﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-04-2016
Ran by quinty (2016-04-17 12:34:41)
Running from C:\Users\quinty\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2011-07-05 19:34:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2889759412-3032559083-473084994-500 - Administrator - Disabled)
Guest (S-1-5-21-2889759412-3032559083-473084994-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2889759412-3032559083-473084994-1002 - Limited - Enabled)
quinty (S-1-5-21-2889759412-3032559083-473084994-1000 - Administrator - Enabled) => C:\Users\quinty

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.10.2.40 (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}) (Version: 3.5.7.282 - ArcSoft)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version:  - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CZ (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
EF Englishtown Advanced Speech Recognition version 4.6.449.1 (HKLM-x32\...\EF Englishtown Advanced Speech Recognition_is1) (Version: 4.6.449.1 - Shanghai Kingtas Technology Co., Ltd.)
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 5.1.8 - CEWE Stiftung u Co. KGaA)
FotoMagica (HKLM-x32\...\FotoMagica_FotoMagica) (Version:  - )
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.90.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.90.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Drive (HKLM-x32\...\{B0F1B758-60D6-41F7-93D9-212A448813FE}) (Version: 1.29.1862.0513 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GoPro App (x32 Version: 5.7.549 - GoPro, Inc.) Hidden
GoPro Studio 2.5.7 (HKLM-x32\...\{b996dca2-156c-4d2c-b9a3-59fac08cef33}) (Version: 2.5.7.549 - GoPro, Inc.)
HappyFoto-Designer 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version:  - )
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Media Go (HKLM-x32\...\{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}) (Version: 2.0.317 - Sony)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Might and Magic Heroes VII (HKLM-x32\...\Might and Magic Heroes VII_is1) (Version:  - )
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 362.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 362.00 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 362.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 362.00 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Ovládací panel NVIDIA 362.00 (Version: 362.00 - NVIDIA Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PapíííClock 1.2 (HKLM-x32\...\PapíííClock_is1) (Version:  - Island software)
PRO100 verze 5.26 Demo (HKLM-x32\...\PRO100 Demo verze 5_is1) (Version:  - Ecru Software)
Quick Zip 3.06.3 (HKLM-x32\...\Quick Zip_is1) (Version:  - Joseph Leung)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RelayDefender (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{156c2b3d}) (Version:  - Software Publisher) <==== ATTENTION
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Sony Ericsson Media Manager 1.1 (HKLM-x32\...\{0096A731-71DB-4969-AF1A-651698B246A5}) (Version: 1.1.550 - Sony Ericsson)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1D2F5D83-90ED-47FE-B733-78374E9CE752} - \WinTaske -> No File <==== ATTENTION
Task: {1DBA7B41-C595-4BB9-A551-D33A3FD99D35} - System32\Tasks\{5DAF2CA8-ABC0-4130-B445-696A80D337AA} => pcalua.exe -a C:\Windows\iun6002.exe -c "C:\Program Files (x86)\Codec Pack - All In 1\irunin.ini" <==== ATTENTION
Task: {21C09905-4FD0-4E37-9621-D5FA4EA5CF9A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {367AFF5D-ABD7-47F9-BBE6-EA6D6E918418} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {541B21BB-1DE6-45F6-AB0F-59C9D1F665E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-10] (Google Inc.)
Task: {6B0953A9-C818-42A5-AA8D-1631D4039621} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-10] (Google Inc.)
Task: {A3A12C5B-FB48-445F-9A80-00C6B0629C89} - System32\Tasks\OC GURU II Auto Run => C:\Program
Task: {D2801A79-E06F-48E5-A366-36F496477426} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-10] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\quinty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://trustedsurf.com/?ssid=1459634283&a=1053300&src=sh&uuid=492519f9-e2cb-448f-aa34-c3c1abb44f9b"
ShortcutWithArgument: C:\Users\quinty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://trustedsurf.com/?ssid=1459634283&a=1053300&src=sh&uuid=492519f9-e2cb-448f-aa34-c3c1abb44f9b"
ShortcutWithArgument: C:\Users\quinty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://trustedsurf.com/?ssid=1459634283&a=1053300&src=sh&uuid=492519f9-e2cb-448f-aa34-c3c1abb44f9b"
ShortcutWithArgument: C:\Users\quinty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://trustedsurf.com/?ssid=1459634283&a=1053300&src=sh&uuid=492519f9-e2cb-448f-aa34-c3c1abb44f9b"
ShortcutWithArgument: C:\Users\quinty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://trustedsurf.com/?ssid=1459634283&a=1053300&src=sh&uuid=492519f9-e2cb-448f-aa34-c3c1abb44f9b"
ShortcutWithArgument: C:\Users\quinty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://trustedsurf.com/?ssid=1459634283&a=1053300&src=sh&uuid=492519f9-e2cb-448f-aa34-c3c1abb44f9b"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://trustedsurf.com/?ssid=1459634283&a=1053300&src=sh&uuid=492519f9-e2cb-448f-aa34-c3c1abb44f9b"

==================== Loaded Modules (Whitelisted) ==============

2016-03-06 13:16 - 2016-02-17 08:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-06 13:16 - 2016-02-17 08:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-03-06 13:16 - 2016-02-17 08:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-06 13:02 - 2016-02-23 22:45 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-02-28 23:47 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2014-12-13 00:25 - 2014-12-13 00:25 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2016-03-06 13:03 - 2016-02-17 09:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2012-02-28 23:47 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2012-02-28 23:47 - 2015-10-20 18:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2015-09-07 15:59 - 2015-09-07 15:59 - 00237440 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2015-09-22 10:21 - 2015-09-22 10:21 - 02369920 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2012-02-28 23:47 - 2015-04-21 13:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-04-10 11:26 - 2015-04-10 11:26 - 00669696 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2015-09-07 16:00 - 2015-09-07 16:00 - 00093568 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
2015-09-07 16:00 - 2015-09-07 16:00 - 00143232 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
2015-09-07 16:00 - 2015-09-07 16:00 - 00167296 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
2015-09-07 16:02 - 2015-09-07 16:02 - 00212352 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
2014-12-26 00:19 - 2007-04-19 10:33 - 00035584 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uPiApi.dll
2014-12-26 00:19 - 2007-04-19 10:39 - 00436992 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\fpxlib.dll
2014-12-26 00:19 - 2007-04-19 10:29 - 00273216 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\magengin.dll
2014-12-26 00:19 - 2007-04-19 10:29 - 00187136 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\kgl.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2015-10-03 00:15 - 2015-10-03 00:15 - 02287616 _____ () E:\GoPro\Program\GoPro\Tools\Importer\gopro-lib-win-analytics.dll
2016-04-10 10:55 - 2016-04-08 13:53 - 17532096 _____ () C:\Users\quinty\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.216\pepflashplayer.dll
2016-04-16 11:40 - 2016-04-06 12:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-16 11:40 - 2016-04-06 12:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2016-04-17 12:33 - 2016-04-17 12:33 - 00098816 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\win32api.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00110080 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\pywintypes27.dll
2016-04-17 12:33 - 2016-04-17 12:33 - 00364544 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\pythoncom27.dll
2016-04-17 12:33 - 2016-04-17 12:33 - 00320512 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\win32com.shell.shell.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00776704 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\_hashlib.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 01176576 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\wx._core_.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00806400 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\wx._gdi_.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00816128 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\wx._windows_.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 01067008 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\wx._controls_.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00733184 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\wx._misc_.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00682496 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\pysqlite2._sqlite.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00088064 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\_ctypes.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00119808 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\win32file.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00108544 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\win32security.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00007168 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\hashobjs_ext.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00017920 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\thumbnails_ext.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00088064 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\usb_ext.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00167936 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\win32gui.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00018432 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\win32event.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00046080 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\_socket.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 01208320 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\_ssl.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00128512 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\_elementtree.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00127488 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\pyexpat.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00012288 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\common.time34.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00038912 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\win32inet.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00036864 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\_psutil_windows.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00525208 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\windows._lib_cacheinvalidation.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00011264 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\win32crypt.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00077312 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\wx._html2.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00027136 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\_multiprocessing.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00020480 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\_yappi.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00035840 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\win32process.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00686080 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\unicodedata.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00078848 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\wx._animate.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00123392 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\wx._wizard.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00024064 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\win32pipe.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00010240 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\select.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00025600 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\win32pdh.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00017408 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\win32profile.pyd
2016-04-17 12:33 - 2016-04-17 12:33 - 00022528 ____R () C:\Users\quinty\AppData\Local\Temp\_MEI48722\win32ts.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2889759412-3032559083-473084994-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\quinty\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.163.143.177 - 82.163.142.179
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0867AB0D-C484-4553-B860-BEFCEC0C55C6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{504B8001-6064-481A-8FE1-88D512DB0E6F}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{36686C6A-F4F6-4145-B7C7-7F76D6907CA4}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [TCP Query User{65F221EB-7CF0-4CF3-9A6D-05AEC315C290}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe
FirewallRules: [UDP Query User{F3D68AB4-78DF-4EE7-9976-83A6E3E007CB}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe
FirewallRules: [TCP Query User{532103F2-68E3-4A4D-A8D7-3DF0DCA4EB5A}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe
FirewallRules: [UDP Query User{6709469E-309C-4C63-A87E-652004DF77E4}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe
FirewallRules: [{790A46D1-9E88-4D92-9E3F-EE2F5283A77B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5DBEDEF5-7903-44EE-8B79-C11FB7F2FC24}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B605FAE5-B4C6-49D9-BF8B-E63A49BCF8C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5208F645-25E3-440E-AE37-1226FD9905BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{48FBFA77-F946-45A9-9DA4-831AC30F4C18}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{AE160258-25F2-4A70-B1C4-FEF69FECD367}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DDCDE5B3-9CBF-4346-A874-9DC210182E04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2631D516-CD63-46D6-8576-EB83C0AFBB72}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{168D2DCE-4F0F-47F0-AFCE-6824B98AB83C}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{DC788DFB-4DBE-42D5-8BA0-5B8195456AB3}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{91E5732F-345D-453A-BFFB-CC4AC2D77B69}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{B6AE9988-D9C0-4D7B-9EFE-42E9E034B77A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

16-04-2016 13:07:36 Windows Update
16-04-2016 15:52:25 Windows Update

==================== Faulty Device Manager Devices =============

