Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015 Ran by Paopaw at 2015-02-01 23:07:05 Running from C:\Users\Paopaw\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1719308311-501218547-3283189548-1000\...\uTorrent) (Version: 3.4.2.36802 - BitTorrent Inc.) 3DMark 11 Demo (HKLM-x32\...\Steam App 221870) (Version: - Futuremark) 3DMark Demo (HKLM-x32\...\Steam App 231350) (Version: - Futuremark) 64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden ACP Application (Version: 2.15.10.0003 - Advanced Micro Devices, Inc.) Hidden Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated) Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.13 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.) Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated) Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated) Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.) AIDA64 Extreme v4.60 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.60 - FinalWire Ltd.) AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden Akamai NetSession Interface (HKU\S-1-5-21-1719308311-501218547-3283189548-1000\...\Akamai) (Version: - Akamai Technologies, Inc) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology) ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.) ASRock eXtreme Tuner v0.1.257 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - ) ASRock InstantBoot v1.29 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - ) ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version: - ASRock Inc.) ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.) Autodesk SketchBook Express 2011 sp2 (HKLM-x32\...\{EB87378B-E64A-4D27-8AB6-0786BAB3AC84}) (Version: 5.20.0000 - Autodesk) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software) Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.0 - Wacom Co., Ltd.) Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation) BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden C4200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden c4200_Help (x32 Version: 82.0.210.000 - Hewlett-Packard) Hidden Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version: - Infinity Ward) CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform) Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CPUID HWMonitor 1.22 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts) CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1611_37043 - CyberLink Corp.) Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden Digital Cable Advisor (HKLM\...\{07ECF9FC-BB47-4325-8345-7BFEC708DDD7}) (Version: 1.0.0.0 - Microsoft Corporation) DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) Dropbox (HKU\S-1-5-21-1719308311-501218547-3283189548-1000\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden Fraps (HKLM-x32\...\Fraps) (Version: - ) Futuremark SystemInfo (HKLM-x32\...\{4115C9AA-35E0-45D8-9363-47635B8750C7}) (Version: 4.29.438.0 - Futuremark) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) HDHomeRun (HKLM\...\{3404F1A7-1A05-44EF-B482-D2BAB39C2B51}) (Version: 1.0.17188.0 - Silicondust) HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart C4200 All-In-One Driver Software 13.0 Rel. 1 (HKLM\...\{14BC5667-22B0-4DC4-8205-597053BBDDC9}) (Version: 13.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard) HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.2.0.1006 - Intel Corporation) Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{D1B033E8-A077-4B0D-9831-5798E19E861E}) (Version: 2.0.1083.0 - Intel) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nike+ Connect (HKLM-x32\...\Nike+ Connect) (Version: 6.6.21 - Nike) Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 140806.90000 - Square Enix Ltd) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.) Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 1.0.1.29754 - Grinding Gear Games) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) PS_AIO_Software_min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden Ragnarok (HKLM-x32\...\Steam App 215100) (Version: - Gravity Interactive) Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc) Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.12.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.12.0 - Renesas Electronics Corporation) Hidden Rhinoceros 5.0 (64-bit) (HKLM\...\{BB435434-EDC8-4E54-B32D-28452CACAEC6}) (Version: 5.1.20927.2230 - Robert McNeel & Associates) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.) Sapphire TRIXX (HKLM-x32\...\Sapphire TRIXX) (Version: - ) Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Spotify (HKU\S-1-5-21-1719308311-501218547-3283189548-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) TeamSpeak 3 Client (HKU\S-1-5-21-1719308311-501218547-3283189548-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) THX TruStudio (HKLM-x32\...\{AFB907F5-C0E6-4753-8284-DE955EF86AC2}) (Version: 1.00.01 - Creative Technology Limited) Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.8.10 - Electronic Arts) Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.) UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden VirtualLab Client 7.0.22 (HKLM-x32\...\VirtualLab 7 Client_is1) (Version: - BinaryBiz) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.) WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.) WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.) WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.) Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts) WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1719308311-501218547-3283189548-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Paopaw\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1719308311-501218547-3283189548-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) CustomCLSID: HKU\S-1-5-21-1719308311-501218547-3283189548-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paopaw\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1719308311-501218547-3283189548-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paopaw\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1719308311-501218547-3283189548-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paopaw\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1719308311-501218547-3283189548-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paopaw\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1719308311-501218547-3283189548-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paopaw\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1719308311-501218547-3283189548-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paopaw\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1719308311-501218547-3283189548-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paopaw\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1719308311-501218547-3283189548-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paopaw\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= ATTENTION: System Restore is disabled. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 18:34 - 2013-02-26 21:15 - 00002187 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 hl2rcv.adobe.com 127.0.0.1 t3dns.adobe.com 127.0.0.1 3dns-1.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-4.adobe.com 127.0.0.1 activate.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 activate.wip.adobe.com 127.0.0.1 activate.wip1.adobe.com 127.0.0.1 activate.wip2.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 activate.wip4.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-1.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 adobe-dns-4.adobe.com 127.0.0.1 ood.opsource.net 127.0.0.1 practivate.adobe 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 ereg.wip.adobe.com 127.0.0.1 ereg.wip1.adobe.com 127.0.0.1 ereg.wip2.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 ereg.wip4.adobe.com 127.0.0.1 wip.adobe.com There are 15 more lines. ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {01CA97F0-BEA4-45A1-8B33-DE749CBBE79F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-31] (Adobe Systems Incorporated) Task: {05F0184F-53D3-4234-9903-1B5018B18EA2} - System32\Tasks\{FB345C27-0C18-414E-AF85-6B9B86B3DCB2} => pcalua.exe -a "P:\Display Driver Uninstaller.exe" -d P:\ Task: {08D80574-F6B2-4771-92BB-95E92ECCCB59} - System32\Tasks\{08A410B7-85DA-4DF6-A87E-3CE9310FB8D0} => pcalua.exe -a P:\Steam\steamapps\common\Ragnarok\Setup_Classic.exe -d P:\Steam\steamapps\common\Ragnarok Task: {09807D91-5439-44FE-BB2F-EEAAE95A146B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {0DE76219-C7A2-42CE-A1F4-90265C040D6F} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-08-31] () Task: {1715BE82-970D-4349-95B2-5B69E1F23DF0} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {3A4A5F4F-5D8B-4005-A8E7-895CCB527F56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {451479F3-9680-45DD-95F8-FA0E60EE2C7F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-01] (AVAST Software) Task: {55013519-D0AC-4A28-990D-321FDF6AEF1A} - System32\Tasks\{FA0B2286-5DCF-43D8-AA4E-E2A14517ADD8} => pcalua.exe -a "P:\Solidworks\SolidWorks 2013 SP3.0 [32 Bits & 64 Bits][MULTi][WwW.LoKoTorrents.CoM]\SolidWorks 2013 SP3.0 [32 Bits & 64 Bits][MULTi][WwW.LoKoTorrents.CoM]\SolidWorks 2013 SP3.0 [32 Bits & 64 Bits][MULTi][WwW.LoKoTorrents.CoM]\setup.exe" -d "P:\Solidworks\SolidWorks 2013 SP3.0 [32 Bits & 64 Bits][MULTi][WwW.LoKoTorrents.CoM]\SolidWorks 2013 SP3.0 [32 Bits & 64 Bits][MULTi][WwW.LoKoTorrents.CoM]\SolidWorks 2013 SP3.0 [32 Bits & 64 Bits][MULTi][WwW.LoKoTorrents.CoM]" Task: {5FCCD95C-2003-442B-9E19-262077EAABF5} - System32\Tasks\asrRd => C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe [2012-01-13] () Task: {60052773-F7F9-4884-AB6A-EDE34AD27655} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: {649CF382-E6C8-4FDD-8160-833DB5FE1F5E} - System32\Tasks\{9A776435-DDD4-44AB-9700-C0DCE1787E3E} => pcalua.exe -a P:\Solidworks\SW2013_SP0.0_64bits_Crack_[hispargentino]\SW2013_SP0.0_[hispargentino]\setup.exe -d P:\Solidworks\SW2013_SP0.0_64bits_Crack_[hispargentino]\SW2013_SP0.0_[hispargentino] Task: {765ED674-C97A-45EC-8103-9F0F43E42AB8} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {7F8BC964-3AAE-4FBE-BFD5-9F54299B158E} - System32\Tasks\{0870E71D-50C8-4A8F-AAA9-0FEE5248F28D} => pcalua.exe -a P:\Steam\steamapps\common\Ragnarok\Setup.exe -d P:\Steam\steamapps\common\Ragnarok Task: {90D54A57-2A93-4C0C-B9E7-4082064BB27B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {944178D2-09FA-4118-969D-97590A3C1E26} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-04-11] (CyberLink) Task: {B86CB36F-60A0-4C78-A96A-610AED7E3F4F} - \GPUP No Task File <==== ATTENTION Task: {C5FC3411-AA6E-459C-9C4C-F30A47351BC2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Task: {DD684B44-05C2-4E2B-A472-30D9AFE960E1} - System32\Tasks\{0138BF93-1C89-49EE-B37E-36AEDDB1333B} => pcalua.exe -a "P:\Solidworks\SolidWorks 2013 SP3.0 [32 Bits & 64 Bits][MULTi][WwW.LoKoTorrents.CoM]\SolidWorks 2013 SP3.0 [32 Bits & 64 Bits][MULTi][WwW.LoKoTorrents.CoM]\setup.exe" -d "P:\Solidworks\SolidWorks 2013 SP3.0 [32 Bits & 64 Bits][MULTi][WwW.LoKoTorrents.CoM]\SolidWorks 2013 SP3.0 [32 Bits & 64 Bits][MULTi][WwW.LoKoTorrents.CoM]" Task: {E06FD0EC-DF89-4A3E-9CCD-07888D6A75C3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd) Task: {EADE3B96-D4E9-4F1D-8CEF-AD5D66812085} - System32\Tasks\AdobeAAMUpdater-1.0-Paopawdecarabao-Paopaw => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated) Task: {F0A43B86-459A-479B-A69F-0A8FADC64FD8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {F7F40014-6F7F-467D-AA1F-EC5F854226BF} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe Task: {FB8843D9-376B-4C5E-8066-99A84569CE2C} - System32\Tasks\{544E5E4E-C2C6-476A-9E70-839DE565D043} => pcalua.exe -a "C:\Users\Paopaw\Downloads\Display Driver Uninstaller.exe" -d C:\Users\Paopaw\Downloads Task: {FEB06D1C-8AB0-4551-83B1-626A16FBE59E} - System32\Tasks\AsrXTU => C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe [2012-07-03] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Loaded Modules (whitelisted) ============= 2014-06-30 19:37 - 2014-08-19 18:12 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe 2014-08-31 05:00 - 2014-08-31 05:00 - 00512512 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe 2012-10-03 22:43 - 2012-07-03 17:32 - 08800592 _____ () C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe 2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe 2012-10-03 22:43 - 2012-01-13 14:47 - 01448744 _____ () C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe 2015-02-01 14:59 - 2015-02-01 14:59 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll 2015-02-01 14:59 - 2015-02-01 14:59 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll 2015-02-01 19:53 - 2013-03-28 19:35 - 04521984 _____ () C:\Program Files (x86)\BinaryBiz\Data Recovery Software\VirtualLab Data Recovery.exe 2015-02-01 13:32 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-02-01 13:32 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-02-01 13:32 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2015-02-01 13:32 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2015-02-01 13:32 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2014-08-31 04:58 - 2014-08-31 04:58 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll 2014-08-31 04:58 - 2014-08-31 04:58 - 00056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll 2014-08-31 04:59 - 2014-08-31 04:59 - 00217600 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll 2014-08-31 04:59 - 2014-08-31 04:59 - 00324608 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll 2014-08-31 05:00 - 2014-08-31 05:00 - 00648192 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll 2012-10-03 22:43 - 2012-02-24 09:53 - 00094208 _____ () C:\Program Files (x86)\ASRock Utility\AXTU\Bin\IccLibDll.DLL 2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll 2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll 2015-02-01 14:59 - 2015-02-01 14:59 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020101\algo.dll 2015-02-01 14:59 - 2015-02-01 14:59 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll 2015-02-01 14:59 - 2015-02-01 14:59 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-07-19 17:18 - 2014-07-15 01:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll 2014-07-19 17:18 - 2014-07-15 01:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll 2014-07-19 17:18 - 2014-07-15 01:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll 2014-07-19 17:18 - 2014-07-15 01:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll 2014-07-19 17:18 - 2014-07-15 01:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll 2014-07-19 17:18 - 2014-07-15 01:24 - 14664008 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll 2015-02-01 19:53 - 2013-03-28 19:33 - 05864448 _____ () C:\Program Files (x86)\BinaryBiz\Data Recovery Software\HDDRecovery\VLHDDRecovery.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Program Files\Common Files\System:uSW9ab2Zn62m8Jgim AlternateDataStreams: C:\ProgramData\Microsoft:2Xp8dlD2snEmwBgNFCL0x AlternateDataStreams: C:\ProgramData\Microsoft:F2rRNEgUdBC0STPTiARY6KeTUk AlternateDataStreams: C:\Users\Paopaw\Local Settings:init AlternateDataStreams: C:\Users\Paopaw\Local Settings:wX52725gdezK9PJzGkHk9DkHeO AlternateDataStreams: C:\Users\Paopaw\AppData\Local:init AlternateDataStreams: C:\Users\Paopaw\AppData\Local:wX52725gdezK9PJzGkHk9DkHeO AlternateDataStreams: C:\Users\Paopaw\AppData\Local\Application Data:init AlternateDataStreams: C:\Users\Paopaw\AppData\Local\Application Data:wX52725gdezK9PJzGkHk9DkHeO AlternateDataStreams: C:\Users\Paopaw\AppData\Local\Temp:0qexuCHDl5ORw6PDPJvzf4MO4 AlternateDataStreams: C:\Users\Paopaw\AppData\Local\Temporary Internet Files:KOfpDFHmqeQg3S7tUMj3G0zD ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: cFosSpeedS => 2 MSCONFIG\Services: Futuremark SystemInfo Service => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2 MSCONFIG\Services: Intel(R) ME Service => 2 MSCONFIG\Services: ISCTAgent => 2 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: MBAMScheduler => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: McNeelUpdate => 2 MSCONFIG\Services: SwitchBoard => 3 MSCONFIG\Services: TabletServicePen => 2 MSCONFIG\Services: TouchServicePen => 2 MSCONFIG\Services: UNS => 2 MSCONFIG\Services: WTabletServiceCon => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: BambooCore => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe MSCONFIG\startupreg: BitTorrent => "C:\Users\Paopaw\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED MSCONFIG\startupreg: EADM => "P:\Origin\Origin.exe" -AutoStart MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 MSCONFIG\startupreg: Nike+ Connect => "C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe" MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: RUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun MSCONFIG\startupreg: SmartViewAgent => "C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe" MSCONFIG\startupreg: Spotify => "C:\Users\Paopaw\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Paopaw\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun MSCONFIG\startupreg: Steam => "P:\Steam\Steam.exe" -silent MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: THX TruStudio NB Settings => "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r MSCONFIG\startupreg: THXCfg64 => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" MSCONFIG\startupreg: XFast LAN => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe MSCONFIG\startupreg: XFastUSB => "C:\Program Files (x86)\XFastUSB\XFastUsb.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-1719308311-501218547-3283189548-500 - Administrator - Disabled) Guest (S-1-5-21-1719308311-501218547-3283189548-501 - Limited - Enabled) => C:\Users\Guest HomeGroupUser$ (S-1-5-21-1719308311-501218547-3283189548-1004 - Limited - Enabled) Paopaw (S-1-5-21-1719308311-501218547-3283189548-1000 - Administrator - Enabled) => C:\Users\Paopaw ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (02/01/2015 09:41:16 PM) (Source: Windows Backup) (EventID: 4104) (User: ) Description: The backup was not successful. The error is: One of the backup files could not be created. (0x8078002A). Error: (02/01/2015 09:41:11 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: NT AUTHORITY) Description: The backup operation that started at '2015-02-02T03:00:10.439964400Z' has failed with following error code '2155348010' (%%2155348010). Please review the event details for a solution, and then rerun the backup operation once the issue is resolved. Error: (02/01/2015 03:11:28 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Paopawdecarabao) Description: Application or service 'Windows Explorer' could not be shut down. Error: (02/01/2015 01:54:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532 Faulting module name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532 Exception code: 0xc0000005 Fault offset: 0x001b08e0 Faulting process id: 0x1a18 Faulting application start time: 0xmbam.exe0 Faulting application path: mbam.exe1 Faulting module path: mbam.exe2 Report Id: mbam.exe3 Error: (01/28/2015 09:07:04 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006). Error: (01/18/2015 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006). Error: (01/11/2015 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006). Error: (01/04/2015 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006). Error: (01/02/2015 04:13:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: vlc.exe, version: 2.1.5.0, time stamp: 0x00000000 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x0000000000018e5d Faulting process id: 0x32ec Faulting application start time: 0xvlc.exe0 Faulting application path: vlc.exe1 Faulting module path: vlc.exe2 Report Id: vlc.exe3 Error: (01/02/2015 02:52:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: vlc.exe, version: 2.1.5.0, time stamp: 0x00000000 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x0000000000018e5d Faulting process id: 0x3158 Faulting application start time: 0xvlc.exe0 Faulting application path: vlc.exe1 Faulting module path: vlc.exe2 Report Id: vlc.exe3 System errors: ============= Error: (02/01/2015 07:53:12 PM) (Source: volsnap) (EventID: 25) (User: ) Description: The shadow copies of volume K: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied. Error: (02/01/2015 02:52:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (02/01/2015 02:39:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (02/01/2015 02:28:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (02/01/2015 02:14:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (02/01/2015 02:13:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error: (02/01/2015 02:13:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (02/01/2015 02:13:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Center Receiver Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (02/01/2015 02:13:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (02/01/2015 02:13:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Spybot-S&D 2 Security Center Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Microsoft Office Sessions: ========================= Error: (02/01/2015 09:41:16 PM) (Source: Windows Backup) (EventID: 4104) (User: ) Description: One of the backup files could not be created. (0x8078002A) Error: (02/01/2015 09:41:11 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: NT AUTHORITY) Description: 2015-02-02T03:00:10.439964400Z2155348010%%2155348010 Error: (02/01/2015 03:11:28 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Paopawdecarabao) Description: 1C:\Windows\explorer.exeWindows Explorer0411749440 Error: (02/01/2015 01:54:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbam.exe1.0.0.53253518532mbam.exe1.0.0.53253518532c0000005001b08e01a1801d03e69a4e13eb0P:\Malwarebytes Anti-Malware\mbam.exeP:\Malwarebytes Anti-Malware\mbam.exee921c091-aa5c-11e4-930b-bc5ff45ad1e5 Error: (01/28/2015 09:07:04 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: K:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006) Error: (01/18/2015 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: K:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006) Error: (01/11/2015 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: K:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006) Error: (01/04/2015 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: K:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006) Error: (01/02/2015 04:13:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d32ec01d026def217ac11P:\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll61a8f2bf-92dd-11e4-803c-bc5ff45ad1e5 Error: (01/02/2015 02:52:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d315801d026ded394b582P:\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll14b12f4d-92d2-11e4-803c-bc5ff45ad1e5 CodeIntegrity Errors: =================================== Date: 2014-08-24 13:33:58.025 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Paopaw\AppData\Local\Temp\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-08-24 13:33:57.987 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Paopaw\AppData\Local\Temp\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-08-24 13:33:57.877 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Paopaw\AppData\Local\Temp\Rar$EXa0.882\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-08-24 13:33:57.841 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Paopaw\AppData\Local\Temp\Rar$EXa0.882\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz Percentage of memory in use: 30% Total physical RAM: 16269.48 MB Available physical RAM: 11334.17 MB Total Pagefile: 20363.66 MB Available Pagefile: 15025.27 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:238.37 GB) (Free:84.47 GB) NTFS Drive d: (Paopawdecarabao) (Fixed) (Total:238.47 GB) (Free:189.93 GB) NTFS Drive k: (SAMSUNG) (Fixed) (Total:931.5 GB) (Free:389.48 GB) NTFS Drive p: (Paopaw) (Fixed) (Total:1024 GB) (Free:712.32 GB) NTFS Drive w: (DeCarabao) (Fixed) (Total:1024 GB) (Free:63.72 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 2C946956) Partition 1: (Not Active) - (Size=238.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 9475CE0D) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS) ======================================================== Disk: 9 (Size: 931.5 GB) (Disk ID: EBE4EBAA) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================