Inactive-A Computer infected and hogging bandwidth

Status
Not open for further replies.
Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Amelia (2016-12-26 23:45:10)
Running from C:\Users\Amelia\Desktop
Windows 10 Pro (X64) (2016-09-28 03:17:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-997560942-130544248-716659739-500 - Administrator - Disabled)
Amelia (S-1-5-21-997560942-130544248-716659739-1001 - Administrator - Enabled) => C:\Users\Amelia
DefaultAccount (S-1-5-21-997560942-130544248-716659739-503 - Limited - Disabled)
Guest (S-1-5-21-997560942-130544248-716659739-501 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{e4e126a8-f29e-4b56-947d-fe8bbdce8b1b}) (Version: 1.2.77.32054 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.32054 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{52F17A7B-2E8B-4CD6-BFBA-1FCA836B98B4}) (Version: 2.42.0 - Kovid Goyal)
Colasoft Capsa 9 Free (HKLM\...\6764EB45-A821-4F9B-B33C-545964A732E3_is1) (Version: 9.1.0.9130 - Colasoft)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0407 - Disc Soft Ltd)
Freemake Video Converter version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
FreeTelly (HKU\S-1-5-21-997560942-130544248-716659739-1001\...\FreeTelly) (Version: - ${COMPANY})
FreeTelly (HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016020001478\...\FreeTelly) (Version: - ${COMPANY})
FreeTelly (HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12242016020001293\...\FreeTelly) (Version: - ${COMPANY})
FreeTelly (HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12252016020001330\...\FreeTelly) (Version: - ${COMPANY})
FreeTelly (HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12262016020009472\...\FreeTelly) (Version: - ${COMPANY})
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
iFunbox (v3.0.3109.1352) (HKLM-x32\...\iFunbox_is1) (Version: v3.0.3109.1352 - iFunbox DevTeam)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Malwarebytes version 3.0.4.1269 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.4.1269 - Malwarebytes)
MapleStory (HKLM-x32\...\Steam App 216150) (Version: - Nexon)
Microsoft OneDrive (HKU\S-1-5-21-997560942-130544248-716659739-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016020001478\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12242016020001293\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12252016020001330\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12262016020009472\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.3.1 (HKLM-x32\...\{26AC9666-A2C6-4D33-8370-A50F50F277C4}_is1) (Version: 1.3.1 - Sam Rodberg)
MySims™ (HKLM-x32\...\{68DC42FA-962C-4973-A306-D595D861FA1E}) (Version: 1.00.0000 - Electronic Arts)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.3.0 - Nexon)
Opera Stable 42.0.2393.94 (HKLM-x32\...\Opera 42.0.2393.94) (Version: 42.0.2393.94 - Opera Software)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.5.1.2 - Popcorn Time)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
RogueKiller version 12.8.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.8.6.0 - Adlice Software)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: - Samsung Electronics Co., Ltd.)
Shelter (HKLM\...\Steam App 244710) (Version: - Might and Delight)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spore (HKLM\...\Steam App 17390) (Version: - Maxis™)
Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 2.2.0.4 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StudioTax 2014 (HKLM-x32\...\{3C8E4631-8BB2-427A-BFC6-7F3E6C897A9F}) (Version: 10.0.6.1 - BHOK IT Consulting)
StudioTax 2015 (HKLM-x32\...\{10DC0B0F-E7D6-4F37-9CF9-0A76A689AAB0}) (Version: 11.0.8.3 - BHOK IT Consulting)
Surgeon Simulator 2013 Steam Edition 1.0 (HKLM-x32\...\Surgeon Simulator 2013 Steam Edition 1.0) (Version: 1.0 - Cat-A-Cat)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
Syncios version 4.3.4 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.3.4 - Anvsoft, Inc.)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 70s, 80s, & 90s Stuff (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Diesel Stuff (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Fast Lane Stuff (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Katy Perry's Sweet Treats (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Master Suite Stuff (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Movie Stuff (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Undertale (HKLM-x32\...\1456487183_is1) (Version: 2.0.0.2 - GOG.com)
Unholy Heights (HKLM-x32\...\GOGPACKUNHOLYHEIGHTS_is1) (Version: 2.0.0.2 - GOG.com)
UxStyle (HKLM-x32\...\{05560347-3a9b-4644-a8ed-8b64cc947189}) (Version: 0.2.3.0 - The Within Network, LLC)
UxStyle (Version: 0.2.3.0 - The Within Network, LLC) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WAKFU (HKLM\...\Steam App 215080) (Version: - Ankama Studio)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5170 - WinISO Computing Inc.)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wireshark 2.2.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.3 - The Wireshark developer community, https://www.wireshark.org)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-997560942-130544248-716659739-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Amelia\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-997560942-130544248-716659739-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

10-12-2016 03:53:09 Windows Update
13-12-2016 16:16:08 Windows Update
15-12-2016 03:06:11 Windows Modules Installer
21-12-2016 13:06:51 Removed Online.io Application
22-12-2016 22:52:05 JRT Pre-Junkware Removal

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2016-07-16] (Microsoft Corporation)
Task: {106EB28A-568D-467A-B44D-5D1218BF18DE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {11EF8237-224D-4CF9-9039-61D08754EA5D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-10-14] (Microsoft Corporation)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {184784E2-6ACB-4154-BD0F-A955BE13F177} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {20BCF8B4-307A-4819-AB88-AE206614AEF5} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-02-27] ()
Task: {23EC0846-2D95-4B7D-BDB1-B2F9FA3EF0EB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2820CF50-1973-4563-A2A1-51C219804A7C} - System32\Tasks\OneDrive Standalone Update Task v2 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {39BD654F-A9D8-49EC-BBBA-1045DFBD202E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {3BD4105D-398D-43BD-9E0E-480B91BE9FA0} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [2016-09-27] (Microsoft Corporation)
Task: {3E31ABD7-7B10-482B-AD2F-EFAA1C4741C3} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\UpgradeSubscription.exe [2016-07-16] (Microsoft Corporation)
Task: {43DF67E8-D733-48FA-98F2-4E6D341E4A79} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattelrunner.exe [2016-10-14] (Microsoft Corporation)
Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff
Task: {52B822A9-8E13-4422-8828-28A574A49E60} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {53EAE153-3254-4E5F-9779-2545D98551D7} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate
Task: {55969445-729F-455E-82F1-4B78D4A0FBCB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5654DFBB-E797-4758-B9A0-8BAE94A91F1D} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [2016-07-16] (Microsoft Corporation)
Task: {586759CB-AF02-4C11-A9AB-753FF405E8B8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {59115170-7218-4A7B-9DE1-6BB6045EC30E} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Amelia\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {5CD2C0ED-14C4-4F8E-BCC0-C71F6012F2CB} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [2016-09-15] (Microsoft Corporation)
Task: {5FAAF530-ED1B-4F7B-AD7B-1694AA0B202B} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask
Task: {60FCDF05-3417-41AD-A70D-619587B5D652} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {6232090F-3BD0-4E1F-960B-78CBA797F685} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {6B1AE720-1359-4B9E-9C0F-60167361EF01} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {6D1C0035-5CAD-4340-A533-D63C9853BCC9} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization
Task: {6E8AE752-C5D2-4B34-B351-338B4370A342} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {73F6F33D-420B-42EC-89CA-18D22922B3DF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7AC5E1E2-2FD3-40CD-8842-88CE53A3609C} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {7FDB82B4-D5F5-4872-96CE-789C86FDFB21} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {82FEF849-7C32-40AF-A90D-F529B4F3B0DD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8D791FAA-0257-4EBC-A6DD-74E842528806} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange
Task: {9851188E-AC07-4F36-BA28-6D00BB2C9C46} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2016-10-14] (Microsoft Corporation)
Task: {9B63F44C-F9DC-4368-BB12-7DD96B161A83} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {9C4EC46C-70BC-4B8D-929B-CC90E4B03975} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {9EF72AD9-20F8-4B45-B965-3FC1E588DEE3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A975CEE0-B6C8-4D3F-8C37-CA7E2D1771D3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-13] (Microsoft Corporation)
Task: {AD7321D2-997C-4E81-AE46-4631E6B033A3} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\UpgradeSubscription.exe [2016-07-16] (Microsoft Corporation)
Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6
Task: {B55EEA53-77EA-4A09-9F2C-8679C6BD9888} - \WPD\SqmUpload_S-1-5-21-997560942-130544248-716659739-1001 -> No File <==== ATTENTION
Task: {B68413AF-4858-4DAC-8FAE-5252B4494DB5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {B6EE76B2-4F82-4E15-9345-C867A29CBAD0} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-09-27] (Microsoft Corporation)
Task: {B7A398D0-AB95-4C97-941D-13E3496ECF49} - System32\Tasks\Opera scheduled Autoupdate 1425072182 => C:\Program Files (x86)\Opera\launcher.exe [2016-12-19] (Opera Software)
Task: {BDDEF317-2692-422F-AEA2-FFD67DC7CEA3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice
Task: {BF74C15D-98E7-49A2-9008-7B39B97B8DBF} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {C125018F-0B81-4B64-B7DC-0E01220E5D0E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1
Task: {CB179AC7-B897-4CF4-ABFF-99B3B05F8CAF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {CC636E49-0109-402B-A40B-A37C29069A95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {D16F1D94-24B9-40AB-A1B6-5E019E88BEA1} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork
Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {D3C4106A-D511-42C6-9716-465644534C87} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {D57023E8-A038-43C7-95D3-F4D2F6537922} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange
Task: {D941F53F-7907-4FBE-B1E7-69EBD5B3A5D8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {DDAECFC0-67E3-4062-BF25-CD685F73B394} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck
Task: {E7B04252-97CA-42C6-9920-F58B76B2C3E1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24
Task: {E9C9E659-561E-4018-AB4E-56FCC9903B1B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {EA0F78ED-091D-450A-BDCB-2299B3E29A71} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate
Task: {EA9BAA00-6604-4A27-8A73-AFA65F0EE1B3} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {ECEDC57D-8965-4EB1-BD6F-84791D928E23} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 05:42 - 2016-07-16 05:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 15:43 - 2016-12-09 04:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-13 15:43 - 2016-12-09 04:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-17 01:55 - 2016-12-17 01:55 - 01678560 _____ () C:\Users\Amelia\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-12-14 12:25 - 2016-12-14 12:26 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 12:25 - 2016-12-14 12:26 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 12:25 - 2016-12-14 12:26 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 12:25 - 2016-12-14 12:25 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-09-27 22:39 - 2016-09-27 22:39 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-13 15:43 - 2016-12-09 03:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-08 21:44 - 2016-11-02 04:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-08 21:44 - 2016-11-02 04:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-08 21:44 - 2016-11-02 04:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-08 21:44 - 2016-11-02 04:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-08 21:44 - 2016-11-02 04:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-08 21:44 - 2016-11-02 04:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-21 14:50 - 2016-11-29 06:27 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-21 14:50 - 2016-11-29 06:27 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-21 14:50 - 2016-11-29 06:27 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2016-12-25 11:43 - 2016-12-25 11:43 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.18.41.0_x86__8wekyb3d8bbwe\Microsoft.Msn.News.exe
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2016-12-21 14:50 - 2016-11-08 09:46 - 00693248 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-10-25 12:51 - 2016-12-08 09:13 - 00656160 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-10-25 12:50 - 2016-08-31 19:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-10-25 12:51 - 2016-12-19 20:25 - 02322720 _____ () C:\Program Files (x86)\Steam\video.dll
2015-10-25 12:50 - 2016-08-31 19:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-10-25 12:50 - 2016-08-31 19:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-10-25 12:50 - 2016-01-27 01:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-10-25 12:50 - 2016-01-27 01:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-10-25 12:50 - 2016-01-27 01:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-10-25 12:50 - 2016-01-27 01:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-10-25 12:50 - 2016-01-27 01:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-10-25 12:50 - 2016-12-19 20:25 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
 
2016-06-09 01:51 - 2016-07-04 16:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-20 23:01 - 2016-12-05 10:21 - 67304736 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-10-25 12:51 - 2016-12-19 20:25 - 00388384 _____ () C:\Program Files (x86)\Steam\steam.dll
2015-10-25 12:50 - 2015-09-24 17:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-12-25 11:43 - 2016-12-25 11:43 - 12673536 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.18.41.0_x86__8wekyb3d8bbwe\Microsoft.Msn.News.dll
2016-12-25 11:43 - 2016-12-25 11:43 - 00958464 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.18.41.0_x86__8wekyb3d8bbwe\SQLite3Wrapper.dll
2015-09-09 12:50 - 2015-09-09 12:51 - 00645120 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.18.41.0_x86__8wekyb3d8bbwe\Microsoft.Aria.ClientTelemetry.dll
2016-10-03 14:07 - 2016-10-03 14:16 - 03312024 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.18.41.0_x86__8wekyb3d8bbwe\Microsoft.Advertising.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Program Files\Bonjour:Win32App_1
AlternateDataStreams: C:\Program Files\Colasoft Capsa 9 Free Edition:Win32App_1
AlternateDataStreams: C:\Program Files\iTunes:Win32App_1
AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App_1
AlternateDataStreams: C:\Program Files\RogueKiller:Win32App_1
AlternateDataStreams: C:\Program Files\Wireshark:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Apple Software Update:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Battle.net:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Bonjour:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Calibre2:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Freemake:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\I-Funbox DevTeam:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Microsoft Silverlight:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Minimal ADB and Fastboot:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Opera:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Project64 1.6:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Syncios:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\The Sims 4:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\WinRAR:Win32App_1
AlternateDataStreams: C:\WINDOWS\SysWOW64\Adobe:Win32App_1
AlternateDataStreams: C:\Users\Amelia\SkyDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-997560942-130544248-716659739-1001\...\samsungsetup.com -> hxxp://www.samsungsetup.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016020001039\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12242016020001007\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12252016020001034\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12262016020009202\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016020001240\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12242016020001110\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12252016020001223\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12262016020009341\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-997560942-130544248-716659739-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Amelia\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\doctor_who_wallpaper_by_fancyfresco-d5paxdk.jpg
HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016020001478\Control Panel\Desktop\\Wallpaper -> C:\Users\Amelia\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\doctor_who_wallpaper_by_fancyfresco-d5paxdk.jpg
HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12242016020001293\Control Panel\Desktop\\Wallpaper -> C:\Users\Amelia\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\doctor_who_wallpaper_by_fancyfresco-d5paxdk.jpg
HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12252016020001330\Control Panel\Desktop\\Wallpaper -> C:\Users\Amelia\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\doctor_who_wallpaper_by_fancyfresco-d5paxdk.jpg
HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12262016020009472\Control Panel\Desktop\\Wallpaper -> C:\Users\Amelia\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\doctor_who_wallpaper_by_fancyfresco-d5paxdk.jpg
DNS Servers: 172.16.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "nmapp"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-997560942-130544248-716659739-1001\...\StartupApproved\StartupFolder: => "Nexon Launcher.lnk"
HKU\S-1-5-21-997560942-130544248-716659739-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-997560942-130544248-716659739-1001\...\StartupApproved\Run: => "iFunBox"
HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016020001478\...\StartupApproved\StartupFolder: => "Nexon Launcher.lnk"
HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016020001478\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232016020001478\...\StartupApproved\Run: => "iFunBox"
HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12242016020001293\...\StartupApproved\StartupFolder: => "Nexon Launcher.lnk"
HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12242016020001293\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12242016020001293\...\StartupApproved\Run: => "iFunBox"
HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12252016020001330\...\StartupApproved\StartupFolder: => "Nexon Launcher.lnk"
HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12252016020001330\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12252016020001330\...\StartupApproved\Run: => "iFunBox"
HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12262016020009472\...\StartupApproved\StartupFolder: => "Nexon Launcher.lnk"
HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12262016020009472\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-997560942-130544248-716659739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12262016020009472\...\StartupApproved\Run: => "iFunBox"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [UDP Query User{986521FD-E952-4D4B-9453-CE459E9CE683}C:\program files (x86)\freetelly\freetelly.exe] => (Allow) C:\program files (x86)\freetelly\freetelly.exe
FirewallRules: [TCP Query User{DAE06B46-596C-4548-85E1-3B9F86D45B0C}C:\program files (x86)\freetelly\freetelly.exe] => (Allow) C:\program files (x86)\freetelly\freetelly.exe
FirewallRules: [UDP Query User{20252DA1-8F2A-425B-96D5-CE9580E5C5EF}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{BAFD416D-2677-4AA5-AF05-6A9C44ADD404}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{E0CF21CD-20C4-4225-9FCB-074659C6851E}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{CE826451-1077-42B7-8752-F3AB674BA440}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{3AC80B96-3070-40F2-A0D9-BB267AB44B72}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{17C51FAB-5763-4B36-90F3-E835535336E8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D3FC9A25-46CA-4F55-A0FA-E6B054A69562}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{40EED060-1019-44BD-9442-C73319CF7DE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{76B858A8-4E4F-43CE-8C7C-0F50B07EFAB5}] => (Allow) C:\Users\Amelia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FFB75883-7631-4513-8B88-CC15B756C642}] => (Allow) C:\Users\Amelia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{113AF472-DF3D-4558-AA92-616A780DE3DD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AD5A791B-0BFC-4601-89B4-B1A7388DEAD0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7376D5EA-D724-4DAB-BD79-71980315A3A9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1F8A3E1C-8DB1-4F86-95E0-42DDA2EA46DC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2F1343A5-44E0-4C6C-8A58-466FF190B4AC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CD69A2EE-71DF-491A-B3E9-75AFD7441C14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MapleStory\nxsteam.exe
FirewallRules: [{B79701F6-4010-4625-AC8F-AC4A3B6B8ED7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MapleStory\nxsteam.exe
FirewallRules: [{1F276A51-6191-43AA-941C-7533556145FD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C6F61BA4-E378-4BD3-9A0F-CEB1D9F200BF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5751F539-1A2C-4A6F-94BE-21145B0C2B19}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F01F38D5-4D4D-40AF-8EBE-162FCB007689}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{99C3699D-242A-44B5-8873-8A5F376EFE9C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{3AC553A8-0F45-40C1-B022-46A4AF6C88C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wakfu\transition\transition.exe
FirewallRules: [{E0B9274D-F91C-4C03-A3BE-7654F71753C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wakfu\transition\transition.exe
FirewallRules: [{018C4CCF-7290-4DDD-98B0-ADE135EF0FC4}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{DEE97771-057E-4646-95C4-87060CEEC79A}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{63BD1840-2325-4FF6-B9CF-AC3E2DB67828}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{4DD08724-938C-4E55-8DE3-32DA3864010B}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{32FB34F6-E7D1-4DCA-961C-4477667FE4E6}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{290D28BB-D1AF-4B4D-BBBD-4851A010B78C}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{45F1637E-2878-4A47-9636-8804FE66B0B3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{95E937A5-153A-4050-8A61-FA4E50ECB9FA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{AFDC4310-6946-42E9-B785-236E5CF8F3D1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A4C7C0CD-5301-41A9-92F2-FB825015AEE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{BDAC1E89-17C4-4612-B328-A51C505C9861}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{41B4888E-13DA-42B4-87C4-36DD0B2DE38A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shelter\Shelter.exe
FirewallRules: [{0D4FDB7E-2C3F-426F-9BB4-70CA0F770800}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shelter\Shelter.exe

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/22/2016 10:52:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (12/22/2016 07:14:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmiprvse.exe, version: 10.0.14393.0, time stamp: 0x57899ab2
Faulting module name: NetEventPacketCapture.dll, version: 10.0.14393.206, time stamp: 0x57dacea5
Exception code: 0xc0000005
Fault offset: 0x00000000000160d3
Faulting process id: 0x2758
Faulting application start time: 0xwmiprvse.exe0
Faulting application path: wmiprvse.exe1
Faulting module path: wmiprvse.exe2
Report Id: wmiprvse.exe3
Faulting package full name: wmiprvse.exe4
Faulting package-relative application ID: wmiprvse.exe5

Error: (12/22/2016 07:14:13 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: 0x1ProtectionManagement

Error: (12/22/2016 07:14:13 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: 0x1ProtectionManagement

Error: (12/22/2016 07:13:55 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: 0x1ProtectionManagement

Error: (12/22/2016 07:13:55 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: 0x1ProtectionManagement

Error: (12/22/2016 12:04:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AMELIA)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (12/22/2016 12:04:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AMELIA)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (12/21/2016 10:22:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Avira.ServiceHost.exe, version: 1.2.77.32054, time stamp: 0x5853df0a
Faulting module name: KERNELBASE.dll, version: 10.0.14393.479, time stamp: 0x58256d37
Exception code: 0xe0434352
Fault offset: 0x000da832
Faulting process id: 0x14ac
Faulting application start time: 0xAvira.ServiceHost.exe0
Faulting application path: Avira.ServiceHost.exe1
Faulting module path: Avira.ServiceHost.exe2
Report Id: Avira.ServiceHost.exe3
Faulting package full name: Avira.ServiceHost.exe4
Faulting package-relative application ID: Avira.ServiceHost.exe5

Error: (12/21/2016 10:22:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Composition.CompositionException
at System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
at System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
at System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
at System.ComponentModel.Composition.Primitives.Export.get_Value()
at System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
at System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValueCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.ComponentModel.Composition.Primitives.ImportCardinality)
at Avira.OE.ServiceHost.ServiceHost.Initialize()
at Avira.OE.ServiceHost.Program+<>c__DisplayClass13_0.<OnServiceStart>b__0(System.Object)
at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()


System errors:
=============
Error: (12/25/2016 10:42:51 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.

A corruption was found in a file system index structure. The file reference number is 0xb00000004331b. The name of the file is "\Windows\System32\config". The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".

Error: (12/23/2016 12:00:56 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/23/2016 12:00:56 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/23/2016 12:00:56 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/23/2016 12:00:56 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/22/2016 10:51:29 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (12/22/2016 10:48:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/22/2016 10:48:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Avira Web Protection service depends on the Avira Real-Time Protection service which failed to start because of the following error:
%%1070

Error: (12/22/2016 10:48:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Avira Mail Protection service depends on the Avira Real-Time Protection service which failed to start because of the following error:
%%1070

Error: (12/22/2016 10:48:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Avira Real-Time Protection service hung on starting.


CodeIntegrity:
===================================
Date: 2016-12-15 03:13:48.147
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-15 03:13:48.145
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-15 03:13:48.140
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-15 03:13:48.138
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-15 03:13:48.133
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-15 03:13:48.130
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-15 03:13:48.059
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-15 03:13:48.057
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-15 03:13:48.052
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-15 03:13:48.050
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 26%
Total physical RAM: 12190.3 MB
Available physical RAM: 8910.93 MB
Total Virtual: 41886.3 MB
Available Virtual: 37493.61 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:689.38 GB) (Free:240.63 GB) NTFS
Drive d: (MYSIMS_PC) (CDROM) (Total:1.72 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: CCB0A2AB)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=9.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=689.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    4.9 KB · Views: 4
This topic is marked as abandoned and closed due to inactivity.

This member will NOT be eligible to receive any more help in malware removal forum.
 
Status
Not open for further replies.

Similar threads

E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
477
eriksnyman1
E
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
Z
Thunderbolt alternative OCuLink tested for eGPUs, Nvidia's RTX 4090 benchmarked
Replies
8
Views
257
zamroni111
Z

Latest posts

Back