Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Daniel (26-12-2016 09:31:46)
Running from C:\Users\Daniel\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-10-23 11:40:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-963179264-3770265574-2228904462-500 - Administrator - Disabled)
Daniel (S-1-5-21-963179264-3770265574-2228904462-1001 - Administrator - Enabled) => C:\Users\Daniel
Guest (S-1-5-21-963179264-3770265574-2228904462-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-963179264-3770265574-2228904462-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-963179264-3770265574-2228904462-1001\...\uTorrent) (Version: 3.4.9.42973 - BitTorrent Inc.)
123D Design R2.2 (HKLM\...\123D Design) (Version: 2.2.14 - Autodesk, Inc.)
Active@ ISO Burner (HKLM-x32\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.0 - LSoft Technologies)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Autodesk SketchBook (HKLM\...\{215A89B7-A6B4-46F2-9EB2-24F63F480AE5}) (Version: 8.23.0000 - Autodesk)
Autorun Lab (HKLM-x32\...\AutorunLab) (Version:  - )
AVS Video Converter 9.4.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.4.1.594 - Online Media Technologies Ltd.)
Balabolka (HKLM-x32\...\Balabolka) (Version: 2.11.0.612 - Ilya Morozov)
Bandicut (HKLM-x32\...\Bandicut) (Version: 2.6.0.277 - Bandisoft.com)
BlueGriffon version 2.1.1 (HKLM-x32\...\{39D22807-6030-43EA-AA41-70B52F14E1FC}_is1) (Version: 2.1.1 - Disruptive Innovations SAS)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
CEWE fotosvet (HKLM-x32\...\CEWE fotosvet) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Commander-Genius (HKLM-x32\...\CGenius) (Version: 0.1.1 - The Commmander-Genius Team)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
eM Client (HKLM-x32\...\{2A4CAF55-4B18-4B61-BE9E-94A54209F547}) (Version: 7.0.27943.0 - eM Client Inc.)
Fedora Media Writer (remove only) (HKLM-x32\...\Fedora Media Writer) (Version:  - )
FormatFactory 3.9.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.9.5.0 - Free Time)
FreeRIP MP3 Converter 5.5.0.2 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 5.5.0.2 - GreenTree Applications SRL)
GAMI (Gta-Action Mod-Installer) (HKLM-x32\...\GAMI (Gta-Action Mod-Installer)) (Version:  - )
Gaming Keyboard Driver (HKLM-x32\...\{4D2D3DC8-404C-46E2-B57C-49C45BD110AC}) (Version: 1.0 - LXD)
Garrys Mod version 16.02.26 (HKLM\...\{C8F834F5-46EA-4933-8AA9-F6CD7D29EED0}_is1) (Version: 16.02.26 - Strogino CS Portal)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.96.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.96.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
HashTab 6.0.0.28 (HKLM\...\HashTab) (Version: 6.0.0.28 - Implbits Software)
HTML Compiler (HKLM-x32\...\{F64279EF-99C1-4B09-91DD-D33A6F9EF98D}_is1) (Version:  - David Esperalta)
Chrome Remote Desktop Host (HKLM-x32\...\{D669DC52-B1A4-4933-878D-CB80F660D95D}) (Version: 55.0.2883.17 - Google Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{557D160E-2085-4D38-BDA3-1D5D3F74A3A4}) (Version: 6.0.4 - Intel Corporation)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Knoll Light Factory EZ Studio 15 (HKLM-x32\...\Knoll Light Factory EZ Studio 15) (Version:  - )
Kodi (HKU\S-1-5-21-963179264-3770265574-2228904462-1001\...\Kodi) (Version:  - XBMC-Foundation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-963179264-3770265574-2228904462-1001\...\dda9ca0b023f4c56) (Version: 1.6.4.0 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0042 - Lenovo)
LibreOffice 5.2.2.2 (HKLM-x32\...\{69751441-D5E0-4668-893F-CB797B082D09}) (Version: 5.2.2.2 - The Document Foundation)
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Messenger for Desktop (HKU\S-1-5-21-963179264-3770265574-2228904462-1001\...\messengerfordesktop) (Version: 2.0.1 - Alexandru Rosianu)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\Minecraft) (Version: 1.2.* - )
MultiCommander (x64) (HKLM\...\MultiCommander x64) (Version: 6.9.0.2303 - Mathias Svensson)
munt 2.0.0 (HKLM-x32\...\munt 2.0.0) (Version: 2.0.0 - muntemu.org)
MusicBee 3.0 (HKLM-x32\...\MusicBee) (Version: 3.0 - Steven Mayall)
My Program version 1.5 (HKLM-x32\...\{11C0B447-2D00-4891-B686-367E63EDAC63}_is1) (Version: 1.5 - My Company, Inc.)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.16.5 - OBS Project)
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
Pavtube MOD Converter Ver 4.2.0.4620 (HKLM-x32\...\{ED580C51-0549-43DF-B3D5-953B146E61C3}_is1) (Version:  - )
PC Remote Receiver 5.2.3 (HKLM-x32\...\PC Remote Receiver) (Version: 5.2.3 - monect.com)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PicosmosTools 1.7.0.0 (HKLM-x32\...\PicosmosTools) (Version: 1.7.0.0 - Free Time)
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Studio 15 Ultimate Plugins (HKLM-x32\...\{EB5DF19E-75D5-4FF1-AE23-2A9A2E0F2BDD}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Studio 20 (HKLM\...\{4D548AFA-B83A-4C39-A474-AAE833B320AD}) (Version: 20.0.1.109 - Corel Corporation)
Plex Media Server (HKLM-x32\...\{6713f73b-dbfe-45da-a517-33a93ff8c390}) (Version: 1.2.7.2987 - Plex, Inc.)
Plex Media Server (x32 Version: 1.2.2987 - Plex, Inc.) Hidden
PrivateTunnel (HKLM-x32\...\PrivateTunnel) (Version: 2.8.0.3 - OpenVPN Technologies)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.1.2730 - Jan Fiala)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.6.8.66 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Red Giant ToonIt Studio 15 (HKLM-x32\...\Red Giant ToonIt Studio 15) (Version:  - )
Reload Icons Cache 1.00 (HKLM-x32\...\Reload Icons Cache 1.00) (Version: 1.00 - Mr Blade Design's)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Sigil 0.9.7 (HKLM-x32\...\Sigil_is1) (Version:  - Sigil-Ebook)
SkinPack El Capitan 2.0 (HKLM-x32\...\SkinPack) (Version: El Capitan 2.0 - SkinPack)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.11.13348 - Skype Technologies S.A.)
Stopping Plex (x32 Version: 1.2.2987 - Plex, Inc.) Hidden
The Simpsons Hit & Run(TM) (HKLM-x32\...\{F79AAB3A-B8B4-4AC7-94AB-1C4C076C6A89}) (Version: 1.00.000 - )
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.4.1 - Unified Intents AB)
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
Vhd Resizer (HKLM-x32\...\{8FAA57C5-7BD1-4285-B4B1-36D7337D7BE5}) (Version: 1.0.42 - Xcarab)
ViPER4Windows verze 1.0.5 (HKLM\...\{1A0B530D-277E-4735-8A36-65DCF7E157CB}_is1) (Version: 1.0.5 - ViPERs Audio, Inc)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMware Workstation (HKLM\...\{07C33FB0-25C8-4723-A1E4-01868089B961}) (Version: 12.5.2 - VMware, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Updates Downloader (HKLM-x32\...\Windows Updates Downloader) (Version: 2.50 Build 1002 - Supremus Corporation)
WinHTTrack Website Copier 3.48-22 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.1.6137 - WinISO Computing Inc.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinToUSB verze 3.2 (HKLM\...\WinToUSB_is1) (Version: 3.2 - The EasyUEFI Development Team.)
Wondershare Filmora(Build 7.8.0) (HKLM-x32\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08837E46-B86B-497D-924B-463CCAE7464E} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-963179264-3770265574-2228904462-1001 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {0DCCAB66-E8B3-4AB6-847C-BAE6AFDBA422} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-12-10] ()
Task: {13A0ACBA-079B-426D-B774-3B12786F40AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-23] (Google Inc.)
Task: {2B732098-AE5E-4FE3-9D9F-A1F314937D7F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {3B208AF7-E354-426C-8688-C3F2734DD5AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {4ED682E3-69EB-4714-9872-67D2DBFE562D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-12-13] (NVIDIA Corporation)
Task: {5E121C59-6973-4782-8386-728CADCC17B2} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-18] (Realtek Semiconductor)
Task: {72C18C6A-2B44-47AC-AB77-6E0029324256} - System32\Tasks\AdobeAAMUpdater-1.0-ThinkCentre-Daniel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {7562AF15-C9D4-43DC-A5DB-9C42E23A435B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-23] (Google Inc.)
Task: {7E60F5DC-4A6D-4197-ABE8-265FDFB411C5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation)
Task: {89A3E24F-07EC-4E3A-9BC4-2A49ECEC2EE4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-13] (NVIDIA Corporation)
Task: {A05105F1-EC26-4BC3-8377-B155DDB42063} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {A1B85D33-0C48-4B1A-B3CB-51CB9B30D5D0} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {A3FE546C-5C04-4156-AD9D-E3B1D18B8C86} - System32\Tasks\update-S-1-5-21-963179264-3770265574-2228904462-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {D0078235-9810-416B-843C-C072F6BC2BB0} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {DFF9B8A7-53C6-4095-8D72-885AEAD785AE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {EA40B3C3-23FC-4239-9631-4122DF293EEC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {ECFBD307-0628-41DD-B880-475783B4213D} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-28] (Realtek Semiconductor)
Task: {F9A03ABC-A49F-43C4-A81E-F192164DCF49} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {FF142194-F555-4D46-8769-5D6F83E4048B} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-12-10] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\update-S-1-5-21-963179264-3770265574-2228904462-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4aad0171428cd977\Google Chrome.lnk -> C:\Users\Daniel\AppData\Local\Temp\Rar$EXa0.150\Chrome-bin\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2016-11-25 20:34 - 2016-10-22 11:52 - 00383488 _____ () C:\Windows\system32\mt32emu.dll
2016-12-15 14:00 - 2016-12-11 19:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-23 12:17 - 2016-12-13 00:39 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-23 12:17 - 2016-12-13 00:39 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-08-29 18:31 - 2016-08-29 18:31 - 00949480 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
2016-12-17 20:03 - 2016-12-08 09:03 - 02412888 _____ () C:\Users\Daniel\AppData\Local\Temp\Rar$EXa0.150\Chrome-bin\55.0.2883.87\libglesv2.dll
2016-12-17 20:03 - 2016-12-08 09:03 - 00099672 _____ () C:\Users\Daniel\AppData\Local\Temp\Rar$EXa0.150\Chrome-bin\55.0.2883.87\libegl.dll
2016-11-26 23:45 - 2012-02-14 16:33 - 00184320 _____ () C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
2016-11-26 23:45 - 2011-10-09 15:44 - 00069632 _____ () C:\Program Files (x86)\Gaming Keyboard\OSD.exe
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-12-23 12:17 - 2016-12-13 00:39 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-23 12:17 - 2016-12-13 00:39 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-23 12:17 - 2016-12-13 00:39 - 03776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-08 13:15 - 2016-11-08 13:15 - 00083440 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2016-11-08 13:15 - 2016-11-08 13:15 - 00203248 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00427008 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Mail\ac43c76c7517d899c6ed4f8c047aa86c\MailClient.Mail.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00884736 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\HTMLEditorControl\9d3c59e552dd6d7f08d7f3d5bc9a9cf0\HTMLEditorControl.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00250368 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.1d52ed9e#\1e790f07f805618c6a2de8ea20baf85b\MailClient.Collections.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00563200 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\LinqBridge\52cf6dcddf1770e82a6e2e05b40764c9\LinqBridge.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 02072064 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Accounts\3cc588d02170065ac058296e3c5e71c8\MailClient.Accounts.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00446464 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Storage\55932922c40e0bc8aef078d1f1ab7ac6\MailClient.Storage.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 02298880 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Common.UI\a1ae5a1bded1f32dc5d4dbb900c73bf6\MailClient.Common.UI.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00020480 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Interop\44cb726ad73c30a878e83365885eb935\MailClient.Interop.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 03462656 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Protocols\9aa6c05f6ee1cf9137fede069416085e\MailClient.Protocols.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 02324992 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Xilium.CefGlue\550ac1298b0f15df1501f5bc90951913\Xilium.CefGlue.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00095232 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\WinApi\4b387a2139c1a8eb14f57f5ae4a21886\WinApi.ni.dll
2016-09-21 15:40 - 2016-09-21 15:40 - 55719424 _____ () C:\Program Files (x86)\eM Client\libcef.DLL
2016-09-21 15:39 - 2016-09-21 15:39 - 00871936 _____ () C:\Program Files (x86)\eM Client\SQLite\x86\sqlite3.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00075264 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Threading\d493cfa599bea6d7a299d28118e61ae3\MailClient.Threading.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00088576 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Streams\f926f9c0304058e00dcb21e53d60e7d3\MailClient.Streams.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00583680 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.1fd7a4e5#\ba0322889a17dad95b0f3bea457f9a96\MailClient.Storage.Mail.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00578560 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Schedule\7ccc4c0d408ac64a42cd765218bf690f\MailClient.Schedule.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00101376 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.b2c914c9#\aa4f1eb76170785970568961464cabcd\MailClient.Storage.Folders.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00046592 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Commands\fe64e70f371fb4fa74b9cb41b8406aec\MailClient.Commands.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00048640 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.5331ec95#\bc96e3c1ece4103a46a327e9a0e76bcf\MailClient.Storage.Attachment.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00261120 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.6df617c9#\374691645a1228dfe745296ffc283425\MailClient.Storage.Schedule.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00232448 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.f2c61d2c#\e936e693b6589f911a4c697fa6ad94a9\MailClient.Storage.Contact.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00074240 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.9a79bc48#\2fd6fe667b3bd8fef20e3ea47bcc13f6\MailClient.Storage.IM.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00082944 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\SystemCoreTimeZone\d70f7baf2a4e91fb00841bf6cbcbdb8a\SystemCoreTimeZone.ni.dll
2016-12-17 20:46 - 2016-12-17 20:46 - 00031744 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.4824fbfc#\81ed76695e66a8421de8214adffdf57d\MailClient.Storage.Category.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00087552 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.d8481e79#\2435367a484f909d1b2bc4a45183debe\MailClient.Storage.Certificate.ni.dll
2016-12-17 20:46 - 2016-12-17 20:46 - 00031232 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.c1d859fa#\c9bf3194006505db0fd1edf674106baf\MailClient.Storage.Security.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00027136 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.c3eb0b89#\0976a135f7968005bece94ce584bb5fd\MailClient.Storage.Snippet.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00035840 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.319ca19c#\369c4f026afaf0a2af95c97b791a1ab1\MailClient.Storage.Template.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00023040 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.IM\d76a5287b6a265f664c87567b376e0ce\MailClient.IM.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00030208 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.1fe73d22#\5ce52a8277e651751da4f415b5d76763\MailClient.Storage.Rule.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00020992 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.ff7bbfa2#\2f76f878be04a23e171ce5d49071db9a\MailClient.Attachment.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00412160 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Contact\0fab0a8be15dbd114bf4ae4a4e8f00e5\MailClient.Contact.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00075264 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Xilium.CefG0f485e28#\ea7cb75a82f8181f271a54459badd0e5\Xilium.CefGlue.WindowsForms.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 01517568 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsAPICodePack\7f8920c58c20420459c32a2efd51f875\WindowsAPICodePack.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00095744 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Sasl\39b3276ee0d9128481444df9ef34c643\MailClient.Sasl.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00041472 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.2d2de33e#\99cde129c0515c2ddde531ab6a8f6dcb\MailClient.HtmlConversion.ni.dll
2016-12-17 20:45 - 2016-12-17 20:45 - 00842752 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.d5b8df6b#\ce167274a243b522f3a591e66f7e9130\MailClient.Protocols.Exchange.ni.dll
2016-10-26 15:02 - 2016-10-08 15:48 - 01506304 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-10-26 15:02 - 2016-07-21 09:54 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-11-26 23:45 - 2012-03-06 15:14 - 00057344 _____ () C:\Program Files (x86)\Gaming Keyboard\lan.dll
2016-11-07 20:57 - 2016-08-19 16:12 - 00149352 _____ () C:\Program Files (x86)\Razer\Razer Cortex\SimbaDeviceControl.dll
2016-11-07 20:57 - 2016-09-28 18:31 - 00989176 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.Core.dll
2016-11-07 20:57 - 2016-09-28 18:31 - 51063432 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libcef.dll
2016-11-10 14:46 - 2016-11-10 14:46 - 01942528 _____ () C:\Users\Daniel\AppData\Local\messengerfordesktop\app-2.0.1\ffmpeg.dll
2016-12-26 09:04 - 2016-12-26 09:04 - 00402432 _____ () \\?\C:\Users\Daniel\AppData\Local\Temp\3B7.tmp.node
2016-12-23 12:18 - 2016-12-12 15:36 - 00525760 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-12-23 12:18 - 2016-12-12 15:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-12-23 12:18 - 2016-12-12 15:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-12-23 12:18 - 2016-12-12 15:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-12-23 12:18 - 2016-12-12 15:36 - 00447424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-23 12:18 - 2016-12-12 15:36 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-12-23 12:18 - 2016-12-12 15:36 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-23 12:18 - 2016-12-12 15:36 - 00956472 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2016-11-10 14:46 - 2016-11-10 14:46 - 02222592 _____ () C:\Users\Daniel\AppData\Local\messengerfordesktop\app-2.0.1\libglesv2.dll
2016-11-10 14:46 - 2016-11-10 14:46 - 00080896 _____ () C:\Users\Daniel\AppData\Local\messengerfordesktop\app-2.0.1\libegl.dll
2015-03-24 18:01 - 2015-03-24 18:01 - 00192512 _____ () C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GvVGAConfig.dll
2016-12-26 09:06 - 2016-12-26 09:06 - 00402432 _____ () \\?\C:\Users\Daniel\AppData\Local\Temp\A005.tmp.node
2016-11-07 20:57 - 2016-09-28 18:31 - 00659640 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.Core.dll
2016-11-07 20:57 - 2016-09-28 18:31 - 01897704 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libglesv2.dll
2016-11-07 20:57 - 2016-09-28 18:31 - 00082216 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libegl.dll
2016-11-07 21:19 - 2016-09-07 21:42 - 50656768 _____ () C:\Users\Daniel\AppData\Local\razer\InGameEngine\cache\RzFpsApplet\cef\libcef.dll
2016-11-07 21:19 - 2016-09-07 21:42 - 01874944 _____ () C:\Users\Daniel\AppData\Local\razer\InGameEngine\cache\RzFpsApplet\cef\libglesv2.dll
2016-11-07 21:19 - 2016-09-07 21:42 - 00075264 _____ () C:\Users\Daniel\AppData\Local\razer\InGameEngine\cache\RzFpsApplet\cef\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-10-27 13:08 - 00000901 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 platform.wondershare.com 
127.0.0.1 validation.sls.microsoft.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-963179264-3770265574-2228904462-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E87DA52D-B7E4-4084-B7A0-9503DA4D7AC2}] => C:\Program Files\Pinnacle\Studio 20\programs\RM.exe
FirewallRules: [{A6B10777-29B3-4E84-B489-C4DD02904F3E}] => C:\Program Files\Pinnacle\Studio 20\programs\RM.exe
FirewallRules: [{AE5D684C-7C55-4F63-B63C-005AF51CDE73}] => C:\Program Files\Pinnacle\Studio 20\programs\NGStudio.exe
FirewallRules: [{1811D525-D495-4F45-B6D7-87790F3439E1}] => C:\Program Files\Pinnacle\Studio 20\programs\NGStudio.exe
FirewallRules: [{B0780077-4BE2-4224-B160-5BC40E84F5AF}] => C:\Program Files\Pinnacle\Studio 20\programs\UMI.exe
FirewallRules: [{FF767120-8997-4C95-9B52-3713A87C6207}] => C:\Program Files\Pinnacle\Studio 20\programs\UMI.exe
FirewallRules: [{475A61F3-5A3A-48DC-B7B0-566D31710F2C}] => C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{29DB1C7E-48A1-45A1-84D3-1F8C0C9CB18A}] => C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BC1E6D13-BE53-49AD-9D72-A221E9D586ED}] => C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D4DF6827-8825-4CF2-BE26-D91C186339AC}] => C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DF98CD33-9F95-4EB9-BDA5-A674DCAF82F2}] => C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8E3B4F1F-BB71-4D9C-80BE-0C56393BEC7C}] => C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{E1C16D34-978F-4280-A6E3-C76460303BD8}C:\program files\strogino cs portal\garrys mod\hl2.exe] => C:\program files\strogino cs portal\garrys mod\hl2.exe
FirewallRules: [UDP Query User{EC59DEC9-698F-4078-B642-F7729C586BEA}C:\program files\strogino cs portal\garrys mod\hl2.exe] => C:\program files\strogino cs portal\garrys mod\hl2.exe
FirewallRules: [{09A604E7-18DC-4B4E-A2F8-E36B5C138162}] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{34D8B187-7FAF-4804-B3CE-F8F3E3D863FB}] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [TCP Query User{67FDCBC6-0ADB-42D8-9EA7-9047F6E244DC}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{9765A4FF-55A5-42EF-98FF-9EB9C656BA7D}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [{33C8BC30-4F58-466B-BC47-6929248DA91B}] => C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe
FirewallRules: [{6E4CCC10-6EEA-4D08-B44A-CF2AB034651F}] => C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe
FirewallRules: [{239F4978-F0CB-467C-A42D-4C6805AE8A4F}] => C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe
FirewallRules: [{28FD987A-67C8-4649-A609-6C7630E77233}] => C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe
FirewallRules: [{A15B93DA-F775-4E1E-9F5F-AC0BEEAB4855}] => C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe
FirewallRules: [{F95F3AB9-3406-460A-BB71-BBFC01B5C9E7}] => C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe
FirewallRules: [{DEEC0889-5040-4B7D-B468-F3E568F2E53E}] => C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CADD270C-91F4-486A-95A6-C74D521F555A}] => C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{72A45274-1BA1-468D-8082-8EF01146A015}] => C:\Program Files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe
FirewallRules: [{B46A502A-29E7-4E08-A232-4592C63E94B8}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{57666CFD-F957-44A4-BFCA-29EED41ACF5F}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{6C80597B-436C-4A9E-9BBC-E09839E7CDE7}] => C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{2EF48AC6-DC77-43F5-9162-AE7BC7E360E0}] => C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{A48ACF36-F473-401C-AD24-14299C8171FB}] => C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{3BBAD099-E5F0-4119-9B8B-6856CD32E7E0}] => C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{37E3EAEE-1B29-42E4-9178-5EB17CB5FCB8}] => C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [TCP Query User{7A693767-BA8C-460A-AFB3-F34CC18C5C44}C:\portable\skypeportable\skype\app\skype\phone\skype.exe] => C:\portable\skypeportable\skype\app\skype\phone\skype.exe
FirewallRules: [UDP Query User{00A09778-1280-4CEA-8868-AB3628E3117C}C:\portable\skypeportable\skype\app\skype\phone\skype.exe] => C:\portable\skypeportable\skype\app\skype\phone\skype.exe
FirewallRules: [{DB905BD2-1636-444C-A9A5-9845ADB1E8D8}] => C:\Program Files (x86)\PC Remote Receiver\PCRemoteReceiver.exe
FirewallRules: [{F6C79982-8349-4EA0-902B-940BED9B5831}] => C:\Program Files (x86)\PC Remote Receiver\MonectMediaCenter.exe
FirewallRules: [TCP Query User{30CC8CA2-12A6-44F6-A7A9-AEDDCA7128E4}C:\users\daniel\desktop\winpenpack\bin\hfs\hfs.exe] => C:\users\daniel\desktop\winpenpack\bin\hfs\hfs.exe
FirewallRules: [UDP Query User{97611E3E-1974-46B6-AB98-CFB036262F68}C:\users\daniel\desktop\winpenpack\bin\hfs\hfs.exe] => C:\users\daniel\desktop\winpenpack\bin\hfs\hfs.exe
FirewallRules: [TCP Query User{40C40074-82C0-4E0E-9752-29A813970641}C:\portable\skypeportable\skype\app\skype\phone\skype.exe] => C:\portable\skypeportable\skype\app\skype\phone\skype.exe
FirewallRules: [UDP Query User{903AD73F-C27B-409E-954C-A6393972BDC1}C:\portable\skypeportable\skype\app\skype\phone\skype.exe] => C:\portable\skypeportable\skype\app\skype\phone\skype.exe
FirewallRules: [{B9846051-1B44-41A5-87E6-CCBADD035133}] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{FA3B3747-564C-4C4A-A153-DB91BE91FD25}] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{2B0C3398-D077-4138-A743-1BF82BC2C493}] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{5A593EA5-0A24-4B66-AB02-31E6C19FD8AF}] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{9D17CA9E-D4A9-4955-B363-24171FBDA6D4}] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{55AA5B11-C4E8-4C65-B07C-E16A0C07B45E}] => C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{2DC19798-2CF1-4BC8-8A83-B3509C082391}] => C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
FirewallRules: [TCP Query User{FD33E73E-E3A0-4276-891B-2C180007EAA4}C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe] => C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [UDP Query User{EAEFD4F2-A013-4509-A22D-BD53E4E72D72}C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe] => C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [TCP Query User{58112AC0-739E-4F34-B681-909767E7E890}C:\users\daniel\desktop\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => C:\users\daniel\desktop\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{C69B1C3F-767B-49B0-B8F2-BF3B51D525F3}C:\users\daniel\desktop\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => C:\users\daniel\desktop\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{4951320E-AF39-4166-AEC6-A7D7AFFE9378}C:\program files (x86)\nfs world\soapbox_server\java8\bin\java.exe] => C:\program files (x86)\nfs world\soapbox_server\java8\bin\java.exe
FirewallRules: [UDP Query User{4EB3332F-14EF-4735-A429-C64F0E15FEFB}C:\program files (x86)\nfs world\soapbox_server\java8\bin\java.exe] => C:\program files (x86)\nfs world\soapbox_server\java8\bin\java.exe
FirewallRules: [TCP Query User{D20C9C88-17AF-4F66-9611-F136047985F2}C:\program files (x86)\nfs world\game\data\nfsw.exe] => C:\program files (x86)\nfs world\game\data\nfsw.exe
FirewallRules: [UDP Query User{43B3454E-1030-431D-9768-DEA616B87955}C:\program files (x86)\nfs world\game\data\nfsw.exe] => C:\program files (x86)\nfs world\game\data\nfsw.exe
FirewallRules: [TCP Query User{23685C62-E4AD-407A-9CC0-5A6FA3677458}C:\users\daniel\desktop\kodi\kodi.exe] => C:\users\daniel\desktop\kodi\kodi.exe
FirewallRules: [UDP Query User{E7056D3D-809F-4367-8962-879B55E7E3CA}C:\users\daniel\desktop\kodi\kodi.exe] => C:\users\daniel\desktop\kodi\kodi.exe
FirewallRules: [TCP Query User{C7938C84-328A-484F-896C-55B0B191FFE5}K:\kodi\kodi.exe] => K:\kodi\kodi.exe
FirewallRules: [UDP Query User{66E51EA0-FD66-44AE-9854-B04957AC5D22}K:\kodi\kodi.exe] => K:\kodi\kodi.exe
FirewallRules: [{3F60968F-004C-4E69-B802-406513F2C862}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9921C040-1336-4E73-AEEB-07A127F4FB07}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{E2EDC563-3AA8-4267-BDBE-2982624D59A1}C:\users\daniel\appdata\local\temp\rar$exa0.150\chrome-bin\chrome.exe] => C:\users\daniel\appdata\local\temp\rar$exa0.150\chrome-bin\chrome.exe
FirewallRules: [UDP Query User{E799E2E3-4C7F-42F4-9201-BA77208DE7CF}C:\users\daniel\appdata\local\temp\rar$exa0.150\chrome-bin\chrome.exe] => C:\users\daniel\appdata\local\temp\rar$exa0.150\chrome-bin\chrome.exe
FirewallRules: [TCP Query User{EB2798D0-7878-4029-B8FB-2EE4A60BF9BE}C:\program files\winhttrack\winhttrack.exe] => C:\program files\winhttrack\winhttrack.exe
FirewallRules: [UDP Query User{1588CB02-B46A-4234-8C1C-1592FA2B3E1B}C:\program files\winhttrack\winhttrack.exe] => C:\program files\winhttrack\winhttrack.exe
FirewallRules: [TCP Query User{0BCCDAD2-1563-45D3-9BBF-0EAF83250F19}C:\users\daniel\downloads\remixosplayerinstaller-b2016103101.exe] => C:\users\daniel\downloads\remixosplayerinstaller-b2016103101.exe
FirewallRules: [UDP Query User{1A59AD5A-894E-4750-86FF-6267AC5F58A3}C:\users\daniel\downloads\remixosplayerinstaller-b2016103101.exe] => C:\users\daniel\downloads\remixosplayerinstaller-b2016103101.exe
FirewallRules: [{4FD51CDE-1F9B-4B8D-A535-74D2825E2654}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{BD40EFB9-A3C5-40A3-BD46-80E2AFD5FC7D}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{E56C121A-D384-42C5-85C5-49318B7DA369}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{74F14354-DD9E-4F19-A531-27C7A6A4160C}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{642F9857-1316-4AA9-ACAA-0927C436EE37}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{1EA03771-7B34-41DF-85CC-1FEE6A97E32E}C:\program files\garrys mod\hl2.exe] => C:\program files\garrys mod\hl2.exe
FirewallRules: [UDP Query User{F3B2A3BE-C9EA-4E46-BAF3-AA93BA4CA6FB}C:\program files\garrys mod\hl2.exe] => C:\program files\garrys mod\hl2.exe
FirewallRules: [TCP Query User{C86A184F-DEAF-4524-8ADE-7709974C1179}L:\kodi\kodi.exe] => L:\kodi\kodi.exe
FirewallRules: [UDP Query User{408CA638-09B4-4B0C-B24D-B9D1986D2A90}L:\kodi\kodi.exe] => L:\kodi\kodi.exe
FirewallRules: [{9F094E55-DCC7-45BD-9734-9D419420D767}] => C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{933E77DA-DF05-4743-8073-FCA2A0B57DEC}] => C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [TCP Query User{027173A1-65D8-44D7-9B0F-878899110F52}G:\kodi\kodi.exe] => G:\kodi\kodi.exe
FirewallRules: [UDP Query User{E4718D6F-C95F-4395-A8F1-A5390308D8AB}G:\kodi\kodi.exe] => G:\kodi\kodi.exe

==================== Restore Points =========================

25-12-2016 22:14:47 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
25-12-2016 22:43:21 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/26/2016 09:03:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/25/2016 10:23:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service Kodi\032(ThinkCentre)._http._tcp.local. port 456.

Error: (12/25/2016 09:50:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/25/2016 03:49:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Lightshot.exe, version: 5.4.0.1, time stamp: 0x5736b4d1
Faulting module name: GvOsd.dll, version: 2.0.0.1, time stamp: 0x5088a432
Exception code: 0xc0000005
Fault offset: 0x00005d53
Faulting process id: 0xefc
Faulting application start time: 0x01d25ea3121dca28
Faulting application path: C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
Faulting module path: C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GvOsd.dll
Report Id: 4f329590-cab1-11e6-a60a-000272c8c6d3

Error: (12/25/2016 12:35:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/25/2016 01:26:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7425

Error: (12/25/2016 01:26:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7425

Error: (12/25/2016 01:26:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/25/2016 01:26:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6427

Error: (12/25/2016 01:26:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6427


System errors:
=============
Error: (12/26/2016 09:18:54 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (12/26/2016 09:18:54 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (12/26/2016 09:06:41 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (12/26/2016 09:06:41 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (12/26/2016 09:04:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VMware Workstation Server service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (12/26/2016 09:04:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the VMware Workstation Server service to connect.

Error: (12/26/2016 09:04:10 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (12/26/2016 09:04:10 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (12/26/2016 09:04:10 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (12/26/2016 09:04:10 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.


CodeIntegrity:
===================================
  Date: 2016-12-26 09:01:50.622
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-12-26 09:01:50.622
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-12-25 21:47:25.279
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-12-25 21:47:25.279
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-12-25 12:33:19.512
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-12-25 12:33:19.512
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-12-23 15:20:27.586
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-12-23 15:20:27.586
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-12-21 16:05:14.265
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-12-21 16:05:14.265
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU E5500 @ 2.80GHz
Percentage of memory in use: 67%
Total physical RAM: 4095.24 MB
Available physical RAM: 1325.89 MB
Total Virtual: 10184.44 MB
Available Virtual: 6450.67 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:40.65 GB) NTFS
Drive f: (ANACONDA) (Removable) (Total:0.01 GB) (Free:0 GB) NTFS
Drive g: (KODI) (Removable) (Total:1.85 GB) (Free:1.6 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 05A7E913)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 13B46EC8)
Partition 1: (Active) - (Size=1.3 GB) - (Type=00)
Partition 2: (Not Active) - (Size=5 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 MB) - (Type=00)

==================== End of Addition.txt ============================