Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-11-2015 Ran by Adiorz (2015-11-17 20:42:56) Running from C:\Users\Adiorz\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2013-07-17 02:38:31) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Adiorz (S-1-5-21-319641768-3134415942-743037567-1000 - Administrator - Enabled) => C:\Users\Adiorz Administrator (S-1-5-21-319641768-3134415942-743037567-500 - Administrator - Disabled) Guest (S-1-5-21-319641768-3134415942-743037567-501 - Limited - Disabled) NeroMediaHomeUser.4 (S-1-5-21-319641768-3134415942-743037567-1006 - Limited - Enabled) => C:\Users\NeroMediaHomeUser.4 ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) ׿´óʦˢ»úרĽŇ 4.1.0.16 (HKLM-x32\...\ZhuoDaShi) (Version: 4.1.0.16 - ±±ľ©ÔĹÉýĚěĎ¿ƼĽÓĐĎŢą«Ëľ) ׿´óʦŁ¨Ë˘»úרĽŇŁ© 2.2.0 (HKLM-x32\...\{F32B8B79-7520-47BC-B98E-7AC4001C85D9}_is1) (Version: 2.2.0 - OPDA Team) µTorrent (HKU\S-1-5-21-319641768-3134415942-743037567-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.) 7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov) Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems) Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.) Anki (HKLM-x32\...\Anki) (Version: - ) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS) ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.28 - ASUS) ATI AVIVO64 Codecs (Version: 10.12.0.41217 - ATI Technologies Inc.) Hidden ATI Catalyst Install Manager (HKLM\...\{D87D65E0-B704-9861-F836-5A310B41F153}) (Version: 3.0.754.0 - ATI Technologies, Inc.) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0001 - ASUS) AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.) AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden Baldur's Gate II (HKLM-x32\...\BG2_is1) (Version: - ) Baldur's Gate II: Enhanced Edition (HKLM-x32\...\QmFsZHVyc0dhdGVJSUVuaGFuY2VkRWRpdGlvbg==_is1) (Version: 1 - ) Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com) Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.5 - BlueJ Team) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden CamStudio 2.7.4 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.4 - CamStudio Open Source) ccc-core-static (x32 Version: 2009.1217.1632.29627 - ATI) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform) CodeBlocks (HKU\S-1-5-21-319641768-3134415942-743037567-1000\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team) COMODO Internet Security (HKLM\...\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}) (Version: 5.9.25057.2197 - COMODO Security Solutions Inc.) Counter-Strike 1.0 (HKLM-x32\...\Counter-Strike) (Version: 1.0 - ) Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - Creative Technology Limited) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd) Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden doxygen 1.8.5 (HKLM\...\doxygen_is1) (Version: 1.8.5 - Dimitri van Heesch) Dropbox (HKU\S-1-5-21-319641768-3134415942-743037567-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.) easyHDR BASIC 2 (HKLM-x32\...\easyHDR_BASIC_2) (Version: 2.13.3 - SIMPARTEK - Bartlomiej Okonek) Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation) Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation) Exif Pilot 4.7 (HKLM-x32\...\Exif Pilot_is1) (Version: 4.7 - Two Pilots) Express Gate (HKLM-x32\...\{B5A5627C-0173-4DB2-ADA8-740479370F67}) (Version: 1.2.13.38 - DeviceVM, Inc.) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS) ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - ) FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse) FlatOut 2 (HKLM-x32\...\{4E6D2462-AB33-40BB-AA9F-3FA3E0DD0290}) (Version: 1.00.0000 - Empire Interactive) foobar2000 v1.2.4 (HKLM-x32\...\foobar2000) (Version: 1.2.4 - Peter Pawlowski) Fusion version 2.8.1 (HKLM\...\{DAC2455E-C3AB-4A1D-A1B1-4BCD0BC255AF}_is1) (Version: 2.8.1 - NS-Point) GitHub (HKU\S-1-5-21-319641768-3134415942-743037567-1000\...\5f7eb300e2ea4ebf) (Version: 3.0.6.4 - GitHub, Inc.) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKU\S-1-5-21-319641768-3134415942-743037567-1000\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Google 日本語入力 (HKLM\...\{EED6DACA-7346-4204-97B0-6425DCC929B6}) (Version: 2.17.2320.0 - Google Inc.) Graph 4.4.2 (HKLM-x32\...\Graph_is1) (Version: - Ivan Johansen) GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - ) IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - ) Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation) InstallShield 2013 Limited Edition (HKLM-x32\...\{6781C524-2DA2-4182-908C-8B204E0DD47C}) (Version: 20.00.0000 - Flexera Software LLC) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.400.4 - Intel) Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan) Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation) Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation) Java SE Development Kit 7 Update 51 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle) Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation) Java SE Development Kit 8 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180650}) (Version: 8.0.650.17 - Oracle Corporation) JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden LINE (HKLM-x32\...\LINE) (Version: 4.0.3.367 - LINE Corporation) LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.177 - Logitech Inc.) MATLAB Compiler Runtime 8.1 (HKLM\...\MATLAB Compiler Runtime R2013a) (Version: 8.1 - The MathWorks, Inc.) MATLAB R2013a (HKLM\...\Matlab R2013a) (Version: 8.1 - The MathWorks, Inc.) Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation) Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation) Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation) Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4763.1003 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation) Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation) Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{20fc1ec7-3058-48d4-80f8-e1cfd52391c7}) (Version: 11.0.50727.26 - Microsoft Corporation) Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{6dff50d0-3bc3-4a92-b724-bf6d6a99de4f}) (Version: 12.0.21005.13 - Microsoft Corporation) Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation) Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation) Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyBestOffersToday 015.145 (HKLM-x32\...\mbot_jp_145_is1) (Version: - MYBESTOFFERSTODAY) <==== ATTENTION MySQL Connector C++ 1.1.6 (HKLM\...\{80EE5F65-5553-47A1-B6A9-8BF3211D21A3}) (Version: 1.1.6 - Oracle and/or its affiliates) MySQL Connector J (HKLM-x32\...\{08BE0787-D0CE-4240-93EF-D73DA099A285}) (Version: 5.1.37 - Oracle Corporation) MySQL Connector Net 6.9.7 (HKLM-x32\...\{2C148B86-FF80-49A7-BA18-E4CEF6464AE6}) (Version: 6.9.7 - Oracle) MySQL Connector/C 6.1 (HKLM\...\{ABC3A516-54E3-414B-B501-762E7FB2F9D5}) (Version: 6.1.6 - Oracle Corporation) MySQL Connector/ODBC 5.3 (HKLM\...\{A1991404-2634-47E1-BC45-8F3B5014B1D1}) (Version: 5.3.4 - Oracle Corporation) MySQL Documents 5.7 (HKLM-x32\...\{63E5431B-5EEE-4210-9BF6-D4CE0C16D352}) (Version: 5.7.9 - Oracle Corporation) MySQL Examples and Samples 5.7 (HKLM-x32\...\{77BCFF2B-9ADB-4E5A-A3F9-588D11AE8497}) (Version: 5.7.9 - Oracle Corporation) MySQL Fabric 1.5.6 & MySQL Utilities 1.5.6 (HKLM-x32\...\{C914EB85-F0E6-4150-9FA0-99B716A15EAF}) (Version: 1.5.6 - Oracle Corporation) MySQL For Excel 1.3.4 (HKLM-x32\...\{A0352E65-6E78-48B3-B6D6-B3208E663249}) (Version: 1.3.4 - Oracle) MySQL for Visual Studio 1.2.4 (HKLM-x32\...\{32D9A474-FAFC-4E77-B804-055595D5B9E9}) (Version: 1.2.4 - Oracle) MySQL Installer - Community (HKLM-x32\...\{EBCE683F-1B84-423B-B284-0C2CFF5C47E8}) (Version: 1.4.11.0 - Oracle Corporation) MySQL Notifier 1.1.6 (HKLM-x32\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle) MySQL Server 5.7 (HKLM\...\{9F74ACF2-A570-4235-9B96-8CFE8887B877}) (Version: 5.7.9 - Oracle Corporation) MySQL Workbench 6.3 CE (HKLM\...\{8E6D8BF8-828A-4F7B-A332-F7CEB8CB75AA}) (Version: 6.3.5 - Oracle Corporation) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Nero MediaHome 4 Essentials (HKLM-x32\...\{5859ff89-6ac0-47ba-bfac-8af8ea9d1c30}) (Version: - Nero AG) Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon) Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.7.0 - Nikon) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team) NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden Orca (HKLM-x32\...\{85F4CBCB-9BBC-4B50-A7D8-E1106771498D}) (Version: 3.1.3790.0000 - Microsoft Corporation) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden PhotoME (HKLM-x32\...\PhotoME_is1) (Version: 0.79R17 - Jens Duttke) Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.11 - Nikon) Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.0.0.1 - GOG.com) PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation) PTAssembler (HKLM-x32\...\PTAssembler_is1) (Version: - ) PVS-Studio 5.13 (HKLM-x32\...\PVS-Studio_is1) (Version: 5.13.9924.1 - OOO "Program Verification Systems") Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5978 - Realtek Semiconductor Corp.) Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.) SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.) Sound Blaster Audigy HD (HKLM-x32\...\{38F8D823-008D-4E5A-BBCE-867A86C2BF2B}) (Version: 1.0 - Creative Technology Limited) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.) Subtitle Edit 3.4.4 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.4.4.0 - Nikse) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.11.0 - Synaptics Incorporated) Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.4.0 - GOG.com) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH) Twierdza Krzyżowiec (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.00 - ) Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.2.6 - Unified Intents AB) UnlckMyBootloader (HKLM-x32\...\{7C54B454-23C7-4194-820B-BDD9AC21AC38}) (Version: 2.0 - Yashar Ahmedizadeh) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - ) ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.7.3 - Nikon) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation) Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation) WebServ 2.1 (HKLM-x32\...\WebServ_is1) (Version: - WebsSrv.PL) Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation) WinRAR 4.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WinThruster (HKLM-x32\...\WinThruster_is1) (Version: 1.79 - solvusoft Corporation) <==== ATTENTION Word Proser 1.10.0.2 (HKLM-x32\...\WordProser_1.10.0.2) (Version: 1.10.0.2 - Word Proser) <==== ATTENTION Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden Zeus & Poseidon (HKLM-x32\...\{8043219B-D2C0-4561-90AB-3F1113ED5A87}) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2015\acad.exe /Automation => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2015\acad.exe => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Adiorz\AppData\Local\Google\Chrome\Application\44.0.2403.157\delegate_execute.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) ==================== Restore Points ========================= Could not list restore points Check "winmgmt" service or repair WMI. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2013-08-20 06:11 - 00006895 ___RA C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 3dns-2.adobe.com #192.150.22.22 127.0.0.1 3dns-3.adobe.com #192.150.14.21 127.0.0.1 3dns-4.adobe.com #192.150.18.247 127.0.0.1 3dns-5.adobe.com #192.150.22.46 127.0.0.1 adobe-dns.adobe.com #192.150.11.30 127.0.0.1 adobe-dns-2.adobe.com #192.150.11.247 127.0.0.1 adobe-dns-3.adobe.com #192.150.22.30 127.0.0.1 adobe.activate.com #69.175.22.26 127.0.0.1 activate.adobe.com #192.150.22.40 127.0.0.1 activate.wip3.adobe.com #192.150.22.40 127.0.0.1 activate.wip4.adobe.com #192.150.22.40 127.0.0.1 activate-sea.adobe.com #192.150.22.40 127.0.0.1 activate-sjc0.adobe.com #192.150.14.69 127.0.0.1 ereg.adobe.com #192.150.18.103 127.0.0.1 ereg.wip3.adobe.com #192.150.18.63 127.0.0.1 ereg.wip4.adobe.com #192.150.18.103 127.0.0.1 practivate.adobe.com #192.150.18.54 127.0.0.1 www.wip3.adobe.com #192.150.8.60 127.0.0.1 www.wip4.adobe.com #192.150.18.200 127.0.0.1 www.adobeereg.com #75.125.24.83 127.0.0.1 adobeereg.com #207.66.2.10 127.0.0.1 hl2rcv.adobe.com #192.150.14.174 127.0.0.1 wwis-dubc1-vip30.adobe.com #192.150.8.30 127.0.0.1 wwis-dubc1-vip31.adobe.com #192.150.8.31 127.0.0.1 wwis-dubc1-vip32.adobe.com #192.150.8.32 127.0.0.1 wwis-dubc1-vip33.adobe.com #192.150.8.33 127.0.0.1 wwis-dubc1-vip34.adobe.com #192.150.8.34 127.0.0.1 wwis-dubc1-vip35.adobe.com #192.150.8.35 127.0.0.1 wwis-dubc1-vip36.adobe.com #192.150.8.36 127.0.0.1 wwis-dubc1-vip37.adobe.com #192.150.8.37 There are 87 more lines. ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0790906E-09BA-4A13-BA09-DEAC4DFE2629} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => D:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-08] (COMODO) Task: {088BCA5E-21AF-4BF6-9B8F-7D0A6909D333} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000UA => C:\Users\Adiorz\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {0ADE385F-14C5-48C6-8828-29805A8A4FF9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000Core => C:\Users\Adiorz\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {1A3FFC6E-0D3B-445C-9E78-0434A66258E0} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] () Task: {20737E57-6554-4C6C-9E14-EECE761172B6} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd) Task: {313EEE7E-EAE7-4617-8B8A-D539A58F2923} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000UA => C:\Users\Adiorz\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.) Task: {49417CCB-772D-43A6-BAB6-AB90D25CB562} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-28] (Microsoft Corporation) Task: {49B3FE08-87D3-4A98-B726-143D2FD2C0A1} - System32\Tasks\{09C82817-2C3F-4398-B972-A407D3F24B43} => pcalua.exe -a C:\Users\Adiorz\Downloads\widescreen-v3.05.exe -d C:\Users\Adiorz\Downloads Task: {4FF3074A-EF6A-4747-B1D7-F7C5570C56D3} - System32\Tasks\{05E7C2B8-156C-4122-BB66-BEFF987219F4} => pcalua.exe -a C:\Users\Adiorz\Downloads\irfanview_plugins_438_setup.exe -d C:\Users\Adiorz\Downloads Task: {5B3D18BC-5F10-47B4-82C3-CE68A0E09660} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [2015-10-26] (Oracle Corporation) Task: {667ECFAD-2CD3-4FD6-B0DF-2E14E388FCD8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2013-09-20] (Safer-Networking Ltd.) Task: {809448CF-47A9-4B2D-8487-89429B34F5EA} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => D:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-08] (COMODO) Task: {84EEA1C5-B189-4FCF-931A-21CCA27BB0CC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo) Task: {8A2AE898-50CA-4E2D-91B1-0F0D4F0D0365} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-02] (Microsoft Corporation) Task: {8E3513D2-6BE2-44CC-89E5-F7241179A15D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2013-09-20] (Safer-Networking Ltd.) Task: {8FA5B22C-51D8-46D3-8B92-258803E2D563} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation) Task: {92E69130-4275-46BC-B9E8-D8DFFF7F09E9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2013-09-20] (Safer-Networking Ltd.) Task: {95A04A6E-397D-4E58-8003-4816C192137D} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => D:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-08] (COMODO) Task: {9B5D64CC-05F1-4BF6-AF48-0F5A0853E4E3} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => D:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-08] (COMODO) Task: {A3C2E9B3-DEAB-48D6-BEA0-33448DC805E2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated) Task: {B2E6E789-ED72-484F-BA4C-6FE72F5A636D} - System32\Tasks\{A49270A1-AD49-4039-86DE-09691EC658CF} => pcalua.exe -a F:\Software\ASUS\WINFLASH\XP32_Vista32_Vista64_Win7_32_Win7_64_2.29.0\Setup.exe -d F:\Software\ASUS\WINFLASH\XP32_Vista32_Vista64_Win7_32_Win7_64_2.29.0 -c /qn /norestart Task: {B498FA54-355D-4894-B9C5-6B4B93635229} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.) Task: {B52216C4-98A5-4179-B7AC-8791C6869412} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.) Task: {BB910DEF-B3EC-45CD-AD28-0CE6FD5DEE82} - System32\Tasks\{17CFFC38-7CC7-43E5-A282-9E9F2E4D0EB6} => pcalua.exe -a F:\Software\ASUS\WINFLASH\XP32_Vista32_Vista64_Win7_32_Win7_64_2.29.0\Setup.exe -d F:\Software\ASUS\WINFLASH\XP32_Vista32_Vista64_Win7_32_Win7_64_2.29.0 -c /qn /norestart Task: {BE64D7A3-0F09-4B20-AFD3-BD4397EA1C55} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-01-06] (ATK) Task: {CABA63A8-A1CB-452A-93B8-AB66E9E296BA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-28] (Microsoft Corporation) Task: {CAE244B2-8303-48BF-98AB-74172218C22C} - System32\Tasks\{E4AC4DE1-C955-46F7-8CA9-38D54CAD26AD} => pcalua.exe -a C:\Users\Adiorz\Downloads\msicuu_7.2.exe -d C:\Users\Adiorz\Downloads Task: {DAAC4700-3F97-431F-9D5B-67C581E63A8D} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [2015-10-26] (Oracle Corporation) Task: {DD63AC55-4E1E-4054-8040-5402A2C793CD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation) Task: {E32728A4-BC99-40B4-9FE4-3AFC8BC75B67} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => D:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-08] (COMODO) Task: {FD6A28D5-54CD-4159-8685-9B07279B681D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000Core => C:\Users\Adiorz\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000Core.job => C:\Users\Adiorz\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000UA.job => C:\Users\Adiorz\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000Core.job => C:\Users\Adiorz\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000UA.job => C:\Users\Adiorz\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2014-09-27 04:45 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2015-10-12 09:09 - 2015-10-26 10:32 - 38587904 _____ () C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe 2011-12-20 02:59 - 2015-01-08 23:02 - 00067808 _____ () D:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2015-10-28 18:20 - 2015-09-01 17:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll 2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () D:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () D:\Program Files (x86)\Notepad++\NppShell_05.dll 2013-07-17 04:25 - 2007-11-30 19:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe 2009-12-23 21:12 - 2009-12-23 21:12 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll 2009-12-19 03:11 - 2009-12-19 03:11 - 00033280 _____ () C:\Program Files\P4G\OvrClk.dll 2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2015-02-26 19:39 - 2015-02-26 19:39 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2015-02-26 19:39 - 2015-02-26 19:39 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2008-10-23 18:21 - 2008-10-23 18:21 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2013-07-16 19:12 - 2013-07-16 19:12 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2015-09-07 12:55 - 2015-08-18 06:21 - 01763144 _____ () C:\Users\Adiorz\AppData\Local\Google\Chrome\Application\44.0.2403.157\libglesv2.dll 2015-09-07 12:55 - 2015-08-18 06:21 - 00093000 _____ () C:\Users\Adiorz\AppData\Local\Google\Chrome\Application\44.0.2403.157\libegl.dll 2015-10-30 20:36 - 2015-10-15 12:21 - 28860616 _____ () C:\Users\Adiorz\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll 2013-10-26 17:25 - 2012-08-23 10:38 - 00574840 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2013-10-26 17:25 - 2013-05-16 10:55 - 00113496 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2013-10-26 17:25 - 2013-05-16 10:55 - 00416600 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2013-10-26 17:25 - 2013-05-16 10:55 - 00161112 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2013-10-26 17:25 - 2012-04-03 17:06 - 00565640 _____ () D:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2015-11-17 08:39 - 2015-11-17 08:39 - 00071168 _____ () c:\users\adiorz\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpt6uypz.dll 2015-03-04 22:45 - 2015-09-03 01:11 - 00012800 _____ () C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-04 22:45 - 2015-09-03 01:11 - 00779776 _____ () C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-07-30 14:13 - 2015-09-03 01:11 - 00056320 _____ () C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-03-04 22:45 - 2015-09-03 01:11 - 00012288 _____ () C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2013-07-17 04:16 - 2009-02-07 02:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL 2013-07-17 04:16 - 2009-03-26 22:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dns-sd.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\javaws.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ucrtbase.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ATL71.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dns-sd.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ucrtbase.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\hidkmdf.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\IntelHaxm.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\LGBusEnum.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\LGVirHid.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\uvhid.sys:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Desktop\Core Temp.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Desktop\cpuz_x64.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Desktop\cv.pdf:com.dropbox.attributes AlternateDataStreams: C:\Users\Adiorz\Desktop\cv_greeny - PL.docx:com.dropbox.attributes AlternateDataStreams: C:\Users\Adiorz\Desktop\cv_PL.docx:com.dropbox.attributes AlternateDataStreams: C:\Users\Adiorz\Desktop\D7100_NT(En)03.pdf:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Desktop\FRST64.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Desktop\FRST64.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Desktop\linuxmint-17.2-cinnamon-64bit.iso:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Desktop\rjwmt_high-3.asx:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Desktop\rjwmt_high-3.asx:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Desktop\SubtitleEdit-3.4.4-Setup.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Desktop\SubtitleEdit-3.4.4-Setup.zip:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Desktop\Universal-USB-Installer-1.9.6.2.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Desktop\Universal-USB-Installer-1.9.6.2.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\2010 JSID v18 n01 p8 PR 3D angular dependence.pdf:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\accel.h:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\advanced-ui-on-android.pdf:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\adwcleaner_5.021.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\adwcleaner_5.021.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\android-sdk_r24.3.4-windows.zip:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\android-studio-bundle-141.2178183-windows.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\android-studio-bundle-141.2178183-windows.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\avast-browser-cleanup.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\avast-browser-cleanup.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\AviSynth_260.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\bluej-bundled-315a.msi:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\ccsetup505.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\ccsetup505.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\ccsetup507.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\ccsetup507.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\ccsetup510.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\ccsetup510.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\ccsetup511.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\ccsetup511.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\CoreTemp64.zip:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\cpu-z_1.74-en.zip:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\cv_Orzechowski_Adrian.pdf.pdf:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\drmemory-master.zip:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\DrMemory-Windows-1.8.1-RC1.zip:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\eclipse-inst-win64.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\eclipse-inst-win64.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\EnglishPolishDictionary.zip:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\ffdshow_rev4532_20140717_clsid.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\FunBox-59CB.funbox:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\gc-7.2f.tar.gz:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\Git-2.6.1-64-bit.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\Git-2.6.1-64-bit.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\GitHubSetup.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\GitHubSetup.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\GoogleJapaneseInputSetup.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\GoogleJapaneseInputSetup.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\jdk-8u60-windows-x64.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\jdk-8u60-windows-x64.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\jdk-8u65-windows-x64.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\jdk-8u65-windows-x64.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\K265 API Documentation.pdf:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\K265 API.zip:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\K265 Internals.pdf:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\k265.h:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\k265_defines.h:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\Kopie von Lukac_Rogic_Chatzimichailidou_Telfor_2010.pdf:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\MatroskaSplitter23062013.zip:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\mbam-setup-2.2.0.1024.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\mbam-setup-2.2.0.1024.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\mysql-installer-community-5.7.9.0.msi:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\pecl-5.2.5-Win32.zip:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\PhotoME079R17Setup.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\PhotoME079R17Setup.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\php-5.6.11.tar.bz2:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\python-3.5.0-amd64.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\python-3.5.0-amd64.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\r48nvigc.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\r48nvigc.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\Rebel-Times-93.pdf:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\Resume201507100811.pdf:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\Resume201507110855.pdf:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\Resume201511021156.pdf.pdf:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\rm2ljzor.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\rm2ljzor.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.33.0.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.33.0.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\setup-network-utilities.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\setup-network-utilities.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\SteamSetup.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\SteamSetup.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\torbrowser-install-4.5.1_en-US.exe:$CmdTcID AlternateDataStreams: C:\Users\Adiorz\Downloads\torbrowser-install-4.5.1_en-US.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\torbrowser-install-5.0.2_en-US.exe:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\Verb Drills.zip:$CmdZnID AlternateDataStreams: C:\Users\Adiorz\Downloads\Za__cznik.pdf:$CmdZnID ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-319641768-3134415942-743037567-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adiorz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: Media is not connected to internet. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) mpsdrv => Firewall Service is not running. MpsSvc => Firewall Service is not running. bfe => Firewall Service is not running. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Users^Adiorz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupreg: Acrobat Assistant 8.0 => "D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: Dropbox Update => "C:\Users\Adiorz\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c MSCONFIG\startupreg: GalaxyClient => D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe /launchViaAutoStart MSCONFIG\startupreg: LogMeIn Hamachi Ui => "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start MSCONFIG\startupreg: Nero MediaHome 4 => "D:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: SDTray => "D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{1B30C64C-AC66-417A-BF87-9EB6D59CAE24}] => (Allow) D:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{ED96E2B5-2843-4D4E-8A19-9D0BC325D49A}] => (Allow) D:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{11046F20-8EAC-4B29-BE36-160F5549D4EE}] => (Allow) D:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{709DFEAE-44D4-4193-9924-961659EFE233}] => (Allow) D:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{DD878992-47CA-448A-BEEF-8A017B33DC3F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{53382188-AADE-42E8-A1A2-8CE91036B66B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{12C3F711-CD35-4151-B0D4-95ADE917426B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{88C3C43C-F762-4E9E-8453-32DEC83CEFAD}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{51151BF5-3F61-481C-843E-BF967135C131}] => (Allow) D:\Program Files (x86)\Naver\LINE\Line.exe FirewallRules: [{3D7A0F77-5FE9-4851-845F-8B44D42832F6}] => (Allow) D:\Program Files (x86)\Naver\LINE\Line.exe FirewallRules: [{A3D94990-2C40-4C9D-A852-E14B3E1DE974}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe FirewallRules: [{E20FA09C-869C-4417-B5D3-82BDE0937974}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe FirewallRules: [{BAED70B0-656D-48DF-AE73-02E7D3BD654F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{8AA034CC-76A9-4D1F-9E38-171260A665CA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{504EF1E1-6BCC-4EDC-89EA-7F96437C95AB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5F94083B-2A6E-4B25-9AF8-87A282DE2E2C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{10769F08-4858-4182-A794-7DA5A8DEE216}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{089B75DC-3621-461C-BC37-39469A370B84}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{98A9F222-9E0E-4BD7-A11F-489B4FE6EB8F}] => (Allow) D:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe FirewallRules: [{6DF6902E-66E4-4371-A291-1B1A35EDC78F}] => (Allow) D:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe FirewallRules: [{1466A293-4945-43FE-B6B2-341EA7C3F982}] => (Allow) LPort=3306 FirewallRules: [{59493314-4A35-4519-AA70-E3EAFC33792D}] => (Allow) LPort=3306 FirewallRules: [{E1C25FF8-216B-4281-8F64-F41666CC75B8}] => (Allow) LPort=443 FirewallRules: [{82DFE6E1-5B31-4447-8EA2-8D7D74C0E32D}] => (Allow) LPort=443 StandardProfile\AuthorizedApplications: [D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon StandardProfile\AuthorizedApplications: [D:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Faulty Device Manager Devices ============= Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Could not start eventlog service, could not read events. System error 123 has occurred. The filename, directory name, or volume label syntax is incorrect. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz Percentage of memory in use: 69% Total physical RAM: 6068.55 MB Available physical RAM: 1826.05 MB Total Virtual: 12135.28 MB Available Virtual: 6405.63 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:149.04 GB) (Free:29.68 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (DATA) (Fixed) (Total:422.12 GB) (Free:271.63 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: F2BFA96D) Partition 1: (Not Active) - (Size=25 GB) - (Type=1C) Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=422.1 GB) - (Type=OF Extended) ==================== End of Addition.txt ============================