﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2016
Ran by Freerider (2016-06-05 12:51:21)
Running from C:\Users\Freerider\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-01-04 21:20:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-670735467-1812237546-1025010430-500 - Administrator - Disabled)
Freerider (S-1-5-21-670735467-1812237546-1025010430-1000 - Administrator - Enabled) => C:\Users\Freerider
Guest (S-1-5-21-670735467-1812237546-1025010430-501 - Limited - Enabled)
UpdatusUser (S-1-5-21-670735467-1812237546-1025010430-1002 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
µTorrent (HKU\S-1-5-21-670735467-1812237546-1025010430-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - )
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{97FCE17A-EE75-465B-A844-3D458CF8B801}) (Version: 4.2.60128.3 - Microsoft Corporation)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bullzip PDF Printer 10.24.0.2543 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.24.0.2543 - Bullzip)
CIC Special Service Utility (HKLM-x32\...\{8535098A-753F-4493-A714-CB14BAC62070}) (Version: 2.0.47 - Bimmer Retrofit)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
Commandos 2: Men of Courage (HKLM-x32\...\Steam App 6830) (Version:  - Pyro Studios)
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: 7.80.4.0 - Conexant)
CorsixTH 0.50 (HKLM-x32\...\CorsixTH) (Version: 0.50 - CorsixTH Team)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Dell Command | Configure (HKLM-x32\...\{DF3680A9-B4C6-48D1-ACEF-0FF004446314}) (Version: 3.1.0.250 - Dell Inc.)
Dell System Detect (HKU\S-1-5-21-670735467-1812237546-1025010430-1000\...\58d94f3ce2c27db0) (Version: 6.12.0.1 - Dell)
Dell System Manager (HKLM\...\{9CC89928-4787-4ED5-9942-4EBF6C2468E6}) (Version: 1.7.10000 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.127 - ALPS ELECTRIC CO., LTD.)
Dotfuscator and Analytics Community Edition 5.19.0 (x32 Version: 5.19.0.2930 - PreEmptive Solutions) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
ESET NOD32 Antivirus (HKLM\...\{1D4A236B-9CC3-4387-86F8-DB5EE3A5D33A}) (Version: 8.0.319.1 - ESET, spol s r. o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.79 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.14.265 - SurfRight B.V.)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Chief Architect Premier X7 (64 bit) (HKLM\...\{57147815-6B14-473A-90E4-A1DAAF563CC0}) (Version: 17.3.1.0 - Chief Architect)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6292.0 - IDT)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.2 - Intel)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.6965.2053 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.6965.2053 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-670735467-1812237546-1025010430-1000\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Project Professional 2016 - cs-cz (HKLM\...\ProjectProRetail - cs-cz) (Version: 16.0.6965.2053 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.6965.2053 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visio Professional 2016 - cs-cz (HKLM\...\VisioProRetail - cs-cz) (Version: 16.0.6965.2053 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.6965.2053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 cs)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5729 - NVIDIA Corporation)
NVIDIA nView 141.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.36 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.95 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.95 - NVIDIA Corporation)
NVIDIA Performance Drivers (HKLM\...\{4C0A8D65-4286-4B58-87FE-18AD24289285}) (Version: 2.2.5.0 - NVIDIA Corporation)
NVIDIA WMI 2.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.18.0 - NVIDIA Corporation)
Odinstalace tiskárny EPSON SX125 Series (HKLM\...\EPSON SX125 Series) (Version:  - SEIKO EPSON Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6925.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6925.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6925.1016 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 341.95 (Version: 341.95 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 1.8.7 - Vaclav Slavik)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
RICOH Media Driver ver.2.11.01.02 (HKLM-x32\...\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}) (Version: 2.11.01.02 - RICOH)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.24730 - Microsoft Corporation) Hidden
Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
SketchUp 2016 (HKLM\...\{E2B66CF6-ABA0-4E5F-B426-7478B18301AE}) (Version: 16.1.1449 - Trimble Navigation Limited)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
soapUI 4.5.2 4.5.2 (HKLM\...\5517-2803-0637-4585) (Version: 4.5.2 - SmartBear Software)
SQL Server 2014 Common Files (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SSC Service Utility v4.30 (HKLM-x32\...\SSC Service Utility_is1) (Version:  - SSC Localization Group)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
TypeScript Power Tool (x32 Version: 1.7.6.0 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.9.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Workstation (HKLM\...\{132E3257-14F1-411A-BC6C-0CA32D3A9BC6}) (Version: 12.0.0 - VMware, Inc.)
VS Update core components (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden
VTFEdit 1.2.5 (HKLM-x32\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WinHTTrack Website Copier 3.48-22 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinSCP 5.7.6 (HKLM-x32\...\winscp3_is1) (Version: 5.7.6 - Martin Prikryl)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-670735467-1812237546-1025010430-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Freerider\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-670735467-1812237546-1025010430-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Freerider\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01C69031-D32E-43EA-BD88-F2EE2B002590} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {0CBE3F4C-29AE-416A-BDF0-9D913EAB3478} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {1408083A-89CA-476E-A9BA-6E374EC6D4DE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-15] (Adobe Systems Incorporated)
Task: {1BCA6DD4-2902-4325-BB14-9A0E2ECE413A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-05-26] (Microsoft Corporation)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {42AEBD6B-5F1C-4A10-96C5-0E39D36B5F90} - System32\Tasks\GoogleUpdateTaskMachineCore1d1aba1b03ff8dd => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {48E9A21F-9C32-4005-ABA5-984F3EEA076B} - System32\Tasks\GoogleUpdateTaskMachineUA1d1aba1b05ad442 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {60609E92-0728-4BAE-810C-2C3683F5FB0A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-26] (Microsoft Corporation)
Task: {8087A724-B84A-4854-9016-E1C2798873FB} - System32\Tasks\{E4BA5613-F60B-428D-BC40-F7FD8EB5693F} => C:\Program Files (x86)\Myanmar Online Family\PasscodeReader\PasscodeReader.exe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {B247DAF7-8625-40F0-B502-E60732827F20} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-05-26] (Microsoft Corporation)
Task: {BC7E2B5B-74BF-443F-8442-20F66081981D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-26] (Microsoft Corporation)
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {D05B1ADE-733D-4014-AF7F-FE77518BA617} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {D7E3D88F-C046-4B9F-9EA8-5AC6ACD107D8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {E89545A5-1DF6-40EB-8DFC-7B69894279F8} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1aba1b03ff8dd.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1aba1b05ad442.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-04-19 20:42 - 2016-01-29 14:08 - 02701880 _____ () C:\Windows\system32\nvwmi64.exe
2016-04-19 20:42 - 2016-01-29 12:49 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-04-30 07:52 - 2010-04-30 07:52 - 06237800 _____ () C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
2015-08-14 15:02 - 2015-08-14 15:02 - 12465344 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2012-06-14 21:11 - 2012-06-14 21:11 - 00325968 _____ () C:\ProgramData\Microsoft\Windows\WER\lua5.1.dll
2015-08-14 15:02 - 2015-08-14 15:02 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2015-08-14 15:02 - 2015-08-14 15:02 - 00191680 _____ () C:\Program Files (x86)\VMware\VMware Workstation\LIBEXPAT.dll
2015-08-14 15:02 - 2015-08-14 15:02 - 00388800 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll
2015-08-14 15:02 - 2015-08-14 15:02 - 00165056 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll
2013-08-22 11:38 - 2013-08-22 11:38 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-08-22 11:41 - 2013-08-22 11:41 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-670735467-1812237546-1025010430-1000\...\dell.com -> dell.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-05-30 23:54 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-670735467-1812237546-1025010430-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Freerider\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.50.1 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{EA08904B-95F8-4BB5-A07D-BAD741E3EBE3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AB809AA4-6A9D-4945-BDB4-446D1340D2B3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{41962FE6-98BE-42BE-AF1E-01A96D17E1DB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B2E0EBDA-887B-4F8C-B0DE-7AF91CB757ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3E5FCEFA-C461-4FE5-A382-94D7470FE11C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C3A4582E-5430-48E3-8041-59AADEE9C674}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1EAF97A8-0352-4BF0-A9AC-9F705909E3BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1B169918-99CC-40A8-9114-F0B564D5D2EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B449DCAD-58CA-420C-9E7C-E7A68FAFEB25}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0F62E546-669E-4291-85E7-69157FE77481}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{8602D8B4-CB99-4FEA-85D9-D851B80A8636}] => (Allow) C:\Users\Freerider\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{65A866B7-E86C-4BDA-870F-1A5241019F08}] => (Allow) C:\Users\Freerider\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{209AFFA1-546F-4FA9-8B9A-03BFB71109DC}] => (Allow) C:\Users\Freerider\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{90A3E285-F88A-4642-8F88-AF2CE88BF237}] => (Allow) C:\Users\Freerider\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{39AD42AF-A5B2-4345-8C51-D197B97A6F24}] => (Allow) C:\Users\Freerider\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DC73B2C1-CFBA-4C5B-98A3-E50D28D33BBA}] => (Allow) C:\Users\Freerider\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0566847B-290E-4D27-AF44-5FECA3C62319}] => (Allow) C:\Users\Freerider\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A9641967-0067-4E21-BECB-8D9F591FB922}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{F3DF3B63-2365-47A1-9015-DD7CD4817147}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{CBDF1D33-0088-4449-AE22-DA021FC8EF83}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{1333F713-6020-4BDA-A725-CA768DA499AB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3CA955C1-DCC1-4581-BB1C-C77A8517EFEE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D99F15F3-75D0-413E-8896-CF880E1105EA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E32FCD61-C908-4EB8-AE77-B6AA28FCA33E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{656897BC-62EE-4FCD-8F50-8598553A41FC}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{46B73DA3-78D3-4CE0-86E7-53E1233248BF}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{F0C8887F-5C12-4BEB-8373-4E86073615E1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{E0255172-D3F6-441C-B7DB-79792A52A716}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{00B88B1B-C8F6-4099-B51C-A3559D6A4E05}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{3A89770E-0D72-4C7A-B255-6094E3D799B7}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{AB9C4D64-02EF-48A4-B89A-3A3737F0F483}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{4DAF3051-A353-407D-BDA4-F3AAF6E50C0B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{98D030C2-B17D-44FB-9871-C60F3FC16DC1}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{3C16170B-58DE-45BE-A440-593D119B0EF7}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [{CF7CF5A8-6EFB-4723-8510-F575382EAAE5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C7671D03-6E40-47AA-9C25-4B2D43FF8072}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Commandos 2 Men of Courage\comm2.exe
FirewallRules: [{D2F94EDE-B884-4DB3-9F5D-847CEEFB6D6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Commandos 2 Men of Courage\comm2.exe
FirewallRules: [{9D4678B8-4778-4728-9B61-8AF4371F2F2A}] => (Allow) C:\Users\Freerider\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{5D7AA470-83CA-4283-8893-B739D8474E1F}] => (Allow) C:\Users\Freerider\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{67BF150C-C831-416A-9EEF-896AD9F343A2}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{7CA64C21-3D11-4570-B07F-C10439F1DD03}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{FD90DBB2-B5B5-4A60-8375-A70DBEDDA17A}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{E14A1D92-CEA0-40AA-84F6-0F785A7AC51B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{5293E092-D166-4BB8-B9B7-5ADAAEDCA44C}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{B9FDAC34-55CD-41A3-B116-8C62977EFFC7}] => (Allow) LPort=135
FirewallRules: [{7F8DA1F3-58A4-46C4-89A6-9098A0E9BEAE}] => (Allow) C:\ElsaWin\bin\ElsaWin.exe
FirewallRules: [{B554ED03-FE10-4280-9F49-35B51395C29D}] => (Allow) C:\ElsaWin\bin\ElsaWin.exe
FirewallRules: [{844B8E80-B874-41DC-884C-E59EF7EA7561}] => (Allow) C:\Program Files (x86)\IDA 6.8\idaq.exe
FirewallRules: [{D8BF97FB-75A0-42AE-9FD4-8EBCFB80029E}] => (Allow) C:\Program Files (x86)\IDA 6.8\idaq.exe
FirewallRules: [{197EFB32-B176-4689-B565-2B37C546160E}] => (Allow) C:\Program Files (x86)\IDA 6.8\idaq64.exe
FirewallRules: [{B53DA6C8-471F-44BA-B62B-2515DAC9BE8C}] => (Allow) C:\Program Files (x86)\IDA 6.8\idaq64.exe
FirewallRules: [{C290E8B7-5817-4732-90B1-3249D43C692C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{46F1BD85-7163-4F8D-863E-BB673F4D10CF}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{034E318B-26C0-4E6A-9F44-37D809EC1C60}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{7922C443-0D57-4E11-8CD8-115620CBFF93}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{908D0648-F1B5-4FA0-94AF-F330A3211A13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Commandos 2 Men of Courage\Legacy\comm2.exe
FirewallRules: [{5ECCCCCC-3590-40E4-AEFD-AB5EE4007F4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Commandos 2 Men of Courage\Legacy\comm2.exe
FirewallRules: [{461E6C4C-D858-4D78-A2D0-06E4A79DC878}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{95B28F01-8B3F-4D82-B051-B2F85FAFE35D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{1A57DF4E-A1DA-4654-BC9E-6B36A895AF0D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{CA2D8594-5438-4D49-8962-BDDE5DD8C5D4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5FA92033-6A79-4C79-92C4-DC12D8622571}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{B45C67A3-4B13-4BB9-97DA-C3904DFA4C5A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{02816D32-14AD-41EA-B189-D6E806432554}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DD821B63-2C77-41AF-9E0E-22F79C18C0BE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{97A3281F-B385-4970-8645-E099ABB45782}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{6FEB92D5-A0DC-4EB4-96CA-E710757E42EF}C:\program files\smartbear\soapui-4.5.2\bin\soapui-4.5.2.exe] => (Allow) C:\program files\smartbear\soapui-4.5.2\bin\soapui-4.5.2.exe
FirewallRules: [UDP Query User{D0EBB4A3-5635-43DD-B06F-A674CA266D0D}C:\program files\smartbear\soapui-4.5.2\bin\soapui-4.5.2.exe] => (Allow) C:\program files\smartbear\soapui-4.5.2\bin\soapui-4.5.2.exe
FirewallRules: [{34D66DB9-7206-4F33-A76F-A863831E480A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5FB11642-CCCC-4366-A87A-6BB003D4D5EF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{10FD3DBC-3593-4AFB-9D7E-CFDC1C49135F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{661ACB18-9C6E-462A-A68F-97E6D53DC4E9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{76B9F0B8-09B1-4932-A003-92D4B7EAAF57}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{49B2E5A1-DBA8-4B88-A6EB-8BD56C3F1746}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Restore Points =========================

05-06-2016 02:33:20 Installed iTunes

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/05/2016 11:19:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2016 06:34:46 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2016-06-07T19:13:46Z. Error Code: 0x80041321.

Error: (06/04/2016 06:29:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2016 06:02:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2016 07:12:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2016 11:39:28 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2016-06-07T19:13:28Z. Error Code: 0x80041321.

Error: (06/02/2016 11:34:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2016 12:32:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

