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2017-12-10 12:39:10.414
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2017-04-03 09:19:44.798
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
  Date: 2017-04-03 09:19:44.722
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================
Processor: AMD A10-7300 Radeon R6, 10 Compute Cores 4C+6G
Percentage of memory in use: 72%
Total physical RAM: 7114.26 MB
Available physical RAM: 1928.2 MB
Total Virtual: 9110.39 MB
Available Virtual: 1472.14 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:200.25 GB) (Free:133.02 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:831.08 GB) (Free:820.63 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:736.08 GB) (Free:692.49 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:95 GB) (Free:83.79 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 8A9EA005)
Partition: GPT.
==================== End of Addition.txt ============================
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-12-2017 01
Ran by Soham (administrator) on SOHAM (25-12-2017 13:57:23)
Running from C:\Users\Soham\Downloads
Loaded Profiles: Soham (Available Profiles: Soham & killbot & Administrator)
Platform: Windows 10 Home Single Language Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(Mr. John aka japamd) C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Unistal Systems Pvt. Ltd.) C:\Program Files\Unistal\Protegent Anti-Virus\acs.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Unistal Systems Pvt. Ltd.) C:\Program Files\Unistal\Protegent Anti-Virus\op_mon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(BlueStack Systems, Inc.) C:\ProgramData\BlueStacks\Client\Bluestacks.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Player.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Bluestack System Inc. ) C:\Program Files (x86)\BlueStacks\BstkSVC.exe
(BlueStack Systems, Inc.) C:\ProgramData\BlueStacks\Client\Bluestacks.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\bcastdvr.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\GamePanel.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16152792 2015-07-17] (Realtek Semiconductor)
HKLM\...\Run: [ProtegentMonitor] => C:\Program Files\Unistal\Protegent Anti-Virus\op_mon.exe [4948432 2015-09-22] (Unistal Systems Pvt. Ltd.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2017-09-28] ()
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1657856 2017-01-25] (Informer Technologies, Inc.)
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation)
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\MountPoints2: {50170e75-45e1-11e6-9bf8-b886872b8601} - "H:\Setup.exe" /Auto
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\MountPoints2: {64807659-60a2-11e7-9c8f-b886872b8601} - "I:\setup.exe"
AppInit_DLLs: c:\progra~1\unistal\proteg~1\wl_hoo~1.dll => c:\Program Files\Unistal\Protegent Anti-Virus\wl_hook64.dll [1415168 2015-09-22] (Unistal Systems Pvt. Ltd.)
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{12e02d91-4fe2-457b-a4a6-1b17d05b249e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{82f4b845-dd2e-4ad0-82f0-2e4f2a59a3e8}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{88026f9c-1725-46da-989e-811ebc02275b}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{dca3ce53-4361-4390-adcc-724c82d32c45}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{e1deb7ec-140c-40cf-ae6c-3fbe132dda5e}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKU\S-1-5-21-466014504-2981248741-1711811290-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://in.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://in.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-466014504-2981248741-1711811290-1004 -> DefaultScope {43312F50-7EE8-49E9-BB77-31FF772BB7A6} URL =
SearchScopes: HKU\S-1-5-21-466014504-2981248741-1711811290-1004 -> {102FB332-88A3-11E6-9C1F-F0761CCAD919} URL = hxxps://www.bing.com/search?pc=cosp&ptag=AB59A10D666&form=CONBDF&conlogo=CT3210127&q={searchTerms}
SearchScopes: HKU\S-1-5-21-466014504-2981248741-1711811290-1004 -> {3707D511-AE1D-11E6-9C35-F0761CCAD919} URL = hxxps://www.bing.com/search?pc=cosp&ptag=AB59A10D666&form=CONBDF&conlogo=CT3210127&q={searchTerms}
SearchScopes: HKU\S-1-5-21-466014504-2981248741-1711811290-1004 -> {43312F50-7EE8-49E9-BB77-31FF772BB7A6} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-22] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-22] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Soham\AppData\Roaming\Mozilla\Firefox\Profiles\2wymc7s0.default [2017-12-25]
FF Homepage: Mozilla\Firefox\Profiles\2wymc7s0.default -> hxxps://search-startpage.com/?s=acer&m=start&brw=ff
FF SearchPlugin: C:\Users\Soham\AppData\Roaming\Mozilla\Firefox\Profiles\2wymc7s0.default\searchplugins\Search Start Page.xml [2016-11-21]
FF SearchPlugin: C:\Users\Soham\AppData\Roaming\Mozilla\Firefox\Profiles\2wymc7s0.default\searchplugins\Start Search.xml [2016-11-21]
FF SearchPlugin: C:\Users\Soham\AppData\Roaming\Mozilla\Firefox\Profiles\2wymc7s0.default\searchplugins\Web Search.xml [2016-10-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-17] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-17] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.)
R2 acssrv; C:\Program Files\Unistal\Protegent Anti-Virus\acs.exe [3413232 2015-09-22] (Unistal Systems Pvt. Ltd.)
R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2017-10-04] ()
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-07-21] (Advanced Micro Devices) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-06-29] (Windows ® Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278688 2017-09-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-15] (WildTangent)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-04-18] ()
R2 MYSQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [39496704 2017-06-22] () [File not signed]
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [395616 2015-07-17] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-17] (Acer Incorporated)
R2 RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [20608 2013-11-04] (Mr. John aka japamd) [File not signed]
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-06-22] ()
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [33224 2016-04-15] (SHAREit Technologies Co.Ltd)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2016-09-23] (SHAREit Technologies Co.Ltd)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 afw; C:\WINDOWS\system32\DRIVERS\afw.sys [52904 2015-07-21] (Agnitum Ltd.)
S3 afwcore; C:\WINDOWS\System32\drivers\afwcore.sys [465072 2015-07-21] (Agnitum Ltd.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2017-12-17] (Bluestack System Inc. )
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2015-07-17] (Acer Incorporated)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2015-07-17] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
R1 SandBox; C:\Windows\system32\drivers\SandBox64.sys [1704936 2015-08-07] (Agnitum Ltd.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-08-13] (Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [47784 2015-07-29] (Synaptics Incorporated)
R3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2016-07-16] (Microsoft Corporation)
U3 VBCoreNT.0; C:\WINDOWS\System32\Filt\tmp\8wwd60ew.vbt [2193008 2017-12-21] (Agnitum Ltd.)
R3 VBEngNT; C:\Windows\system32\drivers\VBEngNT.sys [329952 2015-07-24] (Agnitum Ltd.)
R3 VBFilt; C:\Windows\system32\Filt\VBFilt64.dll [95104 2015-07-24] (Agnitum Ltd.)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [205952 2017-04-28] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 OSFMount; \??\D:\Games\Counter-Strike Global Offensive\image\x64\OSFMount.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-25 13:57 - 2017-12-25 13:58 - 000019168 _____ C:\Users\Soham\Downloads\FRST.txt
2017-12-25 13:57 - 2017-12-25 13:57 - 000000000 ____D C:\FRST
2017-12-25 13:54 - 2017-12-25 13:57 - 002392064 _____ (Farbar) C:\Users\Soham\Downloads\FRST64.exe
2017-12-24 23:27 - 2017-12-24 23:28 - 000000000 ____D C:\Users\Soham\Desktop\BlueStacksBackup_2145243568
2017-12-24 15:21 - 2017-12-24 15:24 - 000000000 ____D C:\Users\Soham\Desktop\New folder (2)
2017-12-24 14:46 - 2017-12-24 14:47 - 031793465 _____ C:\Users\Soham\Downloads\G-Eazy & Halsey - Him & I (Official Video).mp4
2017-12-24 14:43 - 2017-12-24 14:46 - 050122903 _____ C:\Users\Soham\Downloads\The Chainsmokers, Skrillex ft. Halsey - Kiss Me Slowly (Official Music Video).mp4
2017-12-24 14:43 - 2017-12-24 14:43 - 000000000 ____D C:\Users\Soham\AppData\Local\CEF
2017-12-24 14:43 - 2017-12-24 14:42 - 000001521 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2017-12-24 14:42 - 2017-12-24 14:42 - 000001521 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2017-12-24 14:40 - 2017-12-24 14:42 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2017-12-24 14:39 - 2017-12-24 14:43 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2017-12-24 14:39 - 2017-12-24 14:41 - 000000000 ____D C:\Users\Soham\AppData\Local\Bluestacks
2017-12-24 14:23 - 2017-12-24 14:38 - 275584208 _____ (BlueStack Systems Inc.) C:\Users\Soham\Downloads\BlueStacks-Installer_BS3_native.exe
2017-12-21 09:22 - 2017-12-25 13:57 - 000003068 _____ C:\WINDOWS\system32\config\rules.rdb
2017-12-15 11:48 - 2017-12-15 11:48 - 000000000 ____D C:\Users\Soham\AppData\Roaming\InstallShield Installation Information
2017-12-15 11:45 - 2017-12-15 11:45 - 000000000 ____D C:\Users\Soham\Documents\Assassin's Creed Liberation HD
2017-12-15 11:45 - 2017-12-15 11:45 - 000000000 ____D C:\Saves
2017-12-15 00:52 - 2017-12-15 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2017-12-14 22:03 - 2017-12-14 22:03 - 000000000 ____D C:\Users\Soham\Documents\Square Enix
2017-12-14 19:22 - 2017-12-14 19:22 - 000000000 ____D C:\Users\Soham\Documents\Assassin's Creed Rogue
2017-12-14 19:22 - 2017-12-14 19:22 - 000000000 ____D C:\Users\Soham\AppData\Roaming\uplay
2017-12-12 13:06 - 2017-12-15 11:40 - 000000000 ____D C:\Users\Soham\AppData\Local\Fallout3
2017-12-12 10:51 - 2017-12-12 10:51 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
2017-12-11 05:44 - 2017-12-11 05:44 - 000000000 ____D C:\Users\Soham\Documents\WB Games
2017-12-11 01:51 - 2017-12-11 01:51 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-12-11 01:51 - 2017-12-11 01:51 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2017-12-11 01:49 - 2017-12-11 01:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Batman - Arkham Origins
2017-12-11 00:35 - 2017-12-11 00:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2017-12-10 23:03 - 2017-12-10 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-12-10 22:22 - 2017-12-10 22:22 - 000000000 ____D C:\Users\Soham\Documents\FeedbackHub
2017-12-10 21:21 - 2017-12-10 21:21 - 000000000 ____D C:\Users\Soham\Documents\Rockstar Games
2017-12-10 21:21 - 2017-12-10 21:21 - 000000000 ____D C:\Users\Soham\AppData\Local\Rockstar Games
2017-12-10 21:21 - 2017-12-10 21:21 - 000000000 ____D C:\ProgramData\Socialclub
2017-12-10 14:06 - 2017-12-10 14:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V
2017-12-10 10:55 - 2017-12-10 21:08 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2017-12-10 10:52 - 2017-12-10 21:08 - 000000000 ____D C:\Program Files\Rockstar Games
2017-12-09 10:46 - 2017-12-09 10:46 - 000592131 _____ C:\WINDOWS\Condition Zero - Xtreme Edition Uninstaller.exe
2017-12-09 10:43 - 2017-01-29 16:50 - 000682497 _____ C:\WINDOWS\Condition Zero - Xtreme Edition Uninstaller.exe.bak
2017-12-09 10:38 - 2017-12-09 10:38 - 000000000 ____D C:\Users\Soham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Condition Zero
2017-12-04 17:05 - 2017-12-04 17:05 - 000000000 ____D C:\Users\Soham\AppData\Local\UNP
2017-12-03 21:30 - 2017-12-23 00:26 - 000000000 ____D C:\Users\Soham\Desktop\sa
2017-12-03 21:25 - 2017-12-24 15:22 - 000000000 ____D C:\Users\Soham\Desktop\fiitjee
2017-12-01 23:23 - 2017-12-02 00:01 - 096382723 _____ C:\Users\Soham\Downloads\My-Hero-Academia-2nd-Season-Episode-21.mp4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-25 13:49 - 2016-06-23 11:41 - 000000000 ____D C:\Users\Soham\AppData\Local\CrashDumps
2017-12-25 13:18 - 2015-07-16 09:59 - 002889798 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-25 11:53 - 2016-11-19 11:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-25 11:11 - 2016-06-25 10:41 - 000000000 ____D C:\Users\Soham\AppData\Roaming\vlc
2017-12-25 08:46 - 2017-11-01 19:55 - 000000000 ____D C:\Users\Soham\Desktop\new
2017-12-25 08:35 - 2016-06-07 22:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Global Offensive
2017-12-25 08:32 - 2017-07-02 19:58 - 000000000 ____D C:\Users\Soham\VirtualBox VMs
2017-12-24 14:42 - 2016-06-07 16:18 - 000000000 ____D C:\ProgramData\BlueStacks
2017-12-22 11:19 - 2016-08-21 15:37 - 000000000 ____D C:\Users\Soham\Downloads\SHAREit
2017-12-22 09:56 - 2017-05-06 17:03 - 000000000 ____D C:\Users\Soham\Desktop\New folder
2017-12-22 09:41 - 2015-07-16 10:00 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
2017-12-21 11:50 - 2016-06-23 11:34 - 000000000 ____D C:\Users\Soham\AppData\Local\Host App Service
2017-12-21 09:19 - 2016-11-19 12:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-20 11:17 - 2016-07-24 13:18 - 000000000 ____D C:\Users\Soham\AppData\Local\ElevatedDiagnostics
2017-12-19 13:27 - 2016-11-19 11:57 - 020681728 _____ C:\WINDOWS\system32\config\sscan.xas
2017-12-18 15:57 - 2016-11-19 11:57 - 004512768 _____ C:\WINDOWS\system32\config\sscan.0
2017-12-15 11:57 - 2016-06-23 12:57 - 000000000 ____D C:\Users\Soham\Documents\My Games
2017-12-15 09:30 - 2017-07-03 20:52 - 000000000 ____D C:\Users\Soham\AppData\Local\Activision
2017-12-14 22:04 - 2016-09-26 20:18 - 000000000 ____D C:\Users\Soham\AppData\Local\SKIDROW
2017-12-12 11:40 - 2016-11-19 11:48 - 000000000 ____D C:\Users\Soham
2017-12-10 11:12 - 2015-09-06 05:20 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-09 10:47 - 2016-11-19 11:44 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-12-09 10:47 - 2016-07-16 11:34 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-12-05 07:10 - 2017-08-06 13:19 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-12-04 18:36 - 2016-06-06 20:01 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-12-04 18:04 - 2017-07-02 04:40 - 000000000 ____D C:\Users\Soham\.VirtualBox
2017-12-01 21:26 - 2016-09-22 18:23 - 000000661 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-11-30 19:59 - 2016-06-23 11:34 - 000000000 ____D C:\Users\Soham\AppData\Roaming\Adobe
2017-11-30 14:13 - 2016-07-16 17:17 - 000000000 ____D C:\WINDOWS\AppReadiness
==================== Files in the root of some directories =======
2016-09-05 13:15 - 2016-09-05 13:15 - 000007605 _____ () C:\Users\Soham\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
2007-09-18 14:58 - 2007-09-18 14:58 - 000077160 _____ (Microsoft Corporation) C:\Users\Soham\AppData\Local\Temp\DSETUP.dll
2007-09-18 14:58 - 2007-09-18 14:58 - 001673576 _____ (Microsoft Corporation) C:\Users\Soham\AppData\Local\Temp\dsetup32.dll
2007-09-18 14:58 - 2007-09-18 14:58 - 000503144 _____ (Microsoft Corporation) C:\Users\Soham\AppData\Local\Temp\DXSETUP.exe
2017-08-06 13:12 - 2013-04-10 09:55 - 001044048 ____N (CANON INC.) C:\Users\Soham\AppData\Local\Temp\MSETUP4.EXE
2017-12-01 16:43 - 2017-12-01 16:45 - 047052696 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\oct1F6F.tmp.exe
2017-12-20 22:29 - 2017-12-21 11:50 - 047064176 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\oct39E8.tmp.exe
2017-10-04 07:04 - 2017-10-05 20:04 - 039234048 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\oct412E.tmp.exe
2017-12-04 16:40 - 2017-12-06 15:10 - 047052696 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\oct5B2E.tmp.exe
2017-08-28 18:38 - 2017-08-28 18:40 - 039245368 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\oct6A2C.tmp.exe
2017-10-02 23:27 - 2017-10-02 23:41 - 039245368 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\oct95FA.tmp.exe
2017-09-10 06:03 - 2017-09-10 06:04 - 039245368 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\octA1F0.tmp.exe
2017-11-07 05:39 - 2017-11-07 05:39 - 039236800 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\octC4F3.tmp.exe
2017-09-22 20:01 - 2017-09-22 20:18 - 039245368 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\octC59E.tmp.exe
2017-10-07 19:49 - 2017-10-07 19:51 - 039234048 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\octDCB7.tmp.exe
2017-11-26 01:48 - 2017-11-30 13:37 - 047052696 _____ (SweetLabs,Inc.) C:\Users\Soham\AppData\Local\Temp\octE051.tmp.exe
2017-12-09 11:53 - 2010-02-01 17:33 - 000724667 __RSH () C:\Users\Soham\AppData\Local\Temp\systemw.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-12-25 13:27
==================== End of FRST.txt ============================

 



#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:37 PM

Posted 25 December 2017 - 10:42 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Amazon Assistant (HKLM-x32\...\{EDA2A064-F600-47BA-9EBA-58BE807BF6D2}) (Version: 10.17.0926 - Amazon) <==== ATTENTION
App Explorer (HKU\S-1-5-21-466014504-2981248741-1711811290-1004\...\Host App Service) (Version: 0.273.2.371 - SweetLabs)

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
GroupPolicy: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-466014504-2981248741-1711811290-1004 -> {102FB332-88A3-11E6-9C1F-F0761CCAD919} URL = hxxps://www.bing.com/search?pc=cosp&ptag=AB59A10D666&form=CONBDF&conlogo=CT3210127&q={searchTerms}
SearchScopes: HKU\S-1-5-21-466014504-2981248741-1711811290-1004 -> {3707D511-AE1D-11E6-9C35-F0761CCAD919} URL = hxxps://www.bing.com/search?pc=cosp&ptag=AB59A10D666&form=CONBDF&conlogo=CT3210127&q={searchTerms}
FF Homepage: Mozilla\Firefox\Profiles\2wymc7s0.default -> hxxps://search-startpage.com/?s=acer&m=start&brw=ff
FF SearchPlugin: C:\Users\Soham\AppData\Roaming\Mozilla\Firefox\Profiles\2wymc7s0.default\searchplugins\Search Start Page.xml [2016-11-21]
FF SearchPlugin: C:\Users\Soham\AppData\Roaming\Mozilla\Firefox\Profiles\2wymc7s0.default\searchplugins\Start Search.xml [2016-11-21]
FF SearchPlugin: C:\Users\Soham\AppData\Roaming\Mozilla\Firefox\Profiles\2wymc7s0.default\searchplugins\Web Search.xml [2016-10-02]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2017-10-04] ()
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
S3 OSFMount; \??\D:\Games\Counter-Strike Global Offensive\image\x64\OSFMount.sys [X]

Task: {5CD5702A-8BA0-498D-A8C4-BFAB8338B2A6} - System32\Tasks\App Explorer => C:\Users\Soham\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2017-09-19] (SweetLabs, Inc) <==== ATTENTION
Task: {923E0D04-FA55-46E8-951F-BE0D9736A7E9} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
2017-10-04 13:06 - 2017-10-04 13:06 - 000105136 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
c:\Windows\System32\Tasks\App Explorer
C:\Users\Soham\AppData\Local\Host App Service
C:\Program Files (x86)\Amazon\Amazon Assistant

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

:step1: Please download Malwarebytes Anti-Malware from here
  • Right-click on the MBAM icon and select Run as administrator to run the tool.
  • Click Yes to accept any security warnings that may appear.
  • Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database.
  • On the left menu pane click the Settings tab, and then select the Protection tab on the top.
  • Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.
  • Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button
  • Note: The scan may take some time to finish, so please be patient.
  • If potential threats are detected, ensure to checkmark all the listed items, and click the Quarantine Selected button.
  • While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log can also be viewed by clicking the log to select it, then clicking the View Report button.
Please post the log for my review.

Note: If asked to restart the computer, please do so immediately.
===

:step2: Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

You can manually check your present version and update as recommended. (You need to check with Internet Explorer) <- Important.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882

If still present after the update you can remove the old versions of Java via the Control Panel > Programs > Programs and Features.
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
===

Please post the logs let me know if the persists with this computer.

#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:37 PM

Posted 31 December 2017 - 08:32 AM

Are you still with me?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users